By Joe Uchill - 06-05-17 16:59 PM EDT
Russian intelligence agents hacked a U.S. voting systems manufacturer in the weeks leading up to the 2016 election, according to a National Security Agency investigation report leaked to The Intercept.
The Intercept reported Monday that the NSA believes hackers used that breach to obtain information used to spearphish its customers.
The report, marked top secret and only to be shared with the "Five Eyes" nations (Canada, Britain, New Zealand and Australia), claims the Russian intelligence agency GRU targeted more than 120 email addresses associated with local government organizations, which it speculates were taken from the earlier hack.
The news comes as former FBI Director James Comey is set to testify before the Senate Intelligence Committee this week amid multiple ongoing probes into the Kremlin's interference in last year's vote. The U.S. intelligence committee believes Moscow hacked multiple groups with the intention of helping to elect President Trump.
Though the manufacturer victimized by the attack has its name masked throughout the report, contextual clues imply that it might be VR Systems.
The email account used to spearphish customers is listed as firstname.lastname@example.org, and the attack made use of malware-infected files with titles that reference to the EViD poll book system. The report makes reference to voter-registration themed phishing attacks against third parties possibly using information from the account, making it likely the company is somehow related to registration or voter roles.
VR's website says EViD products were used in California, Florida, Illinois, Indiana, North Carolina, New York and Virginia. The company is based in Florida.
The NSA document alleges the GRU have hacked the voting systems company using a false Google alert requiring a target to enter login credentials. According to the report, it also attempted a parallel campaign using a false email account meant to be confused with a second company.
The report does not claim that voting machines were hacked, a once-popular post-election theory from Democrats, nor does it state whether the information pertaining to the voting systems could be used to hack those systems.
According to the document, the investigation only began in the last few months. The document claims the investigation was spurred by "information that became available in April 2017."