Saturday, March 4, 2017

The Russian election hack: bullshit

"Don't bullshit me." That was Bill Maher's response on his March 3 HBO show to Republican talking head Jeffrey Lord who denied that the Russians had hacked last November's election.

“The Russians hacked our election, all of our intelligence agencies said, for one side to win, your side," Maher asserted, doing some bullshitting of his own.

Because what the U.S. intelligence agencies said was different:
Putin and the Russian Government aspired to help President-elect Trump’s election chances when possible by discrediting Secretary Clinton and publicly contrasting her unfavorably to him. All three agencies agree with this judgment. CIA and FBI have high confidence in this judgment; NSA has moderate confidence [emphasis added].
First, this is an "assessment," in other words, guesswork. The CIA and FBI think it is a really good guess ("high confidence"), the NSA not so much. Which is curious because the NSA is the agency that would have the most evidence, since it, not the FBI or CIA, intercepts all Internet and other electronic communications.

Then "discrediting" and "publicly contrasting her unfavorably" are, quite simply, speech, not espionage, intelligence operations or computer hacking.

The U.S. intelligence public assessment about Russian hacking is this:
Russia’s intelligence services conducted cyber operations against targets associated with the 2016 US presidential election, including targets associated with both major US political parties. 
We assess with high confidence that Russian military intelligence (General Staff Main Intelligence Directorate or GRU) used the Guccifer 2.0 persona and DCLeaks.com to release US victim data.
These conclusions were an ex-post-facto reversal of the original FBI conclusions reported by the New York Times two days before the elections:
WASHINGTON — For much of the summer, the F.B.I. pursued a widening investigation into a Russian role in the American presidential campaign. Agents scrutinized advisers close to Donald J. Trump, looked for financial connections with Russian financial figures, searched for those involved in hacking the computers of Democrats, and even chased a lead — which they ultimately came to doubt — about a possible secret channel of email communication from the Trump Organization to a Russian bank. 
Law enforcement officials say that none of the investigations so far have found any conclusive or direct link between Mr. Trump and the Russian government. And even the hacking into Democratic emails, F.B.I. and intelligence officials now believe, was aimed at disrupting the presidential election rather than electing Mr. Trump.
The FBI had initiated the investigation more than a year earlier, but did not even bother to examine the compromised Democratic National Committee computers before they were wiped clean.

An extensive New York Times report published on December 13 details what it calls "a series of missed signals, slow responses and a continuing underestimation of the seriousness of the cyberattack," but if you ask me, it reads more like a Monty Python comedy routine.

The story is that in September 2015, the Democratic National Committee switchboard got a call from the FBI to tell them their network had been penetrated by the Russians, so Special Agent Adrian Hawkins was transfered to the help desk.

The guy in charge of the computers did a perfunctory check of the system, found nothing, and then ignored repeated follow-up calls from the FBI since nothing had been found and the IT guy thought maybe it had been a scam. Sure. How many scammers leave voicemail messages and call-back numbers?

Well, eventually the DNC and FBI do get it together, and at the end of April, seven months after the original contact, the DNC's network tech installs proper monitoring software. As a result, they find not one but two penetrations and  that a remote user has administrator privileges. In other words, they hadn't just been hacked, they had been completely owned.

So CrowdStrike, a private security firm comes in, says yeah, looks like the Russians, and finally gets rid of them in the middle of June. To do so they have to nuke the entire network and all the computers, i.e., takes it all off line and replace or reinstall everything.

Separately, political people including at Hillary Clinton's campaign start receiving phishing emails in March claiming the recipient's Google password had been compromised and please follow this link to change it.

This is a very common, garden-variety scam used by hackers the world over to break into accounts.

One of these emails went  to John Podesta, a top Clinton operative from the White House days who was in charge of her campaign.

An aide spots the email and asks for advice. The person who responds says the email is "legitimate" and adds that Podesta should change his password immediately. He includes in his response the real, safe link to Google, and adds that Podesta also needs to turn on two-factor authentication (in other words, after the login, you have to send back to Google a number they send by text or to a different email account to make sure it is really you).

The guy who sent this email claims he meant to say "illegitimate," but either way, the instructions he sent are exactly right. But supposedly, instead of following the link in this email, Podesta or an aide dug up the original scam email and followed the deceptive link and therefore got scammed. And then they ignored the advice about two-factor authentication.

Seriously, to say this attack was so sophisticated that it took the Russian security services to stage it is silly. A sixth grader with an iPad could have done it. But it would not have worked if Podesta and his aides hadn't been such idiots.

So what did the Russians do with their access? Erase their email lists? Steal the money from their bank accounts? Do a "ratfucking" operation like the Republicans did to the Democrats in 1972, canceling events, sending out fake press releases, etc.?

No! Supposedly they acted like goody two-shoes and made public materials showing the duplicity of the DNC and the Clinton campaign.

In the DNC case, they showed that it was helping Clinton instead of being neutral. And with the Podesta emails, they showed the campaign was consciously trying to pull a fast one on the American people, by presenting in essence a phony Hillary for electoral purposes -- not much of a revelation that last one, which is why so little attention was paid to it.

So, to put it bluntly, whatever wounds the Democratic Party and the Clinton campaign suffered were self-inflicted.

But, was it really the Russian that did the leaking?

There is in science a principle known as Occam's razor: the simplest explanation is usually the right one. Massive document leaks are typically the work of lone wolf insiders, like Daniel Ellsberg with the Pentagon Papers, Chelsea Manning with the State Department cables, and Edward Snowden with the NSA files.

The turmoil when the DNC network and computers were taken down in June and reinstalled from scratch would have afforded any DNC staffer or security contractor the perfect opportunity to copy whatever they wanted.

The DNC material began to be leaked right after that rebuild, and the leaker announced the bulk of the material had been sent to Wikileaks, which published them on the Friday before the Democratic National Convention in July.

Assuming the American spooks are right in concluding the leaks sought to undermine Clinton, then the timing is inexplicable. The Russians had already been in the DNC network for months when the primaries began. Right before super-Tuesday in March, a leak showing the DNC was in the tank for Hillary would have caused a scandal that might have sunk Clinton. But not months later.

But if they waited until July, why not wait until October? Another "October surprise" scandal would have hurt Clinton much more than a July revelation.

This whole scenario makes no sense.

The FBI and DNC don't take seriously the Russian incursion, which goes on for months.

We're told these are hyper-sophisticated secret attacks but the Podesta email trick is so pedestrian you can look it up in the dictionary. And apparently it was not even exploited to plant software in Podesta's machine (or that of his aides), only to harvest emails from Google's servers.

The Russians supposedly were both fiendishly clever and completely clueless. They realized how damaging the revelation of real documents and emails would be ... but didn't do it when it would have been most damaging, during the primaries.  When they release it, they do it through Wikileaks, where it will have the least impact, instead of giving it to the New York Times and other major news organizations, who would have kited it to the skies to show their investigative journalistic prowess.

There is one word that best describes this story: bullshit.

1 comment: