Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Compliance

NSA Contractor Charged With Leaking Russia Hacking Report

A federal contractor has been charged with removing classified material from a government facility and mailing it to a news outlet, the U.S. Department of Justice announced on Monday.

A federal contractor has been charged with removing classified material from a government facility and mailing it to a news outlet, the U.S. Department of Justice announced on Monday.

Reality Leigh Winner, 25, of Augusta, Georgia, had worked as an NSA contractor with Pluribus International Corporation since mid-February. Winner allegedly abused her top secret clearance to access a classified intelligence report, which she printed and mailed to a news outlet that has not been named by authorities.

The news outlet in question is said to be The Intercept, which published an article on Monday based on top secret NSA documents claiming that hackers linked to Russia’s military had repeatedly attempted to break into U.S. voting systems before last year’s presidential election. The Intercept said it obtained the NSA materials from an anonymous source.

According to court documents, reporters informed intelligence officials of their intention to publish an article. The copy of the document provided by the news outlet to officials was “folded and/or creased,” which allowed government investigators to determine that the document had been printed and physically carried out of the facility.

An internal audit showed that a total of six individuals had printed the leaked report and one of them was Winner. An analysis of the desk computers used by these six individuals revealed that Winner had contacted the news outlet via email.

The FBI obtained a search warrant for Winner’s residence, and authorities said the woman admitted printing the report and mailing it to the news organization, despite knowing that the material was classified.

Winner printed the classified report on May 9 and mailed it a few days later. She was arrested by the FBI on June 3 and on Monday she was charged with removing classified material from a government facility and mailing it to a news outlet.

“Exceptional law enforcement efforts allowed us quickly to identify and arrest the defendant,” said Deputy Attorney General Rod J. Rosenstein. “Releasing classified material without authorization threatens our nation’s security and undermines public faith in government. People who are trusted with classified information and pledge to protect it must be held accountable when they violate that obligation.”

Advertisement. Scroll to continue reading.

The article published by The Intercept based on documents provided by Winner revealed that hackers associated with Russian military intelligence, specifically the Russian General Staff Main Intelligence Directorate (GRU), sent spear-phishing emails to employees of VR Systems, a Florida-based vendor of electronic voting services and equipment, in order to trick them into handing over their credentials.

The hackers then used the compromised credentials to deliver malware to local government employees by posing as the vendor. It’s unclear, however, if this phase of the attack was successful.

The United States has officially accused Russia of attempting to interfere with its presidential elections, but Moscow has repeatedly denied the accusations. Last week, Putin once again denied that the Russian government is involved in hacking operations, but admitted that patriotic hackers could launch politically motivated attacks against “those speaking ill of Russia.”

The U.S. is currently conducting an investigation to assess the impact of cyberattacks on the outcome of the elections, but Putin is convinced that hackers cannot influence an election campaign.

Related: DHS Uses Cyber Kill Chain to Analyze Russia-Linked Election Hacks

Related: Trump’s Intel Bosses Reiterate – Russia Meddled in Election

Related: Ex-CIA Chief Says He Warned Russia to Stay Out of Election

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Artificial Intelligence

The CRYSTALS-Kyber public-key encryption and key encapsulation mechanism recommended by NIST for post-quantum cryptography has been broken using AI combined with side channel attacks.

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...