Mediaboss Marketing

The publication that revealed a classified National Security Agency report on alleged Russian attempts to hack US election-related systems treats the report as possible evidence that Russia tried to rig the vote. More likely, however, the Kremlin expected the vote to be rigged in favor of Hillary Clinton.

According to the leaked report, the Russian military intelligence, GRU, ran a spear-phishing campaign targeting the employees of VR Systems, a voting hardware and software producer. At least one of its employee accounts apparently was compromised. Then the hackers used the harvested credentials to trap local government officials in charge of organizing elections. Emails, coming credibly from a VR Systems employee, contained malware that would have allowed the GRU (although the report provides no clues as to how the attribution was made) to control the computers of these local officials. The NSA doesnt seem to have determined whether the hackers managed that with any of their targets.

Reality Winner, 25, the NSA contractor accused of leaking the report to the Intercept, an online news organization, had an apparent motive: Her Twitter feed (under the name Sara Winners) shows she was disappointed when Donald Trump won the election.

So far, Russias alleged help to Trump in the 2016 election has amounted to Russian sources stealing and publishing emails and documents related to the Clinton campaign. Thats not particularly dangerous to Trump unless it can be shown that his campaign colluded with the hackers or that Russia tried to influence the actual vote count. The report appears to imply just that.

In reality, even if the allegedly GRU-affiliated hackers got into the computers of local officials in the states where VR Systems technology was used, they couldnt have changed the election outcome.

VR doesnt actually make voting machines. It makes electronic poll books that make paper voter rolls unnecessary. They allow an election worker to check a voters personal data against the rolls and issue a ballot. By messing with such a system, hackers could produce confusion, making it difficult for voter names to be verified. They could even enable ineligible people to vote but for such a ploy to work, there would need to be large numbers of such ineligible people available for a massive fraud operation on voting day.

The Intercept story suggests the same local officials who handle the electronic voter rolls also manually install updates on the voting machines. If so, they could inadvertently infect the voting equipment with malware. But even if that happened, it didnt swing any states Trumps way.

Results in the states that use VR equipment and software Florida, Illinois, Indiana, New York, North Carolina, Virginia and West Virginia were not challenged. They yielded no surprises compared with polling data. The big surprises came in Pennsylvania, Michigan and Wisconsin, where VR Systems isnt present.

I have written that its not impossible to rig a US presidential election (and was ridiculed for saying so). The rigging, however, would require a vast conspiracy spanning the entire country and involving local election officials the kind that exists in Russia.

Trump, with his cheap, hastily thrown together campaign infrastructure, could have achieved nothing of the kind, but as the campaign drew to a close, he appeared to fear such an effort from the Obama administration.

Experts pooh-poohed this conspiracy talk, pointing out how disparate the US election system was and what a massive clandestine effort would be required to subvert it. In Moscow, there were people telling President Vladimir Putin that Clinton had all the levers (financial and intelligence service contacts) to falsify a vote.

In other words, hacking VR Systems and the local officials would have been much more useful to the GRU if it had been conducting an intelligence operation to detect pro-Clinton fraud than if it had been planning to rig the election.

The NSA report at best provides additional evidence of Putins skepticism of Trumps ability to beat the US establishment, not of his meddling with vote results.

Bershidsky is a Bloomberg View columnist. He was the founding editor of the Russian business daily Vedomosti and founded the opinion website Slon.ru.

Link:
NSA leak proves nothing about possible Russian hacking - New York Post

If the Reality Winner story sounds like a James Bond movie, Stephen Colbert says that makes Donald Trump "Smallfinger."(Photo: Richard Boeth/CBS)

TV's late night hosts spent the beginning of Tuesday night's show explaining the latest development in the Russian election-meddling scandal for viewers after a contractor from the NSAwas arrested for leaking a top-secret document.

"Daysbefore (the election)?" an incredulousColbert said of the hackers' timing. "Come on,Guccifer.That's just poor planning. You can't leave your hacking to the last minute! Put some thought into it. Nobody wants an election you picked up at Walgreens!"

That said, the CBS host is worried aboutthe Russian hackers' attempts to trick local government employees into opening documents that were infected with malware: "This is how democracy ends: With a fake email sent to the ancient cat lady manning the polling station at your high school gym."

He then got into the arrest of NSA contractor Reality Winner ("It's official: The Trump administration is at war with reality").

"So a young female spy named Reality Winner steals intelligence from the Pluribus Corporation?That sounds like a James Bond movie, which of course makes Trump "Smallfinger!" he sang in his best Shirley Bassey voice.

"This is a confusing story so let me try to break it down," Meyers saidas the show's technical director rapidly switched out photos of the players involved. "Reality Winner leaked information about a reality denier (Putin) who tried to influence the election to support a reality host (Trump) who is detached from reality. So now the (Reality) Winner is the loser and this loser (Putin) who helped this loser (Trump) win is the winner and that's our reality."

Read or Share this story: https://usat.ly/2sTbAQh

More:
NSA leak: Stephen Colbert and Seth Meyers explain our new 'reality' - USA TODAY

Experts say the U.S. election system remains profoundly vulnerable to trickery or sabotage.

HOUSTON A leaked intelligence document outlining alleged attempts by Russian military intelligence to hack into U.S. election systems is the latest evidence suggesting a broad and sophisticated foreign attack on the integrity of the nation's elections.

And it underscores the contention of security experts and computer scientists that the highly decentralized, often ramshackle U.S. election system remains profoundly vulnerable to trickery or sabotage .

The document, purportedly produced by the U.S. National Security Agency, does not indicate whether actual vote-tampering occurred. But it adds significant new detail to previous U.S. intelligence assessments that alleged Russia-backed hackers had compromised elements of America's electoral machinery. It also suggests that attackers may also have been laying groundwork for future subversive activity.

The operation described in the document could have given attackers "a foothold into the IT systems of elections offices around the country that they could use to infect machines and launch a vote-stealing attack," said J. Alex Halderman, a University of Michigan computer scientist. "We don't have evidence that that happened," he said, "but that's a very real possibility."

Computer scientists have proven in the lab that once sophisticated attackers are inside an election network, they could manipulate pre-election programming of its systems and alter results without leaving a trace.

Sen. Mark Warner of Virginia, the ranking Democrat on the Senate intelligence committee, said Tuesday that hacking into state voting systems ahead of the Nov. 8 vote was more widespread than has been disclosed.

Attempts by Russia to "break into a number of our state voting processes" was "broad-based," he said, without offering details. In Moscow, a Kremlin spokesman categorically denied Tuesday that Moscow had tried to hack the U.S. elections.

Warner did not directly address the classified intelligence report published Monday by The Intercept, an online news outlet. The Associated Press has not independently verified the authenticity of the report, although its apparent leaker, an NSA contract worker, was arrested last weekend in Georgia.

The NSA document says Russian military intelligence first targeted employees of a Florida voting systems supplier in August. Apparently exploiting technical data obtained in that operation, the cyber spies later sent phishing emails to more than 100 local U.S. election officials just days ahead of the Nov. 8 vote, intent on stealing their login credentials and breaking into the their systems, the document says.

The emails packed malware into Microsoft Word documents and were forged to give the appearance of being sent by the system vendor, VR Systems of Tallahassee, Florida.

The Department of Homeland Security knew in September that hackers believed to be Russian agents had targeted the voter registration systems of more than 20 states. To date, no evidence of tampering with vote tallies or registration rolls has emerged.

The U.S. elections system is a patchwork of more than 3,000 jurisdictions overseen by the states with almost no federal oversight or standards. The attack sketched out in the NSA document appears designed specifically to cope with that sprawl.

The NSA document did not name any of the states where local officials were targeted by the emails masquerading as being from VR Systems.

But in September, the FBI held a conference call with all 67 county elections supervisors in the battleground state of Florida to inform them of infiltration of VR Systems without naming the company. Ion Sancho, who retired as Leon County supervisor in December, said he later learned from industry contacts that it was VR Systems.

VR Systems officials did not respond directly to questions emailed by the AP. In a statement, the company said it only knows of a "handful" of customers who received the fraudulent email, adding that it had "no indication" that anyone had clicked on the malware. The NSA document says at least one account was likely compromised.

