ALL POWER TO THE HACKER COMRADES
Oh my fucking GOD they have lost their minds
In the wee hours of June 14, the Washington Post revealed that “Russian government hackers” had penetrated the computer network of the Democratic National Committee. Foreign spies, the Post claimed, had gained access to the DNC’s entire database of opposition research on the presumptive Republican nominee, Donald Trump, just weeks before the Republican Convention. Hillary Clinton said the attack was “troubling.”
It began ominously. Nearly two months earlier, in April, the Democrats had noticed that something was wrong in their networks. Then, in early May, the DNC called in CrowdStrike, a security firm that specializes in countering advanced network threats. After deploying their tools on the DNC’s machines, and after about two hours of work, CrowdStrike found “two sophisticated adversaries” on the Committee’s network. The two groups were well-known in the security industry as “APT 28” and “APT 29.” APT stands for Advanced Persistent Threat—usually jargon for spies.
If the Russian government is behind the theft and release of embarrassing emails from the Democratic Party, as U.S. officials have suggested, it may reflect less a love of Donald Trump or enmity for Hillary Clinton than a desire to discredit the U.S. political system.
A U.S. official who is taking part in the investigation said that intelligence collected on the hacking of Democratic National Committee (DNC) emails released by Wikileaks on Friday “indicates beyond a reasonable doubt that it originated in Russia.”
The timing on the eve of Clinton’s formal nomination this week for the Nov. 8 presidential election has raised questions about whether Russia may have been trying to hurt her, to help Trump, her Republican rival, or to fan populist sentiment against establishment politicians as it has sought to do across Europe in recent years.
The hacker who claims to have stolen emails from the Democratic National Committee and provided them to WikiLeaks is actually an agent of the Russian government and part of an orchestrated attempt to influence U.S. media coverage surrounding the presidential election, a security research group concluded on Tuesday.
The researchers, at Arlington, Va.-based ThreatConnect, traced the self-described Romanian hacker Guccifer 2.0 back to an Internet server in Russia and to a digital address that has been linked in the past to Russian online scams. Far from being a singly, sophisticated hacker, Guccifer 2.0 is more likely a collection of people from the propaganda arm of the Russian government meant to deflect attention away from Moscow as the force behind the DNC hacks and leaks of emails, the researchers found.
The Kremlin dismissed as absurd on Tuesday allegations it was behind the hacking of U.S. Democratic Party emails, saying unidentified individuals were trying to cynically exploit fear of Russia for electoral purposes.
It responded after cyber security experts and U.S. officials said there was evidence Russia had engineered the release of sensitive Democratic Party emails in order to influence the Nov. 8 U.S. presidential election.
The emails, released by activist group WikiLeaks at the weekend, appeared to show favouritism within the Democratic National Committee (DNC) for Hillary Clinton and prompted the resignation of DNC Chairwoman Debbie Wasserman Schultz.
Days after a massive leak of hacked emails threatened to spoil the Democratic Party’s convention kickoff, political operatives and assorted experts continue to debate whether the attack was a Russian plot to boost Donald Trump’s presidential bid.
But there’s something utterly bizarre about the kind of coverage this story is getting. Evidence currently suggests that the Russian government may have attempted to sway the results of the U.S. presidential election. I put that in italics, because it ought to be in screaming 72-point headlines on every front page in America. And yet, it’s being treated like just one more odd story in a wacky election year, not much more important than the latest fundraising numbers or which ethnic group Donald Trump has insulted most recently.
“We are again seeing these maniacal attempts to exploit the Russian theme in the US election campaign,” Russian presidential spokesman Dmitry Peskov told journalists on Tuesday. “This absurd news was immediately refuted by the family of a prominent presidential candidate.”
On Sunday, Clinton’s campaign manager, Robby Mook, claimed in an interview with CNN that “experts are telling us that Russian state actors broke into the DNC (Democratic National Committee), stole these emails, and other experts are now saying that the Russians are releasing these emails for the purpose of actually helping Donald Trump.”
When asked what kind of evidence he had to back up that theory, Mook answered: “Well, we need the experts to speak on this. It’s been reported on in the press that the hackers that got into the DNC are very likely to be working in coordination with Russia.”
Reports attributing the breach to Russia have been pouring out all day. The New York Times said that private researchers had concluded that this hack was done by the same Russian intelligence services that recently breached various U.S. government networks. It also said that meta-data in the emails indicated that documents passed through Russian computers. Other news services have said the FBI suspects the Russians. I have no basis to question these reports. But the truth is that there is no public evidence whatsoever tying Russia to the hack. Attribution for cyberoperations of this sort is very tricky and tends to take some time. Even if the hack can be linked to computers in Russia, that does not show that the hack originated there (as opposed to being routed through there). And even if it originated in Russia it does not show who was responsible. That said, it would not be surprising if the Russians were behind this. In addition to today’s reports, the director of national intelligence warned months ago about intrusions into campaign networks, and Russian intelligence services and criminal networks have reportedly infiltrated important U.S government networks in the last year. But to repeat, there is no public evidence yet—all we have are reports by private firms and anonymous government officials.
The theory that Moscow orchestrated the leaks to help Trump—who has repeatedly praised Russian President Vladimir Putin and practically called for the end of NATO—is fast gaining currency within the Obama administration because of the timing of the leaks and Trump’s own connections to the Russian government, the sources said on condition of anonymity because the investigation is ongoing and developing quickly.
