2008 December: President Obama nominates Hillary Clinton for secretary of state. 2009 Jan. 13: Reports say the clintonemail.com domain was established. Jan. 21: Senate confirms Clinton as secretary of state. March 18: Clinton will later name this as the date she began using a private server for government business. 2012 Sept. 11: Islamic extremists launch […]
Above Image: The Kremlin, the Russian government’s power center
There’s no standing allegation by U.S. officials that the Russians (or anyone else) “hacked” into our elections system or altered vote counts.
So what are the allegations and facts as we know them?
The FBI and DHS released a brief joint report Thursday describing “Russian Malicious Cyber Activity.” It doesn’t include forensic proof of Russian government involvement in hacking efforts, but the administration is rushing a detailed, classified report to be delivered, at President Obama’s request, prior to President Trump taking office January 20.
The joint report can be summarized this way:
- The U.S. believes two hacking groups tied to the Russian government are involved.
- The U.S. has nicknamed the hacking groups “APT28” or “Fancy Bear,” and “APT29” or “Cozy Bear.” APT stands for “Advanced Persistent Threat.”
- The U.S. believes the GRU, Russia’s military service, is behind APT28.
- The U.S. believes the FSB, Russia’s counterintelligence agency headquartered in the building of the former KGB, is behind APT29.
- The U.S. believes the groups accessed “a political party” by sending emails that tricked users into clicking links that planted malware or directed them to Russian servers.
- The U.S. believes APT29 entered into “the party’s systems” in summer 2015, and APT28 in spring 2016.
- The U.S. believes APT28 provided the stolen emails to WikiLeaks, which WikiLeaks denies.
Most of the 13-page joint report provides advice on how to secure computer networks.
Eight Facts on the Hacks
1. The claim that the “election was hacked” is a bit of a misnomer. There’s no standing allegation by U.S. officials that the Russians (or anyone else) “hacked” into our elections system or altered vote counts. Instead, U.S. officials allege hackers connected to the government of Russian President Vladimir Putin, under his direction, stole internal emails from the Democratic National Committee (DNC) and Hillary campaign chairman John Podesta and provided them to WikiLeaks. (However, the U.S. joint report issued Thursday doesn’t mention the DNC, Podesta or WikiLeaks by name.)
2. U.S. officials have not alleged that anyone falsified the emails provided to WikiLeaks.
3. U.S. intel officials have named the Russian hacking campaign “Grizzly Steppe.”
4. It seems a difficult task to prove the hacks somehow “affected the election” or “helped Donald Trump win.” For example:
- One would have to show that tens of thousands of Trump voters were planning to vote for Clinton but changed their mind based solely on the WikiLeaks emails.
- One would have to believe the emails somehow managed to only affect the electoral vote but not the popular vote (which Clinton won).
- One would have to believe the emails somehow selectively swayed voters in key swing states, but not voters in states where Clinton won.
5. WikiLeaks disputes the U.S. assessment blaming Russia for the DNC leaks. WikiLeaks founder Julian Assange says: “Our source is not the Russian government… We have U.S. intelligence saying that say they know how we got our stuff and when we got it, and us saying we didn’t get it from a state.” Former British ambassador Craig Murray backs up Assange’s version: “I know who leaked them. I’ve met the person who leaked them, and they are certainly not Russian and it’s an insider. It’s a leak, not a hack; the two are different things.”
6. The private cyber firm Crowd Strike had already determined last June that Russian agencies were behind the DNC cyberattacks.
7. There have been many serious cyberattacks reported against U.S. government institutions, but no comparable news coverage or announced U.S. retaliatory measures. For example:
- In 2015, Russian hackers attacked the State Department email system in what was called the “worst ever” cyberattack against a federal agency.
- Also in 2015, the U.S. Office of Personnel Management reported 5.6 million Americans’ fingerprints were stolen in a malicious cyberattack.
- The GAO reports that between 2006 and 2015, the number of cyberattacks climbed 1,300 percent — from 5,500 to over 77,000 a year at 24 federal agencies.
- Last March, China government hackers continued a malicious pattern of cyber attacks on U.S. government and private networks, according to U.S. Cyber Command chief Mike Rogers. China has been linked by U.S. intelligence agencies to wide-ranging cyber attacks aimed at stealing information and mapping critical computer networks for future attacks in a crisis or conflict.
Despite the Chinese hacking activity, the Obama administration has taken no action against China for years of large-scale cyber attacks that officials say have cost the nation billions of dollars in stolen intellectual property and compromised networks.
Additionally, there have been no publicly-known retaliatory actions taken by the U.S. for hostile, non-cyber foreign threats such as Chinese fighter jets buzzing U.S. warships and spy planes, and Iran detaining 10 U.S. sailors. (However, the U.S. punished the sailors.)
8. The New York Times recently quoted anonymous U.S. officials who said they concluded Russians hacked the Republican National Committee (RNC), but did not release the information to WikiLeaks, proving that the intent was to help Trump. However, the RNC states that its network systems were not successfully hacked. The Times also anonymously quoted a senior government official who said attempts to penetrate the RNC were not successful.
Watch my weekly Sunday TV program Full Measure.