The Russia-haters are sure they know
When the hacking of Sonys computer system produced a brouhaha of ridiculous proportions, the governments pet experts were quick to blame North Korea. The rationale: Since Sony was releasing a pretty awful anti-North Korean propaganda film, it was only obvious that King Jong-un was personally responsible. Besides that, the attack supposedly originated in a region of cyberspace inhabited by North Koreas pathetic Internet superstructure.
There was just one problem with that oh-so-convenient scenario: it wasnt based on anything but suppositions. Indeed, several computer experts not connected to the government hotly disputed this explanation, and instead pointed to the ease with which the hackers penetrated the system to show that it was most likely an inside job, the work of an employee with intimate knowledge of the system and a grudge against Sony. Indeed, such a person was quickly identified: a former employee who had been fired and had vowed to get even. Yet Washington, for its own reasons, ignored this rather compelling evidence and stuck to its story: so did their pet experts, who have a vested economic interest in hyping the alleged threat posed by hackers in the service of foreign enemies all the better to ensure that plenty of taxpayer dollars will continue to fill their coffers.
Now we have another hack attack, supposedly coming from the Russians. The New York Times reports:
Some of President Obamas email correspondence was swept up by Russian hackers last year in a breach of the White Houses unclassified computer system that was far more intrusive and worrisome than has been publicly acknowledged, according to senior American officials briefed on the investigation.
Not a shred of evidence is given as to the identity or nationality of the hackers except the assertions of anonymous government officials. We have to wait until the seventh paragraph to read that they are presumed to be linked to the Russian government, if not working for it.
A few paragraphs later, at the very end, we get this:
This has been one of the most sophisticated actors weve seen, said one senior American official briefed on the investigation.
Others confirmed that the White House intrusion was viewed as so serious that officials met on a nearly daily basis for several weeks after it was discovered. Its the Russian angle to this thats particularly worrisome, another senior official said.
While Chinese hacking groups are known for sweeping up vast amounts of commercial and design information, the best Russian hackers tend to hide their tracks better and focus on specific, often political targets. And the hacking happened at a moment of renewed tension with Russia over its annexation of Crimea, the presence of its forces in Ukraine and its renewed military patrols in Europe, reminiscent of the Cold War.
Okay, so lets summarize the evidence were given in this piece pointing to the Russians:
1) The culprits are sophisticated actors.
2) It cant be the Chinese because they only care about money so it must be the Russians, because the targets were political. Besides, the Russians hide their tracks better.
3) The timing: it happened at a moment of renewed tension with Russia.
Is it really necessary to debunk this pallid ghost of an argument? To begin with, there are plenty of sophisticated actors in the hacking world, not all of whom are acting on behalf of a state. Secondly, if the culprits in this instance hid their tracks well, how is it that we traced them and how certain can we be it was the Russians? As for the timing question: weve been having moments of tension with a large number of international adversaries over the past year, any one of which could have been responsible.
Another article over at Motherboard is even more laughable.
Security researchers say they have found actual evidence linking the attack to the Russian government, or at least, Russian hackers.
The campaign that targeted the White House, nicknamed CozyDuke, appears to have similar code, infrastructure, and political interests as past attacks that were linked to Russian hackers who were possibly working for the government, the researchers say.
Past attacks linked to Russian hackers with what evidence? If ever there was an example of confirmation bias, then this is it. Similar code and infrastructure? Dont make me laugh: malware code is free-floating and widely available. Anyone couldve developed the particular phishing malware used to compromise White House and State Department computer systems. As for those political interests, this is absolute nonsense: is the Kremlin the only government on earth with a motive for breaking into US government computer systems? And it gets worse:
CozyDuke was carried out by the same group behind sophisticated cyberespionage campaigns known as MiniDuke and CosmicDuke, according to the security firm Kaspersky Lab, which have been linked to the Russian government in the past.
MiniDuke and CosmicDuke were launched by a Russian government agency, researchers at F-Secure, another security firm concluded in January. That conclusion was based largely on the targets of the operations: Russian drug dealers and governments with interests opposed to those of Russia. [Emphasis added]
In other words, it was a totally non-technical analysis, bereft of any real evidence but for the political assumptions and amateur analysis of computer experts eager to tell the US government what it wants to hear. Here is how those geniuses over at F-Secure came to their brilliant conclusion:
Considering the victims of the law enforcement use case [sic] seem to be from Russia, and none of the high-profile victims are exactly pro-Russian, we believe that a Russian government agency is behind these operations.
In spite of the air of certainty projected at the beginning of this piece, toward the end Mikko Hypponen, F-Secures chief researcher, says it could be Russia. Oh, but maybe not
Washington isnt having any of this ambiguity, however. According to news accounts, during a speech at Stanford University the other day Defense Secretary Ashton Carter claimed that sensors guarding the Pentagons unclassified networks detected the intrusion by Russian hackers, who discovered an old vulnerability that had not been patched. After learning valuable information about their tactics, Carter said, we analyzed their network activity, associated it with Russia, and then quickly kicked them off the network, in a way that minimized their chances of returning.
Yeah, sure. Its just a coincidence that the Pentagon issued a new cyber- strategy paper that pinpoints Russia, along with China, as the Big Culprits To Watch Out For looming threats to our cyber-infrastructure that require huge amounts of money and expertise to combat.
Another coincidence: there are no less than three major cybersecurity bills in the congressional hopper designed to hand yet more of our private information over to the waiting arms of the National Security Agency and law enforcement agencies, all in the name of protecting us from Russian-Chinese bogeymen- hackers. A recent open letter from more than 65 respected cyber-security professionals and academics denounces these bills as unnecessary intrusions on privacy as well as providing a false sense of security and, they conclude, the bills could also make us more vulnerable to hacking.
As Trevor Timm puts it:
Members of Congress most of whom cant secure their own websites, and some of whom dont even use email are trying to force a dangerous cybersecurity bill down the publics throat. Everyones privacy is in the hands of people who, by all indications, have no idea what theyre talking about.
The new cold war with Russia is upon us, and the rule is: when in doubt, blame Putin. Our technologically ignorant and government-subservient media is all too prone to fall for this nonsense. While I wouldnt rule out anyone including some of our vaunted allies as being responsible, in this case Id look at the knee-jerk accusations aimed at the Kremlin with a very jaundiced eye.