21st Century Wire says…
In the wake of the Friday release of the ODNI’s 25 page report from ‘US intelligence agencies’ (notice how they don’t even specify the agency names anymore in these reports) on the alleged Russian hack of Clinton campaign related DNC computers, cyber security experts are still not convinced that there is any credible evidence supporting the theory.
The Feds site the need to keep their sources secret as the reason for the lack of specific evidence of the ‘hacks’ (see full 25 page report embedded at WIRED) in the report but is this a legitimate concern when the forensic evidence is likely located in simple text files and virus protection software logs. Doesn’t the government have the biggest data collection network monitoring facility in the world? Can the evidence not be shown via server traffic logs that wouldn’t expose any ‘sources’?
Wired brings some analysis on the 25 page report and cyber security professionals response to it… Take notice of the language when WIRED is discussing the other side of this argument, referencing ‘unknown sources’ speaking to The Washington Post, (WashPost, who’ve just been caught more than once pushing fake Russiaphobia stories in recent weeks).
On Friday, the Office of the Director of National Intelligence finally released a declassified report on Russia’s role in influencing the US election. And though it offers the most detailed official analysis yet of Russia’s operations, critics in the cybersecurity community say it lacks the still-secret evidence needed to persuade skeptics that analysis is true.
The ODNI’s 25-page report (embedded below) from US intelligence agencies lays out a vast Russian intelligence operation that extends from hacking both Democratic and Republican targets to propaganda campaigns to troll-fueled social media disinformation. It re-asserts the intelligence community’s findings that the Kremlin is behind breaches of the Democratic National Committee, the Democratic Congressional Campaign Committee, Hillary Clinton’s campaign, and even state election board websites. And the express intention of those operations, the report states, was to not only disrupt the American electoral process, but to elect Donald Trump.
“Russia’s goals were to undermine public faith in the US democratic process, denigrate Secretary Clinton, and harm her electability and potential presidency,” the report reads. “We further assess Putin and the Russian Government developed a clear preference for President-elect Trump. We have high confidence in these judgments.”
Even so, the report leaves out the much hoped-for technical evidence that informed these conclusions. In its “Scope and Sourcing” section, the report explains that this evidence exists, but can’t be declassified. And that means the report won’t satisfy the majority of the cybersecurity community that believes Russia hacked Democratic targets but has demanded more evidence, let alone the diehard deniers of the Kremlin’s fingerprints. “Seeing more of the context in which this happened does make me a little more trusting that this really was Russia,” says Robert Graham, an analyst for the cybersecurity firm Erratasec who has closely followed the Russian hacking investigation. “But knowing what data they probably have, they could have given us more details. And that really pisses me off.”
Knowing what data they probably have, they could have given us more details. And that really pisses me off. Robert Graham
Over the past weeks, rumors circulated that senior intelligence officials had pushed for far more of the agencies’ evidence pointing to Russia to be declassified and revealed to the public, according to Susan Hennessey, a former NSA attorney. But that cards-on-the-table approach, which likely would have sacrificed intelligence sources and methods in favor of more public transparency, didn’t make it to the final report. “This isn’t a remotely risk-embracing document,” says Hennessey. “There’s alway a tension between those who think it’s worth bringing forward sources and methods and those that don’t. It’s clear that those with very conservative views about protecting sources and methods prevailed.”1
The unclassified report is underwhelming at best. There is essentially no new information for those who have been paying attention.
— Susan Hennessey (@Susan_Hennessey) January 6, 2017
The Most Important Skeptic
One skeptic, at least, has somewhat altered his viewpoint based on the intel agencies’ case: Donald Trump. After the president-elect was briefed Friday by the heads of the NSA, FBI, CIA, and Office of the Director of National Intelligence, he offered an oblique statement that neither confirmed nor denied his belief that Russia hacked Democratic targets. “While Russia, China, other countries, other groups and people are constantly trying to break through the cyber infrastructure of our government institutions, businesses and organizations including the Democratic National Committee,” Trump’s statement reads, “there was no effect on the outcome of the election including the fact that there was no tampering whatsoever with voting machines.”