Of the questions raised by charges that Russia was involved in the release of hacked Democratic National Committee emails, at least one — why would Russia do such a thing? — can be answered with a little-noticed but influential 2013 Russian military journal article.
The Arab Spring, according to General Gerasimov, had shown that “nonmilitary means” had overtaken the “force of weapons in their effectiveness.” Deception and disinformation, not tanks and planes, were the new tools of power. And they would be used not in formally declared conflicts but within a vast gray between peace and war.
Those ideas would appear, the next year, in Russia’s formal military doctrine. It was the culmination of a yearslong strategic reorientation that has remade Russian power, in response to threats both real and imagined, into the sort of enterprise that could be plausibly accused of using cyberattacks to meddle in an American presidential election.
Indeed, Trump’s actions have provided some of the ammunition for those who allege Putin is covertly supporting him. The billionaire has offered a string of policies that at first appear pro-Russian. He received criticism last week for saying NATO countries that don’t spend the mandated 2 percent of their gross domestic product on defense should not immediately receive U.S. support if they were attacked. As the party’s nominee, he was thought to be behind a change to the GOP platform made during the convention that stripped out language in support of directly arming Ukraine while it fights pro-Russian separatists in its eastern reaches. Trump’s campaign manager has come under increased scrutiny in recent weeks for having worked for close Russia ally and former Ukrainian President Viktor Yanukovych, who was ousted in 2014 following widespread protests.
Similar to Trump, Russian state media cited “the obvious absurdity of the narrative” of Moscow’s involvement in the leak and pinned responsibility for the hack on a highly sophisticated Romanian cyber attacker known online as Guccifer 2.0 as the sole source of the materials given to WikiLeaks. It dismissed any other accusations as “anti-Russian, anti-Putin propaganda that has become a mainstay in the U.S. media’s discussion of the presidential election.”
A potential Russian connection to the politically explosive hack of Democratic National Committee files is becoming clearer, with a former senior intelligence official who ran computer security for the Defense Intelligence Agency telling Fox News the hackers left behind evidence on the servers that points to sophisticated techniques associated with the country.
The trail of evidence on the DNC servers includes malicious code used to steal emails and documents, according to Bob Gourley, co-founder and partner at strategic consulting firm Cognitio and former chief technology officer (CTO) at the DIA.
“Forensic evidence points pretty clearly to a very sophisticated nation state,” he said. “This is a well-resourced adversary. Specifically, they are using the same tools and techniques previously associated with Russia.”
Secretary of State John Kerry brought up the issue in meetings with his Russian counterpart, Sergey Lavrov, while in Laos on Monday, but few details were given as to the outcome of those conversations. On Tuesday, Russian newspapers reported that Lavrov said he “could not find the right un-censored words to comment on these suspicions.”
Matthew Rojansky, director of the Kennan Institute, said although the Kremlin might want to “stir the pot” a bit in American politics, “what is harder to believe is that Vladimir Putin is specifically picking sides, or that he actually thinks that a blatant external intervention of this type can have a predictable effect on U.S. voters that would necessarily be good for Russia.”
GEOGRAPHY: At least one of the hacker groups attacking the DNC appeared to cease operations on Russian holidays, and its work hours aligned with a Russian time zone, cybersecurity company FireEye concluded in a report.
FORENSIC EVIDENCE: After a different batch of hacked Democratic emails was released last month, a wide spectrum of cyber-security experts concluded that it was the work of Russian intelligence agencies through previously known proxy groups known as COZY BEAR or APT 29, and FANCY BEAR or APT 28. “We’ve had lots of experience with both of these actors … and know them well,” according to the DNC’s own contract cybersecurity firm, Crowdstrike, which blogged that one of the two groups had already gained illegal access to the White House, State Department and even the military’s Joint Chiefs of Staff.
MOTIVE: Given their mutual and very public bromance, Putin would much prefer a Trump presidency to a Clinton one, and the timing suggests the leak was timed for maximum embarrassment to the Democrats and their presumptive nominee. Clinton campaign manager Robby Mook said the campaign was told by cyber experts that Russian hackers stole and released the emails to help Trump. “I don’t think it’s coincidental that these emails were released on the eve of our convention here,” said Mook, “and I think that’s disturbing.”
HISTORY: U.S. intelligence officials, including Director of National Intelligence James Clapper, said they had previously seen evidence of foreign hackers spying on U.S. presidential candidates, including some state-sponsored ones, and that such cyber-intrusions would become even more commonplace.
The main reason, however, is that the email hack is exactly the kind of thing Russian hackers can do, are supposed to do, and are used for by Putin and his aides, retired four-star Adm. James Stavridis told NBC News.
Clinton campaign manager Robby Mook told CNN’s Jake Tapper on “State of the Union” Sunday about that “changes to the Republican platform to make it more pro-Russian,” which could provide some of the motive behind the hacks.
WikiLeaks founder Julian Assange told NBC News on Monday that “there is no proof whatsoever” that his organization got almost 20,000 hacked Democratic National Committee emails from Russian intelligence —adding it’s what’s in the emails that’s important, not who hacked them.
In a Skype interview with Richard Engel for “NBC Nightly News,” Assange rejected that it hadn’t even been proven that it was WikiLeaks that published some email messages that have been analyzed in outlets like The New York Times.