The Intercept has obtained a "Top Secret" document from an anonymous NSA source that claims the Russian Military Intelligence (a/k/a GRU) hacked into a US company, VR Systems, that sells "electronic voting services and equipment whose products are used in eight states."

The NSA report, dated May 5, 2017, which the Intercept says has been independently authenticated, states that the email account of one "target" at VR Systems was compromised by a spear-fishing attack last fall:

The spear-phishing email contained a link directing the employees to a malicious, faux-Google website that would request their login credentials and then hand them over to the hackers. ... While malicious emails targeting three of the potential victims were rejected by an email server, at least one of the employee accounts was likely compromised, the agency concluded. The NSA notes in its report that it is “unknown whether the aforementioned spear-phishing deployment successfully compromised all the intended victims, and what potential data from the victim could have been exfiltrated.”

VR Systems sells software and equipment in eight states - California, Florida, Illinois, Indiana, New York, North Carolina, Virginia, and West Virginia - that is used to "maintain and verify" voter registration databases. In other words, the software and equipment VR Systems sells is used to monitor voter registration rolls, and thus would be employed to determine who was eligible to vote in those eight states.

Two months after infiltrating VR Sysytems, the reports states the hackers, using a fake VR gmail account that appeared to look like it was associated with the company, directed another spearfishing "operation." This time the hackers:

“[Targeted] U.S. local government organizations.” These emails contained a Microsoft Word document that had been “trojanized” so that when it was opened it would send out a beacon to the “malicious infrastructure” set up by the hackers. The NSA assessed that this phase of the spear-fishing operation was likely launched on either October 31 or November 1 and sent spear-fishing emails to 122 email addresses “associated with named local government organizations,” probably to officials “involved in the management of voter registration systems.” The emails contained Microsoft Word attachments purporting to be benign documentation for VR Systems’ EViD voter database product line, but which were in reality maliciously embedded with automated software commands that are triggered instantly and invisibly when the user opens the document.

Whether the voter databases in those eight states were compromised or not is still under investigation. However, if the recipients did open the malware files in the emails, then the hackers could have obtained what one expert referred to as "persistent access" to any infected computer. In effect, the hackers could have set up a "back door" to download additional malware. An IT security expert interviewed by The Intercept, after reviewing the report, stated this type of hack was of “medium sophistication, ... [that] practically any hacker can pull off.”

Nonetheless, the NSA report, though it is clear it attributes the attack to the GRU, is unclear about the results of this hack attributed to Russia.

It is unknown,” the NSA notes, “whether the aforementioned spear-phishing deployment successfully compromised the intended victims, and what potential data could have been accessed by the cyber actor.”

Experts quoted in the article indicated that they were concerned that the hackers might have been able to obtain control over individual machines or the central vote tabulator to alter the vote count. However, even if that did not happen, it's possible, according to Pamela Smith, president of Verified Voting, that the election could still be "disrupted."

“If someone has access to a state voter database, they can take malicious action by modifying or removing information,” she said. “This could affect whether someone has the ability to cast a regular ballot, or be required to cast a ‘provisional’ ballot — which would mean it has to be checked for their eligibility before it is included in the vote, and it may mean the voter has to jump through certain hoops such as proving their information to the election official before their eligibility is affirmed.”

The Intercept noted that such a voter registration system malfunction in fact did occur in Durham. N.C., which uses VR Systems products. Long lines and the chaos that resulted at those polling places that day did force local officials to switch to paper ballots. However, Durham election officials stated categorically that the problems experienced were not related to any hack or other "suspicious activity" outside what the NC Board of Elections has normally experienced in the past. Though, that in itself is cold comfort for voters.

To sum up, this is what we can glean from the "Top Secret" NSA report obtained by the Intercept:

1. NSA concluded that Russian Military Intelligence (GRU) hacked into VR Systems, a vendor of voter registration software and hardware. 2. The GRU sent out a spearfishing attack to 122 election officials in the eight states where VR Systems voter registration products are used. 3. The NSA does not know what, if any, effect this operation had on election day in the jurisdictions where the company's products were employed. 4. The NSA report was obtained from an anonymous source. The Intercept claims the authenticity of the document was independently verified, thous it did not go into any detail regarding how that was accomplished. 5. The Intercept, after discussions with the NSA, chose to redact some material from the published document.

Perhaps most importantly, the Intercept included the following statement, in the third paragraph of its article, which provides some context and qualifications about the report itself:

While the document provides a rare window into the NSA’s understanding of the mechanics of Russian hacking, it does not show the underlying “raw” intelligence on which the analysis is based [emphasis mine]. A U.S. intelligence officer who declined to be identified cautioned against drawing too big a conclusion from the document because a single analysis is not necessarily definitive.

Make of all that what you will. As to why this document was anonymously leaked to The Intercept, and not one of the larger, more mainstream media outlets that have been pushing the Russia election hacking narrative, is just one of the many questions I have about the information contained in this allegedly Top Secret NSA report that confirms a cyber-attack and possible infiltration of our country's election infrastructure by a Russian governmental agency.

This NSA report, with redactions, can be found at this link.