Federal contractor arrested after NSA document published on news site

The document that the woman leaked to a news site stated that Russia Military Intelligence hacked at least one supplier of US voting software before the 2016 election.

A federal contractor was arrested in Georgia Monday in connection with a classified NSA report on Russian election interference published by the online publication The Intercept.

According to the top secret document, Russian military intelligence conducted a cyber attack on at least one supplier of voting software and sent phishing emails containing malicious software to more than 100 local election official days before the 2016 election, The Intercept reported.

After the Intercept story was published Monday, the Justice Department announced the arrest of a 25-year-old federal contractor from Georgia in connection with the disclosure.

Reality Leigh Winner, a contractor with Pluribus International Corp., who has held a top secret security clearance since at least February, made her first federal court appearance in Augusta, Ga., Monday afternoon.

“Winner printed and improperly removed classified intelligence reporting, which contained classified national defense information from an intelligence community agency and unlawfully retained it,’’ court documents stated, adding that material was taken May 9. “Approximately a few days later, Winner unlawfully transmitted by mail the intelligence reporting to an online news outlet.’’

Deputy Attorney General Rod Rosenstein credited federal law enforcement agents with acting “quickly to identify and arrest the defendant.’’

“Releasing classified material without authorization threatens our nation’s security and undermines public faith in government,’’ Rosenstein said.

According to The Intercept, the classified May 5 intelligence report “is the most detailed U.S. government account of Russian interference in the election that has yet come to light." The NSA report says it is based on information it obtained in April, but the document does not reveal the “raw” intelligence that led to the report’s conclusions.

According to the NSA document, Russian intelligence “executed cyber espionage operation against a named U.S. Company in August 2016, evidently to obtain information on elections-related software and hardware solutions.” The report's authors have no doubt the Russian General Staff Main Intelligence Directorate, or GRU, was behind the operation.

The Russian "spear-fishing" attack involved sending local government employees emails that appeared to be from e-voting vendors containing Microsoft Word documents loaded with malware. Once the recipient opened one of the documents, the hackers would gain control of the infected computer.

In order for the emails to seem legitimate, the Russians tried to hack an election software company's email system, The Intercept reported. At least one employee's account was likely hacked, according to the report.

"Although the document does not directly identify the company in question, it contains references to a product made by VR Systems, a Florida-based vendor of electronic voting services and equipment whose products are used in eight states," The Intercept reported.

In late October, the hackers began to send emails that appeared to be from a VR system employee, the document says. The emails were sent to 122 addresses tied to local government organizations and officials involved in voter registration, The Intercept reported. The emails contained "trojanized" attachments that would allow the hackers to gain access to the infected computer.

"It is unknown,” the NSA wrote, according to The Intercept, “whether the aforementioned spear-phishing deployment successfully compromised the intended victims, and what potential data could have been accessed by the cyber actor.”

The Intercept is an online publication started in 2013 by journalists Glenn Greenwald, Laura Poitras and Jeremy Scahill in the wake of Edward Snowden’s revelations about NSA surveillance.

The report published Monday is based on a “top-secret National Security Agency document” provided by an anonymous source. The report was “independently authenticated,” according to The Intercept.

An unnamed U.S. intelligence officer told The Intercept not to read too much into the document because “a single analysis is not necessarily definitive.”

© 2017 USATODAY.COM


JOIN THE CONVERSATION

To find out more about Facebook commenting please read the
Conversation Guidelines and FAQs

Leave a Comment