I’ve been watching driveby media for a long time. I thought I’d seen it at its worst under President Reagan and during the tenure of Senator Jesse Helms. Donald Trump is 17 days away from being sworn and the drivebys are making their behavior during the Helms and Reagan eras look like patty-cake. They will not let go of this Russian hacking nonsense.
CNN and their ilk would have you believe that Russian hackers affiliated with the Putin government rigged voting machines and installed Donald Trump as the next president against the wishes of the American people. Never mind that the FBI-Homeland Security report on “Russian hacking” includes all kinds of disclaimers admitting they can’t guarantee the accuracy of a lot of its information. Are Technica, a well-known IT community blog hardly known as “conservative” casts even more suspicion and skepticism on the Russian hacking spin:
Talk about disappointments. The US government’s much-anticipated analysis of Russian-sponsored hacking operations provides almost none of the promised evidence linking them to breaches that the Obama administration claims were orchestrated in an attempt to interfere with the 2016 presidential election.
The 13-page report, which was jointly published Thursday by the Department of Homeland Security and the FBI, billed itself as an indictment of sorts that would finally lay out the intelligence community’s case that Russian government operatives carried out hacks on the Democratic National Committee, the Democratic Congressional Campaign Committee, and Clinton Campaign Chief John Podesta and leaked much of the resulting material. While security companies in the private sector have said for months the hacking campaign was the work of people working for the Russian government, anonymous people tied to the leaks have claimed they are lone wolves. Many independent security experts said there was little way to know the true origins of the attacks.
Sadly, the JAR, as the Joint Analysis Report is called, does little to end the debate. Instead of providing smoking guns that the Russian government was behind specific hacks, it largely restates previous private-sector claims without providing any support for their validity. Even worse, it provides an effective bait and switch by promising newly declassified intelligence into Russian hackers’ “tradecraft and techniques” and instead delivering generic methods carried out by just about all state-sponsored hacking groups.
“This ultimately seems like a very rushed report put together by multiple teams working different data sets and motivations,” Robert M. Lee, CEO and Founder of the security company Dragos, wrote in a critique published Friday. “It is my opinion and speculation that there were some really good government analysts and operators contributing to this data and then report reviews, leadership approval processes, and sanitation processes stripped out most of the value and left behind a very confusing report trying to cover too much while saying too little.”
The sloppiness, Lee noted, included the report’s conflation of Russian hacking groups APT28 and APT29—also known as CozyBear, Sandworm, Sednit, and Sofacy, among others—with malware names such as BlackEnergy and Havex, and even hacking capabilities such as “Powershell Backdoor.” The mix up of such basic classifications does little to inspire confidence that the report was carefully or methodically prepared. And that only sows more reasons for President elect Donald Trump and his supporters to cast doubt on the intelligence community’s analysis on a matter that, if true, poses a major national security threat.
The writers showed a similar lack of rigor when publishing so-called indicators of compromise, which security practitioners use to detect if a network has been breached by a specific group or piece of malware. As Errata Security CEO Rob Graham pointed out in a blog post, one of the signatures detects the presence of “PAS TOOL WEB KIT,” a tool that’s widely used by literally hundreds, and possibly thousands, of hackers in Russia and Ukraine, most of whom are otherwise unaffiliated and have no connection to the Russian government.
“In other words, these rules can be a reflection of the fact the government has excellent information for attribution,” Graham wrote. “Or, it could be a reflection that they’ve got only weak bits and pieces. It’s impossible for us outsiders to tell.”
Security consultant Jeffrey Carr also cast doubt on claims that attacks that hit the Democratic National Committee could only have originated from Russian-sponsored hackers because they relied on the same malware that also breached Germany’s Bundestag and French TV network TV5Monde. Proponents of this theory, including the CrowdStrike researchers who analyzed the Democratic National Committee’s hacked network, argue that the pattern strongly implicates Russia because no other actor would have the combined motivation and resources to hack the same targets. But as Carr pointed out, the full source code for the X-Agent implant that has long been associated with APT28 was independently obtained by researchers from antivirus provider Eset.
“If ESET could do it, so can others,” Carr wrote. “It is both foolish and baseless to claim, as CrowdStrike does, that X-Agent is used solely by the Russian government when the source code is there for anyone to find and use at will.”
What allegedly got hacked? The Democratic National Committee and John Podesta’s personal email. Criminal law in many jurisdictions treats unauthorized access of digital data as the moral equivalent of breaking and entering a brick and mortar structure. But the folks at Wikileaks said they got the information from a disgruntled Democrat operative. That’s “leaking” — something that goes on in journalism all the time. (*It was great when Richard Nixon and Ronald Reagan were victimized by it. It’s not so much when it’s Dear Sweet Hillary on the receiving end.*)
If someone who had legal access to this email GAVE it to Wikileaks — where is the crime? Also, where is the so-called Russian trickery IF what got released was truthful information making it clear the driveby media has been failing and deceiving its readers and listeners while serving as accomplices to the Obamas and the Clintons?
Meanwhile, we’ve learned that hackers tied to Russia got into Hillary Clinton’s private poorly-secured email server that contained all kinds of classified material. Quite a few people have gone to jail and have been ruined for mishandling classified material. But, in this case, the “Smartest Woman in America” is declared by the FBI director to have been too clueless about protecting national security information when she was secretary of state and set up that email server in her bathroom. *Wouldn’t it have been swell to have, as our president, someone the FBI director assessed as too clueless to properly protect our national security information?*
I caught “13 Hours” on Hulu this weekend. If you weren’t already ticked off about Benghazi, that movie ought to finally push you over the edge. Between the incompetence in managing THAT crisis, and the whole private email server matter, there was an exponentially larger threat to national security. Classified material and our people’s lives were put at risk in Benghazi. The innermost, most-sensitive workings of American foreign policy were basically put on display to WHOMEVER when that private email server went live in the Clinton powder room.
All of that earned a big yawn. But THIS George Soros-Saul Alinsky inspired Russian hacker nonsense to perpetuate some last minute chaos and de-legitimize the incoming president is sucking up all of the oxygen and sicker than sick.
The election is OVER. For the good of the country, just STOP.