Hackers associated with Russia’s military intelligence agency targeted a company with information on US voting software days before the election and used the data to launch “voter registration-themed” cyberattacks on local government officials, according to a top-secret National Security Agency document that was leaked to The Intercept.
The NSA document offers the clearest indication yet that Russian hackers sought to penetrate US voting systems tied to voter registration in the days and weeks leading up to the election.
“Russian intelligence obtained and maintained access to elements of multiple US state or local electoral boards,” the NSA concluded, citing information “that became available in April 2017.” The NSA did not draw any conclusions on whether the effort had any effect on the election’s outcome, according to The Intercept.
Click through the key players in Trump-Russia connection allegations:
Key players in Trump-Russia connection allegations
Paul Manafort signed on as Donald Trump’s campaign manager in March 2016. A longtime Republican strategist and beltway operative, Manafort had previously served as an adviser to former Ukrainian president Viktor Yanukovich — a pro-Russia leader who was violently ousted in 2014. Manafort resigned from his campaign position in August 2016 amid questions over his lobbying history in Ukraine for an administration supportive of Russia. The former campaign manager reportedly remained in Trump’s circle during the post-election transition period.
Gen. Michael Flynn was named President Trump’s national security adviser in November of 2016. Flynn reportedly met and spoke with Russian Ambassador Sergey Kislyak in December, at one point discussing sanctions. Flynn originally told Vice President Pence he did not discuss sanctions — a point the Department of Justice said made the national security adviser subject to blackmail. Flynn resigned from his position in February.
Outgoing Russian ambassador to the United States Sergey Kislyak is the Russian official U.S. attorney general Jeff Sessions — communication Sessions denied during his Senate committee hearing testimony.
Stone is a longtime Republican political consultant who served as a campaign adviser to Trump who continued to talk with the then-GOP candidate after stepping away from his adviser role. Stone claimed last year that he had knowledge of the planned WikiLeaks release of emails pertaining to Hillary Clinton and the Democratic National Committee. Stone recently admitted to speaking via direct message with “Guccifer 2.0” — an online entity U.S. officials believe is tied to Russia. Stone says the correspondence was “completely innocuous.”
Former U.S. senator Jeff Sessions from Alabama joined Trump’s campaign as a foreign policy adviser in February 2016. Sessions was nominated to be U.S. attorney general by President Trump and was then confirmed by the Senate. Reports then emerged that Sessions had spoken twice with Sergey Kislyak while he was senator — a fact that he left out of his Senate hearing testimony. Instead, he said in writing that he had not communicated with any Russian officials during the campaign season. Sessions defended himself saying he had spoken with Kislyak specifically in a senate capacity.
Russian President Vladimir Putin
The American intelligence community accused Putin in Jan. 2017 of ordering a campaign to undermine trust in the American electoral process, developing a clear preference for Trump as president. “We assess Russian President Vladimir Putin ordered an influence campaign in 2016 aimed at the US presidential election. Russia’s goals were to undermine public faith in the US democratic process, denigrate Secretary Clinton, and harm her electability and potential presidency. We further assess Putin and the Russian Government developed a clear preference for President-elect Trump,” the report read.
Comey publicly confirmed in March an FBI inquiry into Russia’s involvement in the 2016 election. “The F.B.I., as part of our counterintelligence effort, is investigating the Russian government’s efforts to interfere in the 2016 president election,” Comey stated.
Page worked for Merrill Lynch as an investment banker out of their Moscow office for three years before joining Trump’s campaign as a foreign policy adviser. During his time with Merrill Lynch, Page advised transactions for two major Russian entities. Page has called Washington “hypocritical” for focusing on corruption and democratization in addressing U.S. relations with Russia. While Page is someone Trump camp has seemingly tried to distance itself from, Page recently said he has made frequent visits to Trump Tower.
Before Gordon joined the Trump campaign as a national security adviser in March 2016, he served as a Pentagon spokesman from 2005 through 2009. Like others involved in Trump-Russia allegations, Gordon met with ambassador Kislyak in July at the Republican National Convention, but has since denied any wrongdoing in their conversation. He advocated for and worked to revise the RNC language on and position toward Ukraine relations, so it was more friendly toward Russia’s dealings in the country.
Discover More Like This
BACK TO SLIDE
The NSA did not respond to request for comment from Business Insider, but the agency confirmed the document’s authenticity to The Intercept.
The Russian hackers also attempted to gain access to accounts associated with absentee balloting, “presumably with the purpose of creating those accounts to mimic legitimate services,” according to the report. But it is ” unknown whether the aforementioned spear-phishing deployment successfully compromised all the intended victims, and what potential data from the victim could have been exfiltrated,” the NSA report said.
Cybersecurity experts fear that hackers breached the voter registration systems hoping they would be networked to actual voting machines, according to the Intercept.
“I would worry about whether an attacker who could compromise the poll book vendor might be able to use software updates that the vendor distributes to also infect the election management system that programs the voting machines themselves,” Alex Halderman, director of the University of Michigan Center for Computer Security and Society and an electronic voting expert, told the publication.
“Once you do that, you can cause the voting machine to create fraudulent counts,” he said.
Pamela Smith, president of the election integrity watchdog Verified Voting, told The Intercept that access to a state voter database would allow a hacker to ” take malicious action by modifying or removing information.”
“This could affect whether someone has the ability to cast a regular ballot, or be required to cast a ‘provisional’ ballot,” she said, “which would mean it has to be checked for their eligibility before it is included in the vote, and it may mean the voter has to jump through certain hoops such as proving their information to the election official before their eligibility is affirmed.”
Russian President Vladimir Putin has long denied that the Kremlin had ordered cyberattacks on the Democratic National Committee and Hillary Clinton’s campaign chairman, John Podesta, during the 2016 election.
But he said last week that “patriotically minded” Russians, whom he compared to artists, might have taken it upon themselves “to fight against those who say bad things about Russia,” according to The New York Times, which was present at his news conference with Russian and foreign outlets in St. Petersburg on Thursday.
The statement was the closest Putin has come to acknowledging the view of US intelligence agencies that Russian hackers were behind the campaigns targeting Democrats during last year’s election.
“We’re not doing this at the state level,” Putin said. But he implied that it would be patriotic for private Russian citizens to “start making contributions — which are right, from their point of view — to the fight against those who say bad things about Russia.”