But even that mealy-mouthed comment—no intelligence officials had claimed Russia hacked American voting machines—contrasts sharply with Trump’s past denials. Until now, the president-elect has remained doggedly skeptical and even willfully ignorant of the evidence tying Russia’s government to the attacks. He’s blamed the intrusions on everyone from China to a 400-pound hacker in New Jersey to the Democratic party itself. Rather than call for investigations into the hacking, he’s said the country needs to “move on.” At times he has even refused to admit any hacks took place. He continued those assertions even after he began receiving classified briefings on the attacks as the Republican presidential candidate, and then after US intelligence agencies stated that the Kremlin was responsible in early October, and even after he was elected and gained full access to presidential briefings from the intelligence community. As late as Friday morning, ahead of his own personal briefing on the full report, he continued to refer to China as the possible source of the attack and called the investigation into Russia a “political witch hunt.” (He also wrote on Twitter that he’s asking Congress to investigate the unauthorized early leak of today’s report to NBC News, showing that he has interest in investigating some leaks, at least.)
Making the Case
The report makes a few new assertions: stating plainly that WikiLeaks received hacked DNC data from Russian intelligence, and outlining a broader history of Russian meddling in US elections. It spends significant ink on Russia’s state-sponsored propaganda efforts, and delves into state-sponsored social media disinformation strategies and widespread Russian media claims that the US is not a functioning democracy. The report points out, for example, that the RT America television channel has been running stories about the US’s weak voting infrastructure and alleged election fraud since November 2012.
RT’s role as a distributor for Russian government propaganda is hardly news, though. And while data leaks and disinformation campaigns were central to last year’s campaign meddling, the report seems to give them disproportionate weight over technical hacking, perhaps because those sections of the report were redacted.
In terms of proving the core claim that Russia hacked American political targets, though, Friday’s report is sure to leave any skeptic not privy to classified briefings briefings unconvinced: It fails to include even the already public evidence visible to the cybersecurity community over the last six months, which drew a thick dotted line from the DNC hack to the Kremlin. A hacker calling himself Guccifer 2.0, for instance, in June claimed to be a lone Romanian hacker responsible for the breach. But the stolen DNC files he published on the web—and also said he’d leaked to WikiLeaks—contained telltale Russian-language error messages. A piece of malware known as X-Agent was used in both the DNC hack and previous attacks long believed to be Russian intelligence operations. And an analysis of the URL shortening service used by the hacker who stole the Gmail password of Clinton staffer John Podesta shows that the same account was used to target more than 5,000 other Gmail accounts, including Russia-focused journalists and authors, and the spouses of American military officials.
Early leaks from a classified version of the report revealed some of the evidence intelligence agencies have to implicate Russia. Unnamed intelligence officials told the Washington Post that US agents had intercepted the communications of senior Russian officials celebrating Trump’s win. In another leak to Reuters, intel officials said that they’d identified the intermediary who had passed files stolen by Russian hackers to WikiLeaks.
The Obama administration, for its part, has for months harbored little doubt about Russia’s involvement in the political attacks. In fact, it’s already responded: In late December, the White House announced new targeted sanctions against Russian intelligence officials and contractors, ejected 35 Russian diplomats from the country, and seized two Russian-owned properties on American soil it said were being used for intelligence gathering. James Lewis, a cybersecurity-focused fellow with the Center for Strategic and International Studies, told WIRED at the time that it was the “the biggest retaliatory move against Russian espionage since the Cold War.”
But critics from Trump’s presidential transition team have accused Obama of acting against Russia before proving the sanctions were warranted…
READ MORE RUSSIAN HACK NEWS AT: 21WIRE Russian Hack Files