A former National Security Agency employee will plead guilty to leaking a top-secret report detailing how the Russian government tried to hack US election systems, her mother and her supporters at the Courage Foundation say.
Reality Winner, who worked as an analyst in the NSA's Georgia station, was arrested last year after the Intercept published a top-secret chart detailing a spear-phishing operation conducted by Russian intelligence officers against county election workers throughout the United States in the months leading up to the 2016 election.
Until the document was leaked, the government had kept the extent of the Russian hacking attempts secret. Even now, it is unclear if any of the spear-phishing attempts were successful. The government has not publicly addressed the campaign, though it has blamed Russian government hackers for two prominent cyberattacks related to the 2016 US election, the hacking and leaking of Democratic Party emails, and the probing of at least 21 state voter registration systems.
Winner's supporters have said that she should be treated as a whistleblower, not a spy, but note that the Espionage Act, the law under which she was charged, limits making a whistleblower defense.
In a statement, Winner’s mother, Billie Winner-Davis, said that “Given the time and circumstances and the nature of the Espionage charge I believe that this was the only way that she could receive a fair sentence.”
“The cards were stacked against her,” she said.
Nathan Fuller, a campaigner with the Courage Foundation, accused the Trump administration of hypocrisy in its prosecution of Winner. "The Trump Administration has signaled its clear intent to continue the Obama-era practice of aggressively punishing low-level leaks that embarrass the government with Espionage Act charges, while allowing top officials to leak with impunity when it serves their interests,” he said.
The Russian campaign Winner's leak revealed included sending mass phishing emails from a Gmail account purporting to come from VR Systems, a well known voting equipment manufacturer. They were directed to a wide range of potential victims who worked for local election offices.
One such email, sent from vr.systems@gmail.com to an elections employee in Alachua County, Florida, and acquired by BuzzFeed News, was caught in the county’s spam filter and never opened. Another, acquired by the Intercept, was sent by vrelections@gmail.com to workers in North Carolina and included an attached Microsoft Word file that contained malicious code.
It’s unclear if anyone ever fell for the phishing attempts, but the Department of Homeland Security, which considers elections equipment critical infrastructure, has repeatedly claimed it has seen no evidence any votes were changed by foreign actors. DHS didn't immediately respond to request for comment.
“We were never aware of anyone that clicked on it,” a former senior DHS official who was at the agency at the time told BuzzFeed News.
The document Winner allegedly revealed named Russia’s military intelligence agency, GRU, as responsible for the phishing campaign.
According to the affidavit for her arrest, Winner was one of six employees at her Georgia NSA office to have printed that document and was the only one of those six who had emailed the Intercept from her desk computer.
She initially pleaded not guilty after her arrest, and for the past year has resided in Georgia's Lincoln County jail.
Her supporters recently erected a billboard reading, “jailed one year, no bail, no trial, for exposing threats to US elections? #Justice4Reality.” Last week, the judge in her case, Randall Hall, said the billboard could “interfere with a fair trial.”
UPDATE
This story has been updated to include comment from a former senior DHS official.