Are 'Russian Hacks' the New 'WMDs'?

No matter what faceless spooks assure us, it's far from clear the Russian government directed the leaks of the DNC or John Podesta emails.



The Russians have hacked our democracy! At least, that's been the chorus from much of the American media following anonymous reports on a secretive CIA assessment of the 2016 presidential election. Even President Obama has started to beat the drums of "cyberwar," announcing last Friday that the U.S. must "take action" against the Russian government for "impacting the integrity of our elections." This is some tough talk given the very tenuous evidence offered so far about Russia's alleged influence.

Obviously, it is crucial that America maintain a fair electoral process—flawed though "democracy" may be—and the prospect of a foreign power deliberately sabotaging this can strike a primal fear in Americans' hearts. Yet this kind of mass anxiety can also be opportunistically stoked by government operatives to further their own agendas, as history has demonstrated time and again. Responsible Americans must therefore approach claims made by unnamed intelligence officials—and the muddying media spin on them—with clear eyes and cool heads. And we must demand that these extraordinary claims be backed by appropriate evidence, lest we allow ourselves to be lead into another CIA-driven foreign fiasco.

So, let's start by separating reporting from spin. What, exactly, is being claimed here?

Back in October, the Obama administration publicly accused the Russian government of hacking into American political organizations in order to influence the presidential election. In early December, The Washington Post went a step further, reporting on a secret CIA assessment that Russia intervened specifically to help Donald Trump win. Citing only anonymous "officials briefed on the matter," the Post wrote that "individuals with connections to the Russian government" provided Wikileaks with the Democratic National Committee (DNC) and John Podesta emails, exposing the party's sordid underbelly to the world. The next week, another gaggle of unnamed intelligence officials would tell NBC News that the rascally Vladimir Putin personally directed the hacks.

Later reports scaled back some of these claims. Reuters, for instance, cited more unnamed intelligence officials who claimed that other intelligence bodies dispute the CIA's conclusions. Russia might have hacked us, they think, but we can't know that it was specifically to help Donald Trump. Then The Washington Post rustled up yet another batch of unnamed officials, who cited an internal memo from CIA Director John Brennan claiming that FBI Director James Comey is on the same page.

Neither the FBI nor the CIA has publicly commented upon such stories, and they refuse to brief congressional intelligence panels on the hacks. Meanwhile, Wikileaks Editor-in-Chief Julian Assange broke the site's longstanding prohibition against discussing sources to deny that Wikileaks received the explosive leaks from the Russian government.

There are quite a few problems with the claims made by this veritable army of unnamed intelligence agents, as we'll soon discuss. And media commentators often confused the situation further with muddying rhetoric and bombastic leaps of logic. Somewhere along the way, earlier campaign paranoia that Russia could hack into voting machines morphed into the rhetorically useful but epistemologically questionable soundbite that "Russia hacked our election."

Consider the Clinton supporters. Rather than doing some soul-searching about their candidate's revealed corruption and amazing tone-deafness to the concerns of the American working class, these petty partisans prefer to just blame Putin instead. Indeed, Clinton herself took to the podium to declare that the Russian president "has a personal beef" with her.

The vague assertions of the secret CIA memorandum have been repeated so assuredly and emphatically as to sometimes echo the jingoistic lead-up to the disastrous Iraq War. Keith Olbermann provided perhaps the most comical contribution to the new Russian scare, crawling out from under his American flag blankie to rave that "we are the victims of a bloodless coup engineered by Russia." Other commentators were not quite so colorful, yet they largely uncritically repeated the CIA narrative that Russia "hacked the election" to secure a Trump victory. And this kind of hyperbole was not limited to the press: the White House went so far as to accuse the president-elect of knowingly benefiting from Russia's assistance.

The Trump camp, obviously, vigorously denied such insinuations.

We might expect them to do so even if the evidence was solidly against them, but in this case, the notorious difficulty of hack attribution indeed plays to their favor. In computer forensics, it is extremely hard to conclusively "prove" who is responsible for a particular hack, unless you actually catch them in the act. There are many ways that hackers can conceal their digital tracks or make it appear as if someone else was responsible for their cyber hijinx, making attribution more of an art of guesswork than a science of established facts.

In terms of the CIA's claims, the guesswork is tenuous indeed. The idea that Russia was behind the DNC hacks started this summer when the DNC hired a private security firm called Crowdstrike to investigate the breach. In a public blog post about the investigation, Crowdstrike wrote that the hacks involved "two separate Russian intelligence-affiliated adversaries," which it identified based on the use of two spying techniques, or "advanced persistent threats" (APTs), that were already known to researchers. APT 28, or "Fancy Bear," is thought to be affiliated with a Russian intelligence unit called the GRU, which breached the DNC network in April 2016. APT 29, or "Cozy Bear," is thought to work with a separate Russian intelligence body called the FSB; the FSB is believed to have hacked the DNC back in 2015.

In October, another security firm, SecureWorks, investigated the hack of Clinton Campaign Chairman John Podesta's email account. The phishing email that fooled Podesta into granting hackers access to his account is, amusingly, present in the leaked email cache. SecureWorks believes the link Podesta clicked on, leading to a fake Google log-in page, was also the work of Cozy Bear.

In other words, these security researchers say the DNC and Podesta hackers used methods thought to have been used previously by groups suspected to be linked to Russian intelligence agencies in the past.

Maybe the Russian government did direct or help these groups this time around. But maybe, as security researcher Jeffrey Carr has suggested, patriotic Russian hackers undertook these missions with no aid or urging from their government at all. It's also possible that other foreign intelligence agencies used tools associated with Russia to throw the scent off their own trail(s), which has been done in the past.

Or perhaps these particular, detected breaches have nothing to do with the public email leaks at all. Groups backed by the Russian government, Russian "patriots," or non-Russian actors—perhaps all three—may have used Cozy Bear or Fancy Bear methods to access the DNC and Podesta emails (for whatever reasons) and yet still not be the ones responsible for sharing them with Wikileaks. Some suspect that the DNC leaks were actually the work of a Democrat insider, a theory that seems to be invited by Julian Assange's bounty for information on the suspicious death of DNC staffer Seth Rich.

The point is that regardless of what a sea of faceless spooks may assure us, it's far from clear that the Russian government directed the leaks of the DNC or John Podesta emails. It's easy to see why the Russian government might want to do so, but it's much harder to establish whether they truly did.

And while one normally expects responsible government bodies to stay mum with the delicate geopolitical accusations of aggression until the case is watertight, it's also easy to see why American groups involved in the hacks might be quick to cast blame on a nation-state actor. When you have been as embarrassed as the DNC and Clinton campaign have been, you don't want to leave yourself open to speculation that your security was so weak that any "400-pound" hacker could get in. No, you want to blame a powerful foreign government. Plus, in terms of international law, governments only have recourse against other governments, not private groups.

The US intelligence community could have some incontrovertible proof that the Russian government leaked information to help Donald Trump win the presidency. But if they do, it is hard to understand exactly why they have not made it public by now. It can't be that they fear unnecessarily antagonizing foreign governments or spooking the American public—they've already done that handily. But better late than never. Flaunt it if you've got it, US intelligence community!

In the meantime, however, the American public should think carefully about precisely what U.S. intelligence agencies are claiming. The core of their accusations is not that foreign hacking physically endangered Americans or compromised connected systems: It is that powerful politicians were embarrassed, and perhaps politically harmed, when their own internal dealings were made public. Perhaps we should spend more time examining such domestic threats to our democracy, and stop allowing ourselves to be rallied against foreign ghosts that distract us from these vital conversations.