Advertisements

Some straight talk on Russia’s cyber attacks

putinThe Intelligence Community Assessment (ICA) on Russia’s cyber attacks was declassified recently, and of course, both sides – Republican and Democrat – are making political hay of it. Since I’m on neither Republican nor Democrat side, but rather on the side of America, let’s discuss, shall we?

First, let’s talk about what it did say, and not what the media says it says. I’m sick and tired of people citing the Washington Post and other media outlets in their efforts to promote “their side,” rather than actually reading the damn thing. In order to intelligently speak on the issue, we have to actually read the ICA – yes, all 25 pages of it.

  • It says that Russia’s recent activities demonstrate an escalation of activities that Russia has been engaged in for years.
  • It says Putin ordered the activities in the 2016 campaign.
  • It says Russia’s goals were to undermine confidence in the U.S. election system, as well as undermine Hillary Clinton in favor of Trump. I’ve said this before on this very blog. The declassified ICA confirms what I’ve said previously.

Russia’s goals were to undermine public faith in the US democratic process, denigrate Secretary Clinton, and harm her electability and potential presidency. We further assess Putin and the Russian Government developed a clear preference for President-elect Trump.

  • It says Russia’s cyber campaign was done in concert with its longer-term public relations/information warfare strategy.
  • It says Guccifer 2.0 and DCLeaks were both part of Russia’s General Staff Main Intelligence Directorate’s (GRU)’s cyber campaign, and released information to WikiLeaks.
  • It says the types of systems Russian actors targeted or compromised were not – I repeat NOT – involved in vote tallying.
  • It says Russia will employ similar strategies in other countries’ elections processes.

Here’s what it does not say.

  • It does not say that the Russians helped Trump win.

We did not make an assessment of the impact that Russian activities had on the outcome of the 2016 election. The US Intelligence Community is charged with monitoring and assessing the intentions, capabilities, and actions of foreign actors; it does not analyze US political processes or US public opinion.

  • It makes no assessment at all about the effectiveness of Russia’s efforts. As a matter of fact, I argued a few weeks ago on this site that their efforts to undermine confidence in the U.S. elections system was not successful.

Gallup polling in September indicated that only 62 percent of Americans had confidence in the accuracy of the vote count, but this number is similar to the polls conducted in 2008 – before revelations about active Russian meddling came to light. So it’s difficult to attribute the low confidence to the Russians.

  • It does not give away sources and methods. There are specific reasons for that. Know what the Russians do to sources who reveal information to their adversaries? They kill them. They are not big on due process. Their due process involves a bullet to the back of the head. If you doubt me, look up “smersh,” which stands for “smert’ shpionam” or “death to spies.” Believe it or not, we do care about human lives, and slimy detritus such as Robert Hansen and Aldrich Ames, who caused the deaths of numerous sources who had the unmitigated gall to betray the Soviet state and provide information to the United States, unfortunately are still allowed to draw breath.

There are also specific reasons to ensure that methods remain classified. Unlike certain morons in the DNC who failed to change their passwords or made them so ridiculously simple, that a teenager living in his mother’s basement could figure out a way in with his little Cheeto-stained fingers, the Russians will actually change their email addresses, beef up cyber security, and increase operational security, as well as make our collection platforms worthless once their existence is discovered.

  • It does not say the Russians wanted Trump from the start. It clearly says the Russian government “developed” a preference for Trump, and aspired to help his election chances.
  • It does not say that they in any way knew these efforts would succeed. As a matter of fact, it specifically says they developed a strategy to undermine Hillary Clinton’s presidency when they thought it was likely that she was going to win.
  • It did not say Russia’s propaganda campaign was anything new and shocking. It wasn’t. It was part of a longstanding Russian strategy.
  • It did not say anything released by the Russians through WikiLeaks and other methods was false in any way.
  • It did not say that the Trump campaign had anything to do with these attacks or leaks.

It says the three major agencies agree with these assessments, although NSA makes the assessment that these operations were directed by Putin with moderate confidence, while FBI and CIA have high confidence assessments. The ICA explains what these assessments mean. High confidence means that the assessment is based on high-quality information from multiple, corroborative sources. Note that the ICA specifically says this does not preclude the possibility that the judgment could be wrong – only that the chance of it being erroneous is small, based on the quality and quantity of corroborative sources.

