Forget about the stories about the Israeli judicial reforms. Its critics are exaggerating, but now we have another exaggeration about Israel floating up to the top of the news.
Some Israelis – supposedly affiliated with a firm called Team Jorge – have been caught rigging elections.
My first reaction to that was to remember that line in Casablanca where Captain Renault tells Rick, “I’m shocked, shocked to find that gambling is going on in here,” just as a waiter comes up to the captain, and says, “Your winnings, sir.”
This “groundbreaking” exposé from the Guardian, in Britain uncovered an Israeli firm hacking elections.
Three journalists – Gur Megiddo of TheMarker, Frédéric Métézeau of Radio France, and Omer Benjakob of Haaretz – had been on the tails of Jorge for more than six months, posing as consultants working on behalf of a businessman who wanted to delay an election in a large and unstable country in Africa. -- The Guardian
I have no doubt that something was going on. But the fact that it was exposed leads me to believe that the firm was not that competent, or it would not have been exposed.
When it comes to hacking, it is a signature of teenage hackers to brag about their exploits.
The student from Montreal's West Island ... was caught because he boasted about his hacking in Internet chat groups. – The Globe and Mail
Bragging! And this firm made the same mistake.
According to the video, the firm’s director says that the team engaged in ...
Thirty-three presidential level campaigns, we have completed. Twenty seven of them which were successful – The Guardian (video)
I don’t doubt that hacking elections is a common occurrence. It might explain how President Trump got ten million more voters in 2020 than he did in 2016, and still lost his re-election.
But the idiocy of this exposé was making such a hacking enterprise look expensive and professional. The firm claimed to run 30,000 bots.
But is that really impressive?
For example: Team Jorge said it can generate false faces.
Big deal. You can do that online for free at: this-person-does- not-exist.com/en
True, generating 30,000 fake faces would take time, but some inexpensive software could get it done fast.
And there are website with pricing packages. See this site: www.unite.ai/random-face-generators/ (Some on this list are free)
If you know Linux (which is free), you can get an MIT tool, such as this one: snapcraft.io/random-face-generator
An average 15 year-old techie could master that.
Hootsuite helps you to manage Twitter accounts. There are other packages.
A simple VPN service (some of which can be free) can hide your IP. They’ll think you are posting from Brazil.
Now, the exposé does mention that the firm is using a “secret” tool called AIMS, but rather than being secret, AIMS is a commercial software package designed to make media access easy and manageable. It operates on Microft’s Azure Cloud Platform.
Azure is a public cloud computing platform—with solutions including Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS) that can be used for services such as analytics, virtual computing, storage, networking, and much more. It can be used to replace or supplement your on-premise servers. -- CCBTechnology
A lightbulb should go on in someone’s head.
Do you seriously believe that a truly covert operation wants their data on any cloud server managed by Microsoft?
No true covert professional – or 15 year-old techie for that matter – would touch it. They would operate under the assumption that any all-in- one-easy-to-use software is put out by the CIA, MI5, FBI, Mossad, etc. in order to spy on hackers. Real professionals would use a lot of open source software, which could be erased and altered regularly.
And they certainly would not trust a Microsoft platform.
But what about the multilayered bots, which masquerade as real people with accounts on social media? You can buy fake accounts on the Dark Web. Pay for it with BitCoin. Some come cheap.
And none of this is news.
Elon Musk Wants to Rid Twitter of 'Spam Bots.' Nearly Half His Followers Are Fake -- Time
None of this should be done in an office, though. Such firms would run out of laptops.
You meet the company president in a coffee shop. The CEO should be wearing eyeglasses. If you really want to save money, instead of paying $400,000 for such services, you could find a competent high school junior.
The techie should be running a slightly older laptop – which he bought on Craigslist, so it can’t be traced. The laptop should be running on Linux, with a kill switch, and which he reformats to re-install a different distro of Linux regularly. His datebase should be on a USB stick, not the cloud.
He should be accessing the internet in libraries, malls, and anywhere with open hot spots. The gold mine is when he accesses the internet in a pizza shop, but the signal is coming from the adjacent barbershop. He logs on to his VPN – which is either free, or paid for via BitCoin – to make it look like he is logging in from Nigeria. Then he begins to work.
No rent. No overhead. Most of the software is freeware on Linux, which is itself free. If he is really good, he can use the terminal to write his own code.
But what about the timed automation? Those tweets have to be spaced out.
He could stay a few hours in local library. They almost always have wi- fi. Or he could rent a server at a colocation office, paid for by BitCoin.
What do you bet this student could produce similar results for say … a tenth of the price, which is just what he needs to pay his car insurance, and next semester’s tuition?
The idiocy of the report is that what the Guardian exposed is news. It is last decade’s news. This has been going on since the internet started. And I seriously wonder if what Team Jorge did was illegal. Spreading election disinformation has been going on since the printing press was invented.
But supposedly, this team had connections to Western power brokers, such as Roger Noriega, who worked for George W. Bush. Doesn’t that mean anything?
A biography of Hanan [Team Jorge’s group leader] had appeared on Visión Américas, Noriega’s Washington DC consulting firm, which also listed him as an associate. -- The Guardian
This means nothing! Noriega denied any knowledge of hacking. This wouldn’t be the first time that Washington was taken in by flim-flam men. Name dropping in D.C. is as common as in Hollywood.
I suspect Team Jorge thought they had a sucker they could overcharge for minimal services, and were pretending to be experts. And the news fell for it. Had the services of Team Jorge been engaged, they would have farmed out the work to some teenagers – and that would have been the real story.
I’ve been getting spam from Nigeria for decades alerting me to the millions of dollars left to me in the bank. Now, if the Guardian would track down those Nigerians who are holding my money, that would be impressive.
Mike Konrad is a full-stack web developer.