Russian government hackers carried out a cyberattack against one USA voting software vendor last August and launched a spear-phishing attack targeting local US organizations days before the 2016 USA election, according to a highly classified report within the National Security Agency.
The Intercept contacted the NSA and the national intelligence director's office about the document and both agencies asked that it not be published. The Intercept, which published its story Monday, apparently provided authorities with a copy of a top-secret NSA document discussing details of alleged Russian interference in US elections.
In one, the Russian hackers posed as another voting company, referred to as USA company 2, from which they sent phony test emails - offering "election-related products and services".
While the document doesn't say the hacking changed any votes, it "raises the possibility that Russian hacking may have breached at least some elements of the voting system, with disconcertingly uncertain results".
Reality Leigh Winner, 25, was arrested on Saturday and appeared in federal court on Monday.More news: London attacks: Two of the three killers identified
More news: Pirates of the Caribbean 5 dominates box office
More news: Apple Unveils Powerful New iMac Pro
The report itself doesn't offer raw intelligence, The Intercept said, but analyzes intelligence the NSA recently acquired. "Classified information is being given to media that could have a devastating effect on U.S. FIND NOW".
In late October, the hackers sent emails to 122 addresses tied to "local government organizations", the document says, adding that "officials involved in the management of voter registration systems" were the likely targets. Its products are used in eight states: California, Florida, Illinois, Indiana, New York, North Carolina, Virginia, and West Virginia.
The federal agency victor worked for first became aware of Winner's alleged leak after being contacted by the news outlet for comment.
"My client has no (criminal) history, so it's not as if she has a pattern of having done anything like this before", Nichols said in a phone interview Monday. "All this craziness has happened all of a sudden".
Court documents said victor had a top-security clearance as a member of the Air Force on active duty from January 2013 until February 2017 when she began a stint with Pluribus International Corporation, a government contractor, in Georgia. The DOJ also said the report victor released was dated May 5, the same date on the report received by The Intercept.