Slashdot Mirror

← Back to Stories (view on slashdot.org)

Top-Secret NSA Report Details Russian Hacking Effort Days Before 2016 Election (theintercept.com)

Posted by msmash on from the getting-to-the-bottom-of-things dept.

Russian hacking groups played a larger role in the 2016 election than anyone realized, according to a highly-classified NSA document published today in The Intercept. The document reveals that a Russian intelligence operation sent spear-phishing emails to more than 100 local election officials days before the election, which ran through a hack of a U.S. voting software supplier. The Russian cyber espionage operation was functional for months before the 2016 U.S. election. From the report: It states unequivocally in its summary statement that it was Russian military intelligence, specifically the Russian General Staff Main Intelligence Directorate, or GRU, that conducted the cyber attacks described in the document: "Russian General Staff Main Intelligence Directorate actors ... executed cyber espionage operations against a named U.S. company in August 2016, evidently to obtain information on elections-related software and hardware solutions. ... The actors likely used data obtained from that operation to ... launch a voter registration-themed spear-phishing campaign targeting U.S. local government organizations." This NSA summary judgment is sharply at odds with Russian President Vladimir Putin's denial last week that Russia had interfered in foreign elections: "We never engaged in that on a state level, and have no intention of doing so." Putin, who had previously issued blanket denials that any such Russian meddling occurred, for the first time floated the possibility that freelance Russian hackers with "patriotic leanings" may have been responsible. The NSA report, on the contrary, displays no doubt that the cyber assault was carried out by the GRU.

6 of 456 comments (clear)

  1. Re:Let me guess - it's just the Russians by Anonymous Coward · · Score: 2, Informative

    Because he's a private citizen worried about the rise of the far-right in Europe?

  2. Re:I miss the old slashdot by MightyMartian · · Score: 5, Informative

    There are plenty of putinbots out there, but also plenty of alt-right types who pretty much openly admire autocrats like Putin

    --
    The world's burning. Moped Jesus spotted on I50. Details at 11.
  3. Re:Hmmm by Bradbo · · Score: 4, Informative

    The report doesn't say "using an IP address from Russia" -- it says it was from the Russian Military. I don't think the NSA would get the two confused. Also, the report says that at least one email account was probably compromised ("probably" being intel-speak for "very high confidence"). With a compromised email account, further phishing attacks are much more likely to be successful. So we don't know the extent of the hacking results (at least from this one report), but it was not a "attempt to hack" but a "successful hack" with unknown-as-yet damage.

  4. Re:Hmmm by dog77 · · Score: 3, Informative

    Here is report from Cloudstrike on why they beleive it was the Russians: https://www.crowdstrike.com/bl...

  5. Re:Even if there was hacking.... by Minupla · · Score: 4, Informative

    Intent != crime.

    Generally speaking breaking into someone else's system and sending a spear phishing email would get you well into illegal.

    Quoting form the NPR's article at: http://www.npr.org/2017/06/05/...

    VR Systems, a Florida-based election systems provider referenced in the material, said in a statement:

    "When a customer alerted us to an obviously fraudulent email purporting to come from VR Systems, we immediately notified all our customers and advised them not to click on the attachment. We are only aware of a handful of our customers who actually received the fraudulent email and of those, we have no indication that any of them clicked on the attachment or were compromised as a result."

    Now we can argue on if it impacted the results of the election. I don't think anyone knows the answer to that question, but it now appears the question of if there was an attempt by someone to infiltrate the electoral system is pretty solidly answered.

    Attribution is a trickier problem, but I'll buy that the NSA has pretty good resources at its fingers for that, and they seem pretty conclusive in the documents provided by the Intercept.

    It'll be interesting to see how this comes out, but I'm now convinced that a crime occurred, since VR Systems has confirmed such and any vested interest they have in the matter would be to deny rather then confirm, as it'll undoubtedly damage them commercially going forward.

    Min

    --
    On the whole, I find that I prefer Slashdot posts to twitter ones because I don't get limited to 140 chars before
  6. Re:Hmmm by bmo · · Score: 3, Informative

    But then since that's all they've used to prove it was ZOMG RUSSIANS, and that even US courts now know that an ip address != an entity, then the actual evidence that has been presented is....

    0.

    Nothing, zero, zip, nada, void, zilch, aught, nil, zot.

    I wrote a post earlier about the US population getting lied into every war for the duration of my life on this planet so far, which is over half a century. They are lying /again/.

    And they're not hiding it well. They're just recycling the old arguments. Because it hasn't changed since Maj. Gen. Smedley Butler wrote "War is a Racket."

    I suggest you read it.

    --
    BMO