The plot thickens
A highly classified National Security Agency report obtained by The Intercept suggests Russian military intelligence could have breached aspects of the U.S. voting system ahead of the 2016 presidential election. The report, sent anonymously to The Intercept and independently verified, revealed that Russia tried to hack a U.S. voting software supplier and also sent "spear-phishing emails to more than 100 local election officials" just before Election Day, The Intercept reported:
It states unequivocally in its summary statement that it was Russian military intelligence, specifically the Russian General Staff Main Intelligence Directorate, or GRU, that conducted the cyber attacks described in the document:
"Russian General Staff Main Intelligence Directorate actors … executed cyber espionage operations against a named U.S. company in August 2016, evidently to obtain information on elections-related software and hardware solutions. … The actors likely used data obtained from that operation to … launch a voter registration-themed spear-phishing campaign targeting U.S. local government organizations." [The Intercept]
Many details remain unclear, such as whether this activity affected the election's outcome. The Intercept also noted that one intelligence official warned against relying too much on a single analysis to draw conclusions.
However, the report seems to align with a review released by the Obama administration in January which stated that "Russian intelligence obtained and maintained access to elements of multiple U.S. state or local electoral boards." The Department of Homeland Security said that the systems in question were "not involved in vote tallying"; the NSA report suggests the attacks instead may have been "focused on parts of the system directly connected to the voter registration process."