Friday, 6 January 2017

"Russian hacking"

The "Russian Hacking" Story Changes Again
5 January, 2017

Today at 9:30 am, senior U.S. intelligence officials face questions at a Senate hearing that will be dominated by the intelligence community's assessment that Russia meddled in the presidential election to help Donald Trump win. Participating will be James R. Clapper, Jr., Director Of National Intelligence. Marcel J. Lettre II, Under Secretary Of Defense For Intelligence and Admiral Michael S. Rogers, USN, Commander, United States Cyber Command.

The Armed Services Committee's cyber threats hearing on Thursday comes a day before the president-elect is to be briefed by the CIA and FBI directors — along with the director of national intelligence — on the investigation into Russia's alleged hacking efforts. Trump has been deeply critical of their findings, even appearing to back controversial WikiLeaks founder Julian Assange's contention that Russia did not provide him with hacked Democratic emails.

The committee's session is the first in a series aimed at investigating purported Russian cyber-attacks against U.S. interests and developing defenses sturdy enough to blunt future intrusions. "We will obviously be talking about the hacking, but the main thing is the whole issue of cybersecurity," the committee's Republican chairman, Sen. John McCain of Arizona, said ahead of the hearing. "Right now we have no policy, no strategy to counter cyberattacks."

More importantly, however, the hearing comes hours after Reuters reported overnight that U.S. intelligence agencies obtained what they considered to be conclusive evidence after the November election that Russia provided hacked material from the Democratic National Committee to WikiLeaks. However, in the latest change of the narrative, this time the allegation is that Russia provided the hacked data through a third party, three U.S. officials said on Wednesday.

Wikieaks was quick to highlight that according to the report, US officials admitted that the Wikileaks "source" was not Russia, and that the goal posts now shifted to the source's source:

Reuters: Anon US officials admit that WikiLeaks "source" is not Russia. Now shifts goal posts to source's source.

In keeping with the theme of providing no proof to the general public, the officials declined to describe the intelligence obtained about the involvement of a third-party in passing on leaked material to WikiLeaks, saying they did not want to reveal how the U.S. government had obtained the information. So just trust them, please.

The shift in the narrative is curious because as a reminder, officials had concluded "months earlier" that Russian intelligence agencies had directed the hacking, but had been less certain that they could prove Russia also had controlled the release of information damaging to Democratic presidential candidate Hillary Clinton. It now appears that along with lack of evidence, the attention has shifted to an "intermediary" as being the responsible party .

In an interview with Fox News, WikiLeaks founder Julian Assange said he did not receive emails stolen from the DNC and top Hillary Clinton aide John Podesta from "a state party." Assange did not rule out the possibility that he got the material from a third party.

Trump on Wednesday sided with Assange and again questioned the U.S. intelligence community's conclusion that Russia tried to help his candidacy and hurt Clinton's.

Concern by U.S. officials over the hacking first spiked in August, when intelligence agencies concluded that Russian intelligence, with the direction of President Vladimir Putin, had been trying to disrupt and discredit the presidential and congressional elections. Obama in August rejected recommendations from some of his advisors to disclose the Russian link and take some limited covert action as "a shot across Putin's bow to knock it off," one official with knowledge of the matter said. Instead, Obama warned Putin privately, arguing that a similar private message to Chinese President Xi Jinping had reduced Chinese hacking into U.S. agencies and companies.

Ultimately, the additional intelligence informed U.S. President Barack Obama's decision to retaliate on Dec. 29 by expelling 35 suspected Russian spies and sanctioning two Russian spy agencies, four intelligence officers and three companies, a decision that capped four months of debate at the White House about how to respond.

So far not a shred of evidence has been provided confirming the Kremlin's involvement in the matter, aside from some Ukrainian malware code exposed in a 13-page joint DHS/FBI report which could be purchased by anyone online.

What is going on?’ Trump wonders why FBI never requested access to the DNC’s ‘hacked servers’

© Sigtryggur Ari / Reuters

5 January, 2017

Amid an avalanche of self-replicating reports of “Russian hacking”, Donald Trump has questioned how the task of checking whether the DNC’s servers were indeed breached was outsourced by the FBI to a third party.
The Democratic National Committee would not allow the FBI to study or see its computers info after it was supposedly hacked by Russia,” President-elect tweeted after the DNC reportedly confirmed that the bureau failed to send their own staff to check the servers.

So how and why are they so sure about hacking if they never even requested an examination of the computer servers? What is going on?,” the next US president asked.

The Democratic National Committee would not allow the FBI to study or see its computer info after it was supposedly hacked by Russia......

Trump’s concerns were voiced the same day the Director of National Intelligence, James Clapper, defended the US intelligence assessment that Russian agents interfered in the US election.

Clapper stopped short of declaring the DNC server hacking an “act of war,” as he told the Senate Armed Services Committee that Russia had stepped up its cyber espionage operations.

Commenting on Clapper’s testimony, John McAfee, the founder of McAfee antivirus software, told RT that Clapper engaged in the “most deceptive propaganda” that was ever delivered to the American public. McAfee added, “our intelligence community is so ignorant and naive that they should all be replaced.”
While a redacted intelligence report on the alleged Russian spying activity will be released to the public next week, a joint “informational purposes only” report by the FBI and Homeland Security was released last week. The widely- publicized glitzy titled ‘GRIZZLY STEPPE – Russian Malicious Cyber Activity’ report, was used by President Obama as the basis to expel Russian diplomats and for Clapper to defend his allegations of Russian meddling.

But at the time when the hacking scandal is gaining hysteric proportions in the US, the DNC’s deputy communications director revealed that the US intelligence community never bothered to check or conduct forensic analysis on the DNC server which was allegedly hacked by the Russians.

