Russian hackers attacked at least one U.S. voting software supplier days before last year’s presidential election, according to a government intelligence report leaked Monday that suggests election-related hacking penetrated further into U.S. voting systems than previously known. The classified National Security Agency report, which was published online by The Intercept, does not say whether the hacking had any effect on election results. But it says Russian military intelligence attacked a U.S. voting software company and sent spear-phishing emails to more than 100 local election officials at the end of October or beginning of November. U.S. intelligence agencies declined to comment. However, the Justice Department announced Monday it had charged a government contractor in Georgia with leaking a classified report containing “Top Secret level” information to an online news organization. The report the contractor allegedly leaked is dated May 5, the same date as the document The Intercept posted online.
The document said Russian military intelligence “executed cyber espionage operations against a named U.S. company in August 2016 evidently to obtain information on elections-related software and hardware solutions, according to information that became available in April 2017.”
The hackers are believed to have then used data from that operation to create a new email account to launch a spear-phishing campaign targeting U.S. local government organizations, the document said. “Lastly, the actors send test emails to two non-existent accounts ostensibly associated with absentee balloting, presumably with the purpose of creating those accounts to mimic legitimate services.”
The document did not name any state.