The Intercept has been one of the biggest skeptics about Russian interference in the 2016 election, so the fact that they just produced a scoop that brought this saga to a new level should give even the most hardened cynic pause. Here is their lede that sent shivers down my back:
Russian Military Intelligence executed a cyberattack on at least one U.S. voting software supplier and sent spear-phishing emails to more than 100 local election officials just days before last November’s presidential election, according to a highly classified intelligence report obtained by The Intercept.
Here’s a vital fact to keep in mind before we dive into this report:
If you're still skeptical, here is the actual report they obtained from the NSA. The Intercept brings in a ton of context and opinion from outside experts, so do not miss out on their incredibly important piece. For our purposes here at Paste, we'll drill down on the important takeaway from the NSA's report. Here is what the NSA is accusing Russian Military Intelligence (GRU) of doing:
executed cyber espionage operations against a named U.S. company in August 2016, evidently to obtain information on elections-related software and hardware solutions, according to information that became available in April 2017. The actors likely used data obtained from operation to create a new email account and launch a voter registration-themed spear-phishing campaign targeting U.S. local government organizations. The spear-phishing emails contained a Microsoft Word document trojanized with a Visual Basic script which, when opened, would spawn a PowerCell instance and beacon out to malicious infrastructure. In October 2016, the actors also created a new email address that was potentially used to offer election-related products and services, presumably to U.S.-based targets. Lastly, the actors sent test emails to two non-existent accounts ostensibly associated with absentee balloting, presumably with the purpose of creating those accounts to mimic legitimate services.
In short, GRU launched a spear-phishing campaign (like Russian-backed groups did with the DNC) against an unnamed company integral to the voting process. At least one targeted account was compromised, and hackers then attempted to use that information to target local government officials—with an eye towards absentee ballots. Some of this was done in October and November, just days before the election. It doesn't take a whole lot of imagination to see a simple plan that fits into these reported events.
— Russians hack an election systems vendor with information on voters.
— Russians pose as the election systems vendor to gain access to local officials.
— Once inside, Russians monkey around with absentee ballots, which is easier than messing with in-person voting.
— If they did this in the right states—say three in particular where a football stadium's worth of people determined the outcome—they could sway the entire election.
Again, none of this says that anything did change because of these attempted intrusions, but the NSA report also falls short of categorially denying that they did not make a tangible impact either. This paragraph from The Intercept perfectly summarizes the issue at the heart of this:
But the system's decentralization is also a vulnerability. There is no strong central government oversight of the election process or the acquisition of voting hardware or software. Likewise, voter registration, maintenance of voter rolls, and vote counting lack any effective national oversight. There is no single authority with the responsibility for safeguarding elections. Christian Hilland, a spokesperson for the FEC, told The Intercept that “the Federal Election Commission does not have jurisdiction over voting matters as well as software and hardware in connection with casting votes. You may want to check with the Election Assistance Commission.”
Admiral Mike Rogers, who serves as the Director of the NSA, is poised to testify in front of Congress this week, and Steve Clemons, writer for The Atlantic told MSNBC that:
“watch the Senate Intelligence Committee hearings on Wednesday. National Security Agency Director Mike Rogers may have a bomb to drop in this, as well as Dan Coates. I have been tipped off that Mike Rogers has a story to tell as well that goes right along the lines that our friend David Corn has shared.”
Every step along the way in this saga, the journalists plugged in to this story have dropped hints about things they have heard but cannot confirm. It's difficult to look at this leak and not inherently tie it to whatever Clemons was referencing, as it may be designed to either sway Rogers' testimony or to supplement it. One thing is for certain, his briefing on Wednesday just got a whole lot more interesting.
Even some of the most die-hard conspiracy theorists have stopped short of accusing the Russians of changing the actual vote totals themselves, as that was impossible to prove—plus it escalated this ordeal to an entirely new level of nefariousness. That impossibility has been shattered now that The Intercept released an NSA report demonstrating clear and specific intent on the part of the Russian government. The fact that they explicitly name Russian Military Intelligence as the culprit is of vital importance, as this plan eschewed the traditional trope of the Kremlin using cutouts like Fancy Bear and Cozy Bear that they can drop the moment things go south. It means that this operation was so delicate that the Kremlin put it in some of the most trusted hands they know.
If this is true (and the fact that the NSA asked The Intercept to not report it at all, and then bargained them down to a simple redaction suggests that it is), then that means we have entered a new chapter in this saga. Hold on to your hats folks—with Mike Rogers testifying on Wednesday and former FBI Director James Comey on Thursday, we may be living in an entirely different world by the end of the week.
UPDATE: The NSA is really, really not pleased:
Jacob Weindling is a staff writer for Paste politics. Follow him on Twitter at @Jakeweindling.