Threat Management, Threat Intelligence, Threat Management

NSA contractor Reality Winner accused of leaking NSA documents on election hack


A National Security Agency contractor has been accused of leaking classified information pertaining to possible Russian interference in the 2016 election and transmitting it to a news organization.

Reality Leigh Winner, 25, a contractor with Pluribus International Corporation and working in a U.S. federal facility in Georgia, was named in a criminal complaint filed in the United States District Court for the Southern District of Georgia. The news agency mentioned is not named in the court documents, but according to published reports is The Intercept.

According to the documents, the FBI said that when confronted with the evidence Winner admitted printing the classified information, removing it from her office and mailing it from her hometown of Augusta, Ga., to the news agency. This was done, she told the FBI, even though she knew it could cause injury to the U.S.

The filing also showed that on June 1 the FBI was notified by "a U.S. government agency" that it had been contacted by a news organization claiming it would soon run a story based on what it believed to be classified documents from the agency. 

On June 5 The Intercept posted a story detailing how it had obtained a top-secret NSA document that detailed Russian cyberattacks and attempted interference during the 2016 election cycle. The online news outlet also posted a link to the NSA document itself.

Once the agency saw the document in question it was able to narrow down to six individuals who had printed the report and upon further investigation and an examination of their computers revealed Winner had contact with The Intercept. 

Specifically, the document said the Russian General Staff Main Intelligence Directorate, or GRU, conducted the cyberattacks, according to highly classified National Security Agency documents obtained by The Intercept.

“Russian General Staff Main Intelligence Directorate actors…executed cyberespionage operations against a named U.S. company in August 2016, evidently to obtain information on elections-related software and hardware solutions,” the document said. “The actors likely used data obtained from that operation to … launch a voter registration-themed spear-phishing campaign targeting U.S. local government organizations.”

The documents went on to say that the NSA  analysis does not draw conclusions about whether the interference had any effect on the election's outcome and that the full extent of the hacker accomplishments remains unknown.

The attacks allegedly focused on parts of the system directly connected to the voter registration process, including a private sector manufacturer of devices that maintain and verify the voter rolls. Some of these devices may have had  wireless internet and Bluetooth connectivity which could have enabled further compromise.

If true, the statement contradicts earlier reports from Russian President Vladimir Putin who last week said that his nation had never interfered in foreign elections, although "patriotic hackers" may have.   

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.