Moderate confidence in an assessment means the sources on which said judgment is based are plausible and credibly sourced, but there may not be a sufficient number of said sources or they may not be corroborated sufficiently to warrant a high confidence judgment. This does not mean the NSA disagrees with the assessment; it merely means that their confidence level is a bit lower. Confidence levels are kind of subjective. One analyst’s view of the sources could differ from another’s. But once again, moderate confidence assessment does not mean that there’s disagreement on the judgment itself.

The report talks about Russian state ownership and control of RT and other forms of media and that it conducts strategic messaging for the Russian government. There’s nothing surprising about this. Anyone who has been paying attention should know that Russian propaganda campaigns are well funded and well executed, as well as omnipresent and popular in the United States, especially given RT’s strategy of building its social media presence, in an effort to avoid broadcast regulations. Again, nothing new, and the IC had been making these assessments since at least 2012.

Additionally, the IC assesses that Russian efforts to gain information about U.S. elections, candidates, etc. are part of Russia’s efforts to gain intelligence about the adversary – to understand U.S. leaders and their motivations and vulnerabilities and to assess their future actions.

All of this isn’t new. It is intelligent, strategic information warfare. What is new is the extent to which the Russians were able to penetrate private servers, probe state elections systems for vulnerabilities, and disseminate their message using willing patsies such as WikiLeaks.

My view.

Conspiritards screeching that they deserve access to classified sources and methods, because EVIL, BAD GOVERNMENT are going to be sorely disappointed. You want access to classified? Get educated, get a clearance, get hired by the Intelligence Community, and work on cyber issues. But no, the IC is not going to disclose underlying reporting to some quasi-anarchist loon, who gives less than a shit about the lives disclosing such reporting could endanger and collections platforms it could compromise. Fuck off!

“But we do it!” “Obama interfered in Israeli elections!” “What about Radio Free Europe and Voice of America? They’re propaganda outlets!” and “We do it too.” Those are all cries of those who lack understanding of how pervasive Russia’s cyber intrusions were.

I will admit fully to being a hypocrite when it comes to us spying on other countries. I want information about them. I want to be able to determine what their leadership is up to, and to assess motivations and goals. That is what an intelligent nation does. It’s nothing they don’t attempt to do to us. That said, I don’t want to make it easy for them. I don’t want them to succeed. But I’m not going to apologize for doing exactly what they do, but better than they do. Fuck that.

And sorry, but using U.S. grants to fund a politically active group in hopes it would influence the Israeli election is much different than hacking into a private server, stealing information about a candidate and releasing it in hopes of influencing the election or discrediting the President-elect. The Obama Administration’s funding of propaganda and opposition movements is nothing new, especially given our actions during the Cold War to stop the spread of communism. But again, this is nothing compared to the Russians’ actions in this election.

The Kremlin’s campaign aimed at the US election featured disclosures of data obtained through Russian cyber operations; intrusions into US state and local electoral boards; and overt propaganda. Russian intelligence collection both informed and enabled the influence campaign.

Russia’s intelligence services conducted cyber operations against targets associated with the 2016 US presidential election, including targets associated with both major US political parties

We assess Russian intelligence services collected against the US primary campaigns, think tanks, and lobbying groups they viewed as likely to shape future US policies. In July 2015, Russian intelligence gained access to Democratic National Committee (DNC) networks and maintained that access until at least June 2016.

The FBI and DHS in a separate joint assessment provided some technical details about the tools and infrastructure used by the Russian civilian and military intelligence Services to steal information regarding the U.S. election, and target other political, and private sector entities.

The U.S. Government confirms that two different RIS actors participated in the intrusion into a U.S. political party. The first actor group, known as Advanced Persistent Threat (APT) 29, entered into the party’s systems in summer 2015, while the second, known as APT28, entered in spring 2016

Both groups have historically targeted government organizations, think tanks, universities, and corporations around the world. APT29 has been observed crafting targeted spearphishing campaigns leveraging web links to a malicious dropper; once executed, the code delivers Remote Access Tools (RATs) and evades detection using a range of techniques. APT28 is known for leveraging domains that closely mimic those of targeted organizations and tricking potential victims into entering legitimate credentials. APT28 actors relied heavily on shortened URLs in their spearphishing email campaigns. Once APT28 and APT29 have access to victims, both groups exfiltrate and analyze information to gain intelligence value. These groups use this information to craft highly targeted spearphishing campaigns. These actors set up operational infrastructure to obfuscate their source infrastructure, host domains and malware for targeting organizations, establish command and control nodes, and harvest credentials and other valuable information from their targets.