The DNC had several meetings with representatives of the FBI’s Cyber Division and its Washington (DC) Field Office, the Department of Justice’s National Security Division, and US Attorney’s Offices, and it responded to a variety of requests for cooperation, but the FBI never requested access to the DNC’s computer servers,” Eric Walker, the DNC’s deputy communications director, told BuzzFeed News in an email.

Instead, the FBI outsourced the computer forensics analysis to IT security company CrowdStrike which first pointed the finger at Moscow in May.

CrowdStrike is pretty good. There’s no reason to believe that anything that they have concluded is not accurate,” one intelligence official told BuzzFeed, insisting that the company was “confident” Russia was behind the hacks.

Beginning at the time the intrusion was discovered by the DNC, the DNC cooperated fully with the FBI and its investigation, providing access to all of the information uncovered by CrowdStrike ― without any limits,” Walker added.
Three cyber security firms questioned by BuzzFeed confirmed it would be “par for the course” for the FBI to conduct their own forensic research into the alleged hacks, but this time for some reason, that task was outsourced.
The US president-elect also criticized the US intelligence agencies assessment of the DNC information security fiasco. Trump has joined a large, growing chorus of security experts which have questioned the lack of factual intelligence in the 13-page report designed to point finger at Moscow.

McAfee explained to RT that the 29 December report is based on four so-called pillars: a Russian language was found in the malware allegedly used to hack DNC server, a Russian keyboard was used to penetrate US systems, the malicious code was compiled at a time that corresponded with business hours in Moscow and the IP addresses were Russian.

If the CIA wanted to hack Russia, the things you would not do is: you would not include the English language in your software…you would certainly remove the date and time stamp from the program…and number four, you would absolutely not have an IP address that points to you,” the security specialist explained, speaking metaphorically.

And here is why it cannot possibly be an organized nation-state: because the hack on the DNC used a piece of malware a year and a half old and there have been many updates since then,” McAfee said.“This was done by an independent one person kid that downloaded the software… Please, this is not an organized hack and certainly not a nation-state that did this.”
Robert M. Lee, the CEO and Founder of the critical infrastructure cybersecurity company Dragos, produced a large detailed critique of the initial Grizzly Steppe report. In particular, security specialist questions the list on page 4 of the report which has a table titled 'Reported Russian Military and Civilian Intelligence Services (RIS)'.

The list of reported RIS names includes relevant and specific names such as campaign names, more general and often unrelated malware family names, and extremely broad and non-descriptive classification of capabilities,” Lee explained after examining the 13-page report.
It was a mixing of data types that didn’t meet any objective in the report and only added confusion as to whether the DHS/FBI knows what they are doing or if they are instead just telling teams in the government 'contribute anything you have that has been affiliated with Russian activity,” he added in his in-depth explanation.
William Binney, an NSA security expert for 36 years, also questioned the US intelligence community’s rhetoric.

With respect to the alleged interference by Russia and WikiLeaks in the US election, it is a major mystery why US intelligence feels it must rely on ‘circumstantial evidence,’ when it has NSA’s vacuum cleaner sucking up hard evidence galore,” Binney said in Thursday's op-edge in the Baltimore Sun. “What we know of NSA's capabilities shows that the email disclosures were from leaking, not hacking.”

Russia 'poses major threat' to US, intelligence officials tell Senate hearing on hacking

The intelligence community is expected to release a declassified report to the public on Monday

5 January, 2016

US intelligence officials have told Congress that Russia is a “full-scope actor” that poses a “major threat” to the United States, as President-elect Donald Trump continues to cast doubt on their conclusion that the Kremlin hacked the Democratic Party to try to influence the presidential election.

Top officials appeared on Capitol Hill on Thursday morning before the Senate Armed Services Committee hearing on “Foreign Cyber Threats to the United States”, chaired by Sen John McCain.

Mr Trump has been critical of the intelligence community’s assessment since it became public in December. In fact, he aligned himself with Wikileaks founder Julian Assange, who published the contents of the Democratic National Committee hack, followed by emails from Clinton campaign chair John Podesta in the final months of the election.

Russia is a full-scope cyber actor that poses a major threat to US government, military, diplomatic, commercial, and critical infrastructure,” US intelligence chiefs said in a joint statement.

Director of National Intelligence James Clapper expanded on the scope of the “multifaceted campaign” against the US by Russia. He later added that there were “multiple motives” for the cyber-attack.

The hacking was only one part of it,” he said. “It also entailed classical propaganda, disinformation and fake news.”

Mr Clapper added: “We have no way of gauging the impact ... it had on the choices the American electorate made. Whether or not that constitutes an act of war is a very heavy policy call that I don’t believe the intelligence community should make.”

Officials are expected to release a declassified report of their findings to the public on Monday. Mr Obama ordered the full report last month for delivery before he leaves office on 20 January.

The hearing comes a week after President Barack Obama announced sanctions on two Russian intelligence agencies and expelled 35 Russian diplomats.

Trump’s advisor suggests Obama’s sanctions against Russia are to ‘box in’ the incoming President

According to Mr Clapper, the sanctions were a “consensus inter-agency view”.

The hearing marks an ongoing rift between Mr Trump and intelligence officials, whom he has attempted to discredit via Twitter since the December assessment alleging Russia’s involvement in the election hacks. He watered down some of his criticism of the agencies on Thursday morning, however, asserting that he is a “big fan” of “intelligence”.

Mr Assange has accused the Obama administration of attempting to “delegitimise” Mr Trump ahead of the inauguration.

They are trying to say that President-elect Trump is not a legitimate President,” Mr Assange told Fox News on Tuesday.

During the interview, he denied Russia’s involvement in their obtaining the hacked documents.

We can say, we have said, repeatedly that over the last two months that our source is not the Russian government and it is not a state party,” he said

No comments:

Post a Comment