Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Threat Intelligence

6/6/2017
12:35 PM
50%
50%

NSA Report: Russian Military Hackers Targeted US Voting Software, Election Officials

Top-secret NSA report leaked by now-arrested federal contractor to journalists shows levels to which Russian hacking machine targeted US election.

A federal contractor was arrested by federal officials last weekend after watermarks on printouts of top-secret NSA information on Russia's hacking activities in the US election were traced to her after she anonymously shared the stolen files with The Intercept.

Reality Winning's arrest came even before The Intercept published its report yesterday that is based on the May 5 NSA intelligence she sent them via hard-copy. The top-secret NSA analysis report says Russian military hackers launched a cyberattack on a US voting software supplier as well as waged a spear-phishing campaign against 100 local US election officials just before the November 2016 presidential election. 

The report basically indicates possible deeper election-hacking activity by Russia than was publicly known. 

The Intercept received the files anonymously, and the publication's efforts to validate their autenthicity with the US government ultimately led to Winning's unmasking. The US Department of Justice yesterday announced that the 25-year-old Winner had been arrested on June 3, in her Augusta, Georgia, home and charged with "removing classified material from a government facility and mailing it to a news outlet, in violation of 18 U.S.C. Section 793(e)."

DoJ did not mention The Intercept article, which published yesterday as well, nor the contents of the document.

According to The Intercept's article, the NSA report says:

"Russian General Staff Main Intelligence Directorate actors … executed cyber espionage operations against a named U.S. company in August 2016, evidently to obtain information on elections-related software and hardware solutions. … The actors likely used data obtained from that operation to … launch a voter registration-themed spear-phishing campaign targeting U.S. local government organizations."

Read The Intercept report here, and the DoJ announcement here.

 

 

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
6/7/2017 | 8:58:44 AM
Understanding the implications
Understanding the implications for the individual of bringing government information to the press for the individual, I don't know why the government would not want to disclose this information themselves around Russia's malicious involvment.
The Cold Truth about Cyber Insurance
Chris Kennedy, CISO & VP Customer Success, AttackIQ,  11/7/2019
Black Hat Q&A: Hacking a '90s Sports Car
Black Hat Staff, ,  11/7/2019
Why Cyber-Risk Is a C-Suite Issue
Marc Wilczek, Digital Strategist & CIO Advisor,  11/12/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-17330
PUBLISHED: 2019-11-12
The Web server component of TIBCO Software Inc.'s TIBCO EBX contains multiple vulnerabilities that theoretically allow authenticated users to perform stored cross-site scripting (XSS) attacks, and unauthenticated users to perform reflected cross-site scripting attacks. Affected releases are TIBCO So...
CVE-2019-17331
PUBLISHED: 2019-11-12
The Data Exchange Web Interface component of TIBCO Software Inc.'s TIBCO EBX Add-ons contains a vulnerability that theoretically allows authenticated users to perform stored cross-site scripting (XSS) attacks. Affected releases are TIBCO Software Inc.'s TIBCO EBX Add-ons: versions up to and includin...
CVE-2019-17332
PUBLISHED: 2019-11-12
The Digital Asset Manager Web Interface component of TIBCO Software Inc.'s TIBCO EBX Add-ons contains a vulnerability that theoretically allows authenticated users to perform stored cross-site scripting (XSS) attacks. Affected releases are TIBCO Software Inc.'s TIBCO EBX Add-ons: versions up to and ...
CVE-2010-2488
PUBLISHED: 2019-11-12
NULL pointer dereference vulnerability in ZNC before 0.092 caused by traffic stats when there are unauthenticated connections.
CVE-2010-3438
PUBLISHED: 2019-11-12
libpoe-component-irc-perl before v6.32 does not remove carriage returns and line feeds. This can be used to execute arbitrary IRC commands by passing an argument such as "some text\rQUIT" to the 'privmsg' handler, which would cause the client to disconnect from the server.