A secret National Security Agency document reportedly shows that the Russian military launched a cyberattack against a U.S. voting software company, and sent phishing emails with malware-infected Microsoft Word documents to over 100 election officials shortly before the November 2016 election.
The highly-classified NSA document was leaked to The Intercept, which did not divulge its source.
The New York Post reports that Reality Leigh Winner, a 25-year-old federal contractor at Pluribus International Corporation in Augusta, Georgia, was charged by the U.S. Justice Department on June 5 with "removing classified material from a government facility and mailing it to a news outlet," The Intercept, in early May.
Deputy Attorney General Rod J. Rosenstein released a statement:
Releasing classified material without authorization threatens our nation’s security and undermines public faith in government. People who are trusted with classified information and pledge to protect it must be held accountable when they violate that obligation.
According to The Intercept, the NSA report on the Russian hacking -- dated May 5, 2017 -- has been independently authenticated.
The NSA report doesn't go into detail on the "raw" intelligence that the agency used, but does say that the Russian General Staff Main Intelligence Directorate was behind the hacking:
Russian General Staff Main Intelligence Directorate actors … executed cyber espionage operations against a named U.S. company in August 2016, evidently to obtain information on elections-related software and hardware solutions. … The actors likely used data obtained from that operation to … launch a voter registration-themed spear-phishing campaign targeting U.S. local government organizations.
Russian President Vladimir Putin told senior editors of international news agencies on June 1 that Russia was not involved in hacking elections in the U.S. or Europe, noted The Associated Press.
"I'm deeply convinced that no hackers can radically influence another country's election campaign," Putin stated. "No hackers can influence election campaigns in any country of Europe, Asia or America."
Putin said it was possible that individual "patriotic" hackers could have been responsible for the cyber attacks.
"If they have patriotic leanings, they may try to add their contribution to the fight against those who speak badly about Russia," Putin added. "Theoretically it's possible."
The NSA report does not say if Russia's hacking actually affected the 2016 U.S. presidential election, but the agency does say that the hackers were part of a team with a "cyber espionage mandate specifically directed at U.S. and foreign elections."
The U.S. voting software company was not directly identified in the report, but is believed to be Florida-based VR Systems, which provides software for eight states: New York, California, Florida, Illinois, Indiana, North Carolina, Virginia, and West Virginia.
The NSA and the Office of the Director of National Intelligence refused to comment to The Intercept, although the NSA requested The Intercept not publish the document; The Intercept published the document against the NSA's wishes, but agreed to some redaction requests from the intelligence agency.