The company makes software for on-site voter registration at polling stations and backend systems for voting management, according to its website, which says it has customers in California, Florida, Illinois, Indiana, New York, North Carolina, Virginia, and West Virginia.

VR Systems' electronic poll books electronic systems used to verify registered voters at polling places experienced problems on Nov. 8 in Durham County, North Carolina. The issue forced officials to abandon the system, issue paper ballots and extend voting hours.

North Carolina's state elections director said Tuesday that officials would investigate to see if officials in Durham County were targeted and possibly compromised.

Iowa University's Douglas Jones is among computer scientists who say voter registration systems are particularly vulnerable to tampering, in part because they are on the internet.

Someone trying to cause chaos and discredit an election could delete names from registration rolls prior to voting or request absentee ballots en masse. In the latter case, a voter showing up at the polls on Election Day would be recorded as having already cast their ballot. That could force voters to file provisional ballots, and provoke long lines.

There is no evidence any of that happened last Election Day.

___

Satter reported from Paris. Associated Press writers Deb Riechmann in Washington, D.C., and Emery D'Alesio in Raleigh, N.C., contributed to this report.

Read more here:
Leaked NSA doc highlights deep flaws in US election system - Gainesville Sun

A federal contractor was arrested over the weekend and accused of leaking a classified report containing "Top Secret level" information on Russian hacking efforts during the 2016 presidential election.

Reality Leigh Winner, 25, appeared in U.S. District Court in Augusta, Ga., to face one charge of removing classified material from a government facility and mailing it to a news outlet, theJustice Department said Monday.

Winner's arrest was announced shortly after the Intercept website published a story detailing how Russian hackers attacked at least one U.S. voting software supplier and sent so-called "spear-phishing" emails to more than 100 local election officials at the end of October or beginning of November.

The Justice Department did not specify that Winner was being charged in connection with the Intercept's report. However, the site noted that the National Security Agency (NSA) report cited in its story was dated May 5 of this year. An affidavit supporting Winner's arrest also said that the report was dated "on or about" May 5.

The Intercept contacted the NSA and the national intelligence director's office about the document and both agencies asked that it not be published. U.S. intelligence officials then asked The Intercept to redact certain sections. The Intercept said some material was withheld at U.S. intelligence agencies' request because it wasn't "clearly in the public interest."

The report said Russian military intelligence "executed cyber espionage operations against a named U.S. company in August 2016 evidently to obtain information on elections-related software and hardware solutions, according to information that became available in April 2017."

The hackers are believed to have then used data from that operation to create a new email account to launch a spear-phishing campaign targeting U.S. local government organizations, the document said. "Lastly, the actors send test emails to two non-existent accounts ostensibly associated with absentee balloting, presumably with the purpose of creating those accounts to mimic legitimate services."

The document did not name any state.

The information in the leaked document seems to go further than the U.S. intelligence agencies' January assessment of the hacking that occurred.

The Washington Examiner reported that Winner worked forPluribus International Corporation and was assigned to a U.S. government facility in Georgia. She had held a top-secret classified security clearance since being hired this past February. The affidavit sworn by FBI agent Justin Garrick said that she had previously served in the Air Force and held a top-secret security clearance.

Late Monday, Wikileaks founder Julian Assange tweeted his support for Winner.

Winner's attorney, Titus Thomas Nichols, declined to confirm whether she is accused of leaking the NSA report received by The Intercept. He also declined to name the federal agency for which Winner worked.

"My client has no (criminal) history, so it's not as if she has a pattern of having done anything like this before," Nichols told the Associated Press in a phone interview Monday. "She is a very good person. All this craziness has happened all of a sudden."

Garrick said in his affidavit that the government was notified of the leaked report by the news outlet that received it. He said the agency that housed the report determined only six employees had made physical copies. Winner was one of them. Garrick said investigators found Winner had exchanged email with the news outlet using her work computer.

Garrick's affidavit said he interviewed Winner at her home Saturday and she "admitted intentionally identifying and printing the classified intelligence reporting at issue" and mailing it to the news outlet.

Asked if Winner had confessed, Nichols said, "If there is a confession, the government has not shown it to me."

House Oversight Committee Chairman Rep. Jason Chaffetz, R-Utah, praised the arrest in an appearance on Fox News' "The Story with Martha MacCallum."

"When you have classified information, you cannot put that out there just because you think it would be a good idea," Chaffetz said. "I want people in handcuffs and I want to see people behind bars."

Chaffetz also criticized federal agencies for failing to protect sensitive information after a series of high-profile leaks.

"They have hundreds of thousands of people that have security clearances," Chaffetz said. "There are supposed to be safeguards in there ...But how many times do we have to see this story happen? They obviously dont have the safeguards."

The Associated Press contributed to this report.

See the article here:
NSA contractor accused of leaking top secret report on ...

CNN is told by sources that the document Winner allegedly leaked is the same one used as the basis for the article published Monday by The Intercept, detailing a classified National Security Agency memo. The NSA report, dated May 5, provides details of a 2016 Russian military intelligence cyberattack on a US voting software supplier, though there is no evidence that any votes were affected by the hack.

US intelligence officials tell CNN that the information has not changed the January 2017 Intelligence Community Assessment, which found: "Russian intelligence obtained and maintained access to elements of multiple US state or local electoral boards. DHS assesses that the types of systems Russian actors targeted or compromised were not involved in vote tallying."

Prosecutors say when confronted with the allegations, Winner admitted to intentionally leaking the classified document -- and she was arrested June 3 in Augusta, Georgia.

An internal audit revealed Winner was one of six people who printed the document, but the only one who had email contact with the news outlet, according to the complaint. It further states that the intelligence agency was subsequently contacted by the news outlet on May 30 regarding an upcoming story, saying it was in possession of what appeared to be a classified document.

The Intercept's director of communications Vivian Siu told CNN the document was provided anonymously.

"As we reported in the story, the NSA document was provided to us anonymously. The Intercept has no knowledge of the identity of the source," Siu said.

"Releasing classified material without authorization threatens our nation's security and undermines public faith in government. People who are trusted with classified information and pledge to protect it must be held accountable when they violate that obligation," Deputy Attorney General Rod Rosenstein said in a statement Monday.

Winner faces up to 10 years in prison for leaking classified information. Winner's court-appointed attorney, Titus Nichols, said a detention hearing will take place on Thursday in Augusta, where the judge will determine whether to release her on bond. Winner did not enter a plea in her initial appearance Monday.

Last month Attorney General Jeff Sessions slammed leaks in the wake of the Manchester attacks, saying: "We have already initiated appropriate steps to address these rampant leaks that undermine our national security."

Winner's mother said that her daughter is "touch and go" in an interview with CNN on Monday.

"I think she's trying to be brave for me," Billie Winner said. "I don't think she's seeing a light at the end of the tunnel."

She also said her daughter wasn't especially political and had not ever praised past leakers like Edward Snowden, to her knowledge. "She's never ever given me any kind of indication that she was in favor of that at all," her mother said. "I don't know how to explain it."

Nichols told CNN that Winner spent six years in the military, speaks Farsi and Pashtun, and has been with her current company since 2017. He added that he has not received any evidence from the government about the arrest warrant and case files, and hasn't seen evidence of a relationship between his client and the reporter.

"She's just been caught in the middle of something bigger than her," Nichols said.

Virginia Sen. Tim Kaine, the former Democratic vice presidential candidate, said on CNN's "Erin Burnett OutFront" that people who leak classified information should face the full force of the law, but added that Americans need to know much more about alleged Russian attempts to influence the election.

"Somebody who leaks documents against laws has got to suffer the consequences" Kaine said. "But the American public is also entitled to know the degree to which Russia invaded the election to take the election away from American voters."

Kaine noted he knew of no evidence that showed Russia affected machine voting totals and said he was referring to intelligence assessments that Russia had acted to influence the election.

The October information appears to be part of what is contained in the new NSA document, but the document contains additional details.

Most significantly, as CNN reported at the time, and The Intercept also reports Monday based on the this document, that there is still no evidence any votes were affected by Russian hacking.

CNN's David Shortell and Nick Valencia contributed to this report.

See the article here:
Contractor charged with leaking classified NSA info on ...