At least one targeted individual activated links to malware hosted on operational infrastructure of opened attachments containing malware. APT29 delivered malware to the political party’s systems, established persistence, escalated privileges, enumerated active directory accounts, and exfiltrated email from several accounts through encrypted connections back through operational infrastructure.

The assessment lists technical details, alternate names for these operations, and mitigation strategies.

hacks

If you think these operations are OK because we have a long history of funding opposition groups worldwide, you are an uber douche.

Again, I’ll admit to loving my country so much, that I believe it’s not OK, even though we’ve been known to fund opposition groups in foreign elections, and this level of intrusion far outstrips anything we’ve done in the past.

The ICA specifically assesses that Russia may have chosen WikiLeaks as its vehicle of delivering stolen information because it is known for its authenticity. It does not make any judgment that the information released to WikiLeaks is false. Julian Assange claims the Russians were not the ones who delivered the damaging information to him. I’m not claiming he’s lying, although he very well could be. I’m saying he wouldn’t know. At all. The Russian intelligence services aren’t known for sending files via the post office with large, flowery stickers on the package, saying “With love, from the Kremlin.” They would be several times removed from this information to ensure operational security. I also think the Russians chose WikiLeaks, because they accurately assess Assange to be an egomaniacal, arrogant asshole, who would feel important publishing this information, and who wouldn’t dig too deeply into its origins, because he wouldn’t give a shit – all for a higher cause.

So people pointing to Assange’s claims that it wasn’t the Russians who gave him the information as evidence contradicting the claims in the ICA are really unfamiliar with how the Russians work.

Do I think Trump won the election fair and square? Of course! There’s nothing to indicate otherwise.

Does this change the fact that the extent of Russian interference is a matter of national security? No, it doesn’t.

I’m once again listening to Kellyanne Conway in spin mode on CNN, claiming that had Hillary Clinton won, we wouldn’t even be talking about these hacks! AYFKM?

We had been talking about them since at least June of last year – when everyone, including me, thought Trump didn’t have a chance – even against someone as repugnant, corrupt, and unlikeable as she was!

We had been talking about them in September, when FBI disclosed that at least 20 state election systems had been hacked – likely by the Russians and Clinton was still ahead in the polls, albeit by a narrower margin. The fact that no one was paying attention because they were distracted by the latest pussy-grabbing scandal or another bright, shiny object does not change this fact.

electionThe President-elect needs to start focusing on what the Russians did and how they did it, rather than getting defensive about his perfectly legitimate election. Only delusional morons think these revelations have anything to do with the results of the election! But it’s time to start focusing on the actual threat, because, as the ICA stated, the Russians will continue to use these tactics to compromise other nations’ democratic election processes. It’s not like they haven’t done it before!

No foreign power should be able to gain access to our election systems, steal information, and use it in attempts to influence the outcome! THAT is the issue here.

 

Advertisements

31 responses

  1. Reblogged this on Site Title and commented:
    I recommend reading this. Every word of it. Then read the JAR and the IC report.

    Like

  2. […] This post puts the recent intelligence briefings about the Russian activities in context. Well worth […]

    Like

  3. The President-elect needs to start focusing on what the Russians did and how they did it, rather than getting defensive about his perfectly legitimate election. Only delusional morons think these revelations have anything to do with the results of the election! But it’s time to start focusing on the actual threat, because, as the ICA stated, the Russians will continue to use these tactics to compromise other nations’ democratic election processes. It’s not like they haven’t done it before!

    YES! A thousand times yes!

    The hacking isn’t anything new, but the deliberate releasing of the hacked emails back into the American public in an attempt to influence a US election is new.

    They may not have had Trump in mind all along, but they DID have the plan to severely weaken Clinton both as a candidate and later as the actual president.

    This time it was Clinton and the Democrats. Next time, it could be …

    Liked by 2 people

    1. Also, the extent of the hacking and penetration. They have never been this bold before. They’ve tried and tried, but these efforts have been… well… head and shoulders above.

      Liked by 2 people

  4. Paul (Drak Bibliophile) Howard | Reply

    Very interesting article.

    Like

  5. You say the US has never influenced election in other countries to the extent Russia does. Sure if you don’t count the times the US actually invaded sovereign countries to overturn election results the government didn’t like, as happened in the 1920’s and 30’s.

    But any rational government will attempt to influence the political process of both allies and enemies to be to it’s liking, as much as they are able.

    Like

    1. If you think the sole purpose of military operations in the Philippines, Honduras, etc. was to overturn election results, you’re taking a very narrow view of what went on back then.

