Earlier this afternoon, the Intercept reported that according to a "top secret NSA document", Russian Military Intelligence "executed a cyberattack on at least one U.S. voting software supplier and sent spear-phishing emails to more than 100 local election officials days before election."
The NSA document, reportedly dated May 5, analyzes recently acquired intelligence about "a months-long Russian intelligence cyber effort against elements of the U.S. election and voting infrastructure." The document notes that investigation only began in the last few months. The document claims the investigation was spurred by "information that became available in April 2017."
According to the Intercept, the report is "the most detailed U.S. government account of Russian interference in the election that has yet come to light. It is said to reveal that that Russian hacking may have penetrated further into U.S. voting systems than was previously understood" and "states unequivocally in its summary statement that it was Russian military intelligence, specifically the Russian General Staff Main Intelligence Directorate, or GRU, that conducted the cyber attacks described in the document." This is what the document alleges:
Russian General Staff Main Intelligence Directorate actors … executed cyber espionage operations against a named U.S. company in August 2016, evidently to obtain information on elections-related software and hardware solutions. … The actors likely used data obtained from that operation to … launch a voter registration-themed spear-phishing campaign targeting U.S. local government organizations.
While the manufacturer victimized by the attack has its name masked throughout the report, the Hill suggests that it might be VR Systems. The email account used to spear-phish customers is listed as firstname.lastname@example.org, and the attack made use of malware-infected files with titles that reference to the EViD poll book system. The report makes reference to voter-registration themed phishing attacks against third parties possibly using information from the account, making it likely the company is somehow related to registration or voter roles. VR's website says EViD products were used in California, Florida, Illinois, Indiana, North Carolina, New York and Virginia. The company is based in Florida.