      But once again, I will say, the Russians have been engaged in a prolonged, nefarious attack on our country. If your excuse is “oh well, we invaded countries 100 years ago,” I will adamantly disagree. It’s not OK. It’s not an excuse. Period.

      Liked by 1 person

  6. “Do I think Trump won the election fair and square? Of course! There’s nothing to indicate otherwise.”

    Alas, the Democrats don’t agree with you on that one, Nicki. They’re digging deep for every possible excuse for Hillary’s loss. Rather than admitting that they ran a corrupt, unlikable, flawed harpy of a candidate, they’re burbling on and on about how that bad old Putin helped Trump steal the election from Hillary. And it was her turn, too! They’re the new True Believers, hoping against hope that Trump is arrested for treason before his inauguration. Hell, on DU one of them spouted off about how he/she had a dream about that, and his/her dreams are often prophetic, so clearly Trump will never be inaugurated. That’s how desperate and loony they are.

    The Hillary wing of the party is wittering nonstop that the only way Trump could possibly have defeated her was to cheat, with Russia’s connivance, because she was just so gosh-darn wonderful. The Bernie wing of the party is smugly singing the “We Told You So” chorus while at the same time insisting that Bernie would have beaten Trump into the dirt. It’s sort of amusing to watch them at each other’s throats, honestly.

    Trump almost has to get defensive over the left’s allegations. If he doesn’t, he risks letting the left and their media allies write the narrative unopposed. Given that the media has proven over and over again that they simply cannot be impartial (and most of them are still sore in the lady-parts over Hillary’s defeat), allowing this to happen would be a mistake, I think.

    No matter what he says or does, the left will insist (all evidence to the contrary) that he stole the election with Putin’s help and he’s a puppet of the Kremlin, because that allows them to ignore a painful truth: Hillary was an awful candidate and she lost in a fair contest.

    Liked by 2 people

    1. You said it. They’re desperate. Any normal liberal I know, while unhappy about Trump’s win, acknowledges it’s legitimate. Only the truly unhinged still cling to that shit.

      Liked by 2 people

      1. I dispute the claim there are any “normal” liberals left in America.

        Like

    2. THIS Democrat thinks that Donald Trump won the election.

      Fair and square, even. Within the parameters of our electoral system.

      But to deny that there weren’t voters who were swayed by the leaks and the fake news is just plain silly.

      We will never know to what extent, if any, the Russian efforts were successful, because the Russian activities were just one factor in a series of factors that went into the decision of the election.

      By themselves, NEITHER candidate would have one. It was only because two GROSSLY unpopular candidates faced off that either of them had a chance to win.

      We had the choice between shooting ourselves in the head or heart.

      Like

      1. No Democrats were swayed by anything negative about Hillary, true or untrue. It MIGHT have had some small effect on undecideds.

        Like

  7. Thank you for your thoughtful and insightful article, Nicki. The amount of bullshit being thrown in both directions on the subject is truly ridiculous. And I’m still chuckling over the demands that Electors be briefed on confidential intelligence findings prior to the meeting of the College so they could “decide” how to cast their votes. Straw grasping much?

    Oh, and I’m one of those Americans who has less than complete confidence in reported vote totals…not because of anything the Russians or other foreign powers have done, but for the same reason Election Day in many large metro areas is known as The Day of the Walking Dead.

    Still you’ve got to love the irony of the sub-header in the pre-election Gallup Poll report: “Dems Much More Confident Than Republicans in Vote Count Accuracy”

    Liked by 3 people

    1. Yeah, I won’t deny that’s amusing. I’m not sure how I would define my “confidence” in the elections system. I mean, we’re a HUGE country, so there will be problems just based on probability. But do I think the whole thing is corrupt? Nah.

      Liked by 1 person

      1. Me either, actually. More a reflection of my belief one should never be too comfortable with anything involving politicians.

        Like

  8. Thank you, keep fighting the good fight.

    Like

  9. What’s the photo with the bundles of… stuff?

    Like

    1. That is a photo of someone offloading PRE-completed ballots in Crimea, with the pro-Russia option checked off. There’s info in the link, but some of it is in Russian.

      Like

  10. This is probably the best of your analytical work. Bravo, ma’am.

    Like

  11. This is all getting too easy for you sister. Another home run.
    The only thing I wish you would discuss more is the Geo-political Box that Russia is in regarding their lack of warm water ports. “Hey Vlad…..Crimea much?”
    Hope your foot is back into its “kiwi injection status”. Well, metaphorically anyway.
    🤘

    Like

    1. Awwww, thanks! I’m not an expert on Russian navy, though. I know the port at Tartus is their only warm water port, but at the same time, my understanding is it was just a supply base, and the place was kind of neglected. Of course, a few months ago, they decided to build a fully operational base there, so I guess we’ll see.

      Foot is healing. Still not fully operational, unfortunately, but the physical therapist said it would take a bit. We shall see! 🙂

      Like

  12. I was in Israel during the despicable, execrable, and heavily funded “V15” campaign. (It was hard NOT to see it — this was clearly a megabucks operations. Their canvassers, posters, and ads were everywhere you looked.) Typically, it was run in such a heavy-handed, tone-deaf, fashion by some 0bama campaign manager who clearly had no idea what makes Israelis tick. On balance, it almost certainly BOOSTED Netanyahu, since I personally know several Israelis who were tired of Bibi but in response to V15 voted Likud out of sheer spite.

    Now unlike those twitwaffles, one can call the Russian players of “le grand jeu” (the Great Game) all sorts of names — “incompetent” is not one of them.

    Like

  13. Nicki,
    I found this paragraph somewhat strange. And sorry, but using U.S. grants to fund a politically active group in hopes it would influence the Israeli election is much different than hacking into a private server, stealing information about a candidate and releasing it in hopes of influencing the election or discrediting the President-elect. The Obama Administration’s funding of propaganda and opposition movements is nothing new, especially given our actions during the Cold War to stop the spread of communism. But again, this is nothing compared to the Russians’ actions in this election.
    We were caught red handed hacking into the cell phone of Germany’s prime minister, or president, Angela Merkel. Granted, we didn’t release any of her texts or calls, but the rest is pretty much the same. If were planning to use any information found on her phone as leverage against her, which they most likely were, there is no difference at all from Russia’s trying to hack into the State Dept. servers, including the one kept in the basement of our former Sec of Def. Hillary.
    We all know that Putin is a bully. Unlike most bully’s, though, Putin has the army and navy to back him up. The only way to defeat Russia, if the same way we brought down the former Soviet Union. We must drive them into insolvency, by making oil either too expensive for them to buy on the open market, of too cheap for them to sell on the open market, so that they lose revenue. Also, we need to strengthen our own military so the Russians have no thoughts of trying to make bad choices like they did with the Crimean region.
    One more item, I don’t think that any election since the very early days of our country has gone without someone being angry over who won and crying “foul”. But this time, due in part to the social media right at their fingertips, it is even easier to complain and to set up riots, protests, etc.
    I hope that this all blows over and that after next week, it gets back to normal, whatever that is. I am not holding my breath.

    Like

    1. My comment here should explain it.

      I will admit fully to being a hypocrite when it comes to us spying on other countries. I want information about them. I want to be able to determine what their leadership is up to, and to assess motivations and goals. That is what an intelligent nation does. It’s nothing they don’t attempt to do to us. That said, I don’t want to make it easy for them. I don’t want them to succeed. But I’m not going to apologize for doing exactly what they do, but better than they do. Fuck that.

      And if you think they don’t do it to us, I have this bridge. It’s actually hard to explain, because the extent of what Russia did is far above and beyond anything we have allegedly done or have been doing. But again, “Well… we do it too!!!!!!!!!!!!!” is not an excuse. We got slapped down for a lot of the spying we do. I would expect that from other countries. I’m fairly sure none of them are making excuses that somehow they deserved it.

      Like

  14. […] it was claims that the Russian meddling in our elections somehow handed Trump the presidency, instead of acknowledging that the left wan such a flawed, […]

    Like

  15. I loved your article, it was articulate and incisive! I also like to write about politics and current events, come check out my blog at the link below!
    https://braedenpoliticslife.wordpress.com/

    Thank you!

    Like

    1. That’s a neat blog you have! Interesting too. Damn, I hope you’re not a spammer! LOL

      Liked by 1 person

      1. Hi Nicki,
        I’m a new blogger who is just starting out on WordPress. I’m looking for new ways to expand my blog and broaden my readership, can you give me any tips to becoming as successful as you on WordPress?

        Thank you for anything you can tell me,
        Braeden

        Like

        1. Look, the best thing you can do is write, write, and more write. The more original, interesting content you have, the more audience you will gain over time. it takes time. A lot of time.

          Like

We Want To Hear What You Have To Say

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: