Are 'Russian Hacks' the New 'WMDs'?

No matter what faceless spooks assure us, it's far from clear the Russian government directed the leaks of the DNC or John Podesta emails.



The Russians have hacked our democracy! At least, that's been the chorus from much of the American media following anonymous reports on a secretive CIA assessment of the 2016 presidential election. Even President Obama has started to beat the drums of "cyberwar," announcing last Friday that the U.S. must "take action" against the Russian government for "impacting the integrity of our elections." This is some tough talk given the very tenuous evidence offered so far about Russia's alleged influence.

Obviously, it is crucial that America maintain a fair electoral process—flawed though "democracy" may be—and the prospect of a foreign power deliberately sabotaging this can strike a primal fear in Americans' hearts. Yet this kind of mass anxiety can also be opportunistically stoked by government operatives to further their own agendas, as history has demonstrated time and again. Responsible Americans must therefore approach claims made by unnamed intelligence officials—and the muddying media spin on them—with clear eyes and cool heads. And we must demand that these extraordinary claims be backed by appropriate evidence, lest we allow ourselves to be lead into another CIA-driven foreign fiasco.

So, let's start by separating reporting from spin. What, exactly, is being claimed here?

Back in October, the Obama administration publicly accused the Russian government of hacking into American political organizations in order to influence the presidential election. In early December, The Washington Post went a step further, reporting on a secret CIA assessment that Russia intervened specifically to help Donald Trump win. Citing only anonymous "officials briefed on the matter," the Post wrote that "individuals with connections to the Russian government" provided Wikileaks with the Democratic National Committee (DNC) and John Podesta emails, exposing the party's sordid underbelly to the world. The next week, another gaggle of unnamed intelligence officials would tell NBC News that the rascally Vladimir Putin personally directed the hacks.

Later reports scaled back some of these claims. Reuters, for instance, cited more unnamed intelligence officials who claimed that other intelligence bodies dispute the CIA's conclusions. Russia might have hacked us, they think, but we can't know that it was specifically to help Donald Trump. Then The Washington Post rustled up yet another batch of unnamed officials, who cited an internal memo from CIA Director John Brennan claiming that FBI Director James Comey is on the same page.

Neither the FBI nor the CIA has publicly commented upon such stories, and they refuse to brief congressional intelligence panels on the hacks. Meanwhile, Wikileaks Editor-in-Chief Julian Assange broke the site's longstanding prohibition against discussing sources to deny that Wikileaks received the explosive leaks from the Russian government.

There are quite a few problems with the claims made by this veritable army of unnamed intelligence agents, as we'll soon discuss. And media commentators often confused the situation further with muddying rhetoric and bombastic leaps of logic. Somewhere along the way, earlier campaign paranoia that Russia could hack into voting machines morphed into the rhetorically useful but epistemologically questionable soundbite that "Russia hacked our election."

Consider the Clinton supporters. Rather than doing some soul-searching about their candidate's revealed corruption and amazing tone-deafness to the concerns of the American working class, these petty partisans prefer to just blame Putin instead. Indeed, Clinton herself took to the podium to declare that the Russian president "has a personal beef" with her.

The vague assertions of the secret CIA memorandum have been repeated so assuredly and emphatically as to sometimes echo the jingoistic lead-up to the disastrous Iraq War. Keith Olbermann provided perhaps the most comical contribution to the new Russian scare, crawling out from under his American flag blankie to rave that "we are the victims of a bloodless coup engineered by Russia." Other commentators were not quite so colorful, yet they largely uncritically repeated the CIA narrative that Russia "hacked the election" to secure a Trump victory. And this kind of hyperbole was not limited to the press: the White House went so far as to accuse the president-elect of knowingly benefiting from Russia's assistance.

The Trump camp, obviously, vigorously denied such insinuations.

We might expect them to do so even if the evidence was solidly against them, but in this case, the notorious difficulty of hack attribution indeed plays to their favor. In computer forensics, it is extremely hard to conclusively "prove" who is responsible for a particular hack, unless you actually catch them in the act. There are many ways that hackers can conceal their digital tracks or make it appear as if someone else was responsible for their cyber hijinx, making attribution more of an art of guesswork than a science of established facts.

In terms of the CIA's claims, the guesswork is tenuous indeed. The idea that Russia was behind the DNC hacks started this summer when the DNC hired a private security firm called Crowdstrike to investigate the breach. In a public blog post about the investigation, Crowdstrike wrote that the hacks involved "two separate Russian intelligence-affiliated adversaries," which it identified based on the use of two spying techniques, or "advanced persistent threats" (APTs), that were already known to researchers. APT 28, or "Fancy Bear," is thought to be affiliated with a Russian intelligence unit called the GRU, which breached the DNC network in April 2016. APT 29, or "Cozy Bear," is thought to work with a separate Russian intelligence body called the FSB; the FSB is believed to have hacked the DNC back in 2015.

In October, another security firm, SecureWorks, investigated the hack of Clinton Campaign Chairman John Podesta's email account. The phishing email that fooled Podesta into granting hackers access to his account is, amusingly, present in the leaked email cache. SecureWorks believes the link Podesta clicked on, leading to a fake Google log-in page, was also the work of Cozy Bear.

In other words, these security researchers say the DNC and Podesta hackers used methods thought to have been used previously by groups suspected to be linked to Russian intelligence agencies in the past.

Maybe the Russian government did direct or help these groups this time around. But maybe, as security researcher Jeffrey Carr has suggested, patriotic Russian hackers undertook these missions with no aid or urging from their government at all. It's also possible that other foreign intelligence agencies used tools associated with Russia to throw the scent off their own trail(s), which has been done in the past.

Or perhaps these particular, detected breaches have nothing to do with the public email leaks at all. Groups backed by the Russian government, Russian "patriots," or non-Russian actors—perhaps all three—may have used Cozy Bear or Fancy Bear methods to access the DNC and Podesta emails (for whatever reasons) and yet still not be the ones responsible for sharing them with Wikileaks. Some suspect that the DNC leaks were actually the work of a Democrat insider, a theory that seems to be invited by Julian Assange's bounty for information on the suspicious death of DNC staffer Seth Rich.

The point is that regardless of what a sea of faceless spooks may assure us, it's far from clear that the Russian government directed the leaks of the DNC or John Podesta emails. It's easy to see why the Russian government might want to do so, but it's much harder to establish whether they truly did.

And while one normally expects responsible government bodies to stay mum with the delicate geopolitical accusations of aggression until the case is watertight, it's also easy to see why American groups involved in the hacks might be quick to cast blame on a nation-state actor. When you have been as embarrassed as the DNC and Clinton campaign have been, you don't want to leave yourself open to speculation that your security was so weak that any "400-pound" hacker could get in. No, you want to blame a powerful foreign government. Plus, in terms of international law, governments only have recourse against other governments, not private groups.

The US intelligence community could have some incontrovertible proof that the Russian government leaked information to help Donald Trump win the presidency. But if they do, it is hard to understand exactly why they have not made it public by now. It can't be that they fear unnecessarily antagonizing foreign governments or spooking the American public—they've already done that handily. But better late than never. Flaunt it if you've got it, US intelligence community!

In the meantime, however, the American public should think carefully about precisely what U.S. intelligence agencies are claiming. The core of their accusations is not that foreign hacking physically endangered Americans or compromised connected systems: It is that powerful politicians were embarrassed, and perhaps politically harmed, when their own internal dealings were made public. Perhaps we should spend more time examining such domestic threats to our democracy, and stop allowing ourselves to be rallied against foreign ghosts that distract us from these vital conversations.

NEXT: School Choice Can Help LGBT Students Deal with Hostile Environments

Editor's Note: We invite comments and request that they be civil and on-topic. We do not moderate or assume any responsibility for comments, which are owned by the readers who post them. Comments do not represent the views of or Reason Foundation. We reserve the right to delete any comment for any reason at any time. Report abuses.

  1. I think they just chide Russia to be the villain in thier fantasy because they know the right used to despise Russia. Sort of like “look Trump loves people you hate.”

    They’re so fucking stupid they can’t put together that Russia was despised because of communism, and their desire to spread it. Once communism fell Russia was just a failed state with strongman leader, making them about the same as a dozen other countries.

    1. Chose not chide

      1. Sour cream and chide?

          1. *narrows and gaze*

            You misspelled Gaza.

        1. More like sour grapes and chide

  2. When you have been as embarrassed as the DNC and Clinton campaign have been, you don’t want to leave yourself open to speculation that your security was so weak that any “400-pound” hacker could get in.

    Yeah, that’s not it. The idea was to de-legitimatize the loss and the ensuing Trump presidency. He can do that all by himself, DNC and their newsmedia stenographers, thank you very much.

  3. Those suggesting that we should start a cyber war with Russia had better think it through. Don’t assume that the Russians can’t hit back.

  4. Are ‘Russian Hacks’ the New ‘WMDs’?

    Ne net Gospozha O’Sullivan (byl Castillo)! Nikogda net “HACK” SShA! Pravda eshhjo!

    Oops! What I mean is…. aww crap. Now my handlers are sure to liquidate me…

    1. Da. And since Trump prevailed in yesterday’s votes, the DNC can now hang a Mission Accomplished banner over the electoral college.

  5. +1 Moose and Squirrel

  6. Does the CIA still think Russia has a booming economy like they did in the 70s and 80s?

  7. Nice exposition, Andrea.

    Obama has started to beat the drums of “cyberwar,”

    What could *possibly* go wrong?

    “You can’t touch a keyboard if you’re dead.”

    1. “You can’t touch a keyboard if you’re dead.”

      Sure you can – if you are slumped over it…

      1. +1 “Got me on a technicality”

        1. But is that “you”, or the lump of meat and bone and tissue that used to be “you”?

  8. OT, mostly: somehow I’m getting a dead-tree issue of the Atlantic magazine every month, I don’t know why. Anyway, on the last page is always a questions to experts and readers. This month’s question was “who is the most evil ruler in history” or something to that effect. G.H.W. Bush made the list. G. W. Bush made the list. There was not a single Leftist on the list. No Fidel, no Mao, no Stalin.

    1. How out of touch fucking deranged lefty do you have to be to leave out the two most malignant killers of human beings to ever walk the Earth?!??

      Which goes to show you. If these lefties could put us against the wall they would.

    2. The Atlantic used to be halfway decent.

    3. I can see how an unhinged lefty would put George W Bush on the list. It’s ridiculous, but I can see it happening.

      What kind of twisted logic was used to put George HW Bush on the list?

      1. Can’t remember, can’t find my hard copy, and can’t find the piece on their website. Sorry.

        OBTW, none of the three Kim Jongs were on the list, either.

        1. Here is the link.

          The “big question” is who is the worst leader of all time. Even without a universally agreed upon definition of “worst” it is a poorly thought out set of responses but George H.W. Bush is not on the list.

          1. Thanks for the correction. Guess I was thinking of Reagan.

    4. Do the what the fuck!?!?!?!?

  9. So let’s take inventory of the current beliefs on the left:

    1. Russia is the enemy.
    2. We need to do moar war.
    3. The surveillance state is a great thing.
    4. The CIA is a noble organization.
    5. Everyone must be identified with their racial group and act according to stereotype.

    Mike has transmuted to Archie.

    1. The Evolution of Meathead

      1. narrows (((gaze)))

    2. Add that Trump is a Russian agent and you have the John Birch Society 2.0

  10. “We must demand that these extraordinary claims be backed by appropriate evidence, lest we allow ourselves to be lead into another CIA-driven foreign fiasco.”

    The parallel to WMD in Iraq is NOT that we need evidence of WMD before we invade.

    We do NOT need evidence if the evidence in question is not pertinent to the question at hand. And the question of whether we should invade Iraq was never dependent on the question of whether Iraq had WMD. Invading Iraq was a bad idea regardless of whether Iraq had WMD.

    Bush was wrong to make those two different questions the same question. This was demonstrated by the fact that it was not in the best interests of the United States to invade Syria over Obama’s red line despite the fact that Assad had WMD.

    The parallel to Russian hacking is, likewise, that whether the Russians hacked servers and gave the data to Wikileaks is NOT pertinent to the question of whether Donald Trump won the election. Donald Trump won the election regardless of whether the Russian hackers gave information to Wikileaks, and evidence of extraordinary claims is not requires when the evidence is not pertinent to the question at hand.

    Stop helping Obama conflate two separate questions in people’s minds.

    1. “And the question of whether we should invade Iraq was never dependent on the question of whether Iraq had WMD.”

      I disagree. Invading countries with WMDs sounds like a bad idea to me.

      1. The understanding among the American people at the time we invaded Iraq was that Saddam Hussein had participated in the anthrax attack.

        The fact that wasn’t true was out there, but few people were aware of it.

        “WASHINGTON (AP) ? Nearly seven in 10 Americans believe it is likely that ousted Iraqi leader Saddam Hussein was personally involved in the Sept. 11 attacks, says a poll out almost two years after the terrorists’ strike against this country.

        Sixty-nine percent in a Washington Post poll published Saturday said they believe it is likely the Iraqi leader was personally involved in the attacks carried out by al-Qaeda. A majority of Democrats, Republicans and independents believe it’s likely Saddam was involved.…..iraq_x.htm

        That poll was taken six months after we invaded Iraq.

        At the time we invaded, arguing with people about the war was about disabusing them of the notion that Al Qaeda and Saddam Hussein were collaborating. The purpose of Al Qaeda was to overthrow U.S. backed dictators–like Saddam Hussein had been, like the House of Saud, especially. But President Bush was going around making the claim. It was a lie.

        Regardless, the question of invading Iraq should have always been about the costs and benefits to the United States–not whether Saddam had WMD.

  11. This is going to be the new birtherism isn’t it? The Dems will still be pulling up the issue months from now, and unlike actual birtherism where the media ridiculed and minimized it they will be fully compliant this time around.

    Illegitimate President 2.0!

  12. “If the gloves don’t fit, you must acquit.”


    The victims’ blood was all over the floor mats in his Bronco and on the bottom of his shoes!

    Whether OJ ordered gloves that don’t fit is irrelevant.

    Likewise, relative to the question of whether Trump won the election, it does not matter whether the Russians hacked the DNC server and gave the information to Wikileaks.

    If Donald Trump had lost the election and it were later proven that the “pussy grabbing” video was given to the media by Russian hackers, Hillary Clinton would still be the legitimate President of the United States.

    Whether Russian hackers gave anybody anything doesn’t have any bearing on who is the legitimate President.

    1. Just for the record, if I remember right, they did not find blood on the bottom of OJ shoes (other than the gloves, they never found any of OJ’s clothes he might have used). The did find blood in a shoe print who’s tread pattern matched an expensive brand (Bruno Magli?) OJ was known to wear in his shoe size.

      Also, I saw an add for a show on the OJ case asking whether he was innocent.

  13. Did anyone else have to look up the word “epistemologically”?

    1. Hell no.

      How we know what we know is important to a lot of libertarians.

      That we don’t talk about it more around here is probably because we’ve worn it out, like abortion or the question of whether Stalin was worse than Hitler.

  14. “And media commentators often confused the situation further with muddying rhetoric and bombastic leaps of logic. Somewhere along the way, earlier campaign paranoia that Russia could hack into voting machines morphed into the rhetorically useful but epistemologically questionable soundbite that ‘Russia hacked our election.'”

    Surely you don’t mean to imply that experienced, respectable members of respectable, mainstream news organizations have been propagating — dare I even speak its name — fake news? Haven Monahan personally assured me that only Alt-Right websites would stoop to such low conduct!

  15. When Russians get access to Hillary’s and Podesta’s email, that is Hillary’s and Podesta’s fault. It is their job to keep their email safe. Russians don’t have superpowers, they can only break into poorly maintained systems or through social engineering.

    And it’s the she thing that US intelligence agencies do to every foreign leader, friend or foe.

    In any case, WikiLeaks claims that the emails didn’t even come from Russia but from an inside leak.

  16. While I generally agree with the thrust of the article I have to object to the WMD reference. Reason seems to buy the narrative that there were no WMDs in Iraq, that Saddam was a blustering boy scout that Bush attacked to no reason, and so on and so on.

    OK, we didn’t find a fueled-up and in-the-countdown-process ICBM tipped with a functioning nuclear warhead in Iraq. We didn’t break into a clandestine Bioweapons lab just seconds before they were going to release weaponized smallpox on the world.

    We did find all kinds of delivery systems Saddam wasn’t supposed to have. We found lots of chem-weapon precursor chemicals, bio-research feedstock, heavily contaminated labs hidden all over the country, literally tons of yellowcake uranium (you know; the stuff that Saddam was supposedly NOT BUYING). When Saddam finally got caught, Q’daffy (or however he was spelling his ridiculous name when he snuffed it) sent us a message saying “I quit. Saddam and I were working on WMDs, but I want out. Don’t come after me, I’ll send you the stuff.” Which he did. Tons of it. And Bush left him alone, and then Obama didn’t. Tell me again how Bush is the warmonger of the two? Oh, and we found chemical weapons. Maybe old, but stuff Saddam wasn’t supposed to have and workable WMDs.

    There. Were. WMDs. In. Iraq.

    I know it doesn’t fit the Democrat narrative. Very little of reality fits the Democrat narrative. I’m more than a little annoyed to see Reason repeating the Democrat line on the subject.

    1. There’s also the reports of truck convoys heading into Syria(?). A country which, by coincidence, has conducted chemical weapons attacks.

      The “No WMDs in Iraq” trope has become Narrative, facts be damned. Remember: we were technically in a weird hot cease fire with Iraq, Saddam was a known supporter of terrorists, Saddam gave every impression that he had WMDs (probably in the belief that this provided some deterrence). In context, the call on whether we should go forward as if he had WMDs was a close one, and practically no one dissented from it at the time.

      1. I’ve thought for years that the real reason we invaded Iraq was likely that Saddam was technically at war with us, and if wee wanted whatever we did in Afghanistan to be taken seriously we have to deal with the Old Business first. If that’s true then either Bush never put that out there for the American Public or he did, kinda-sorta, and the Media didn’t transmit it because they detested Bush.

        Of course nobody much on any side seems to like MY position, which is that as soon as we had kicked Saddam’s government to flinders we should have packed up, told the Iraqis “Don’t piss us off anymore, or we’ll be back”, and gone home. The invasion wasn’t a mistake. ‘Nation Building’ – whatever the hell that means – was. If we aren’t going to stay and colonize, we have no business telling people how to govern themselves. We do have business visiting the consequences of annoying us on them if they choose badly. Saying “Oh, we shouldn’t go to war just because they are threatening us, they don’t know any better” is the kind of racism that makes me despise Progressives.

      2. It also seems to be what critics often substitute their own definition of WMDs for the one the government and the armistice used out of ignorance or to attack dishonestly.

  17. Whether it came from the Russians or not, I didn’t hear any denials of what got released. No one said “I didn’t say that.” Kind of like the criminal who isn’t sorry of what he did, but terribly sorry he got caught.

    No one’s even trying to say they weren’t the other current bogeyman, the “fake news” line. Nor did I hear any outrage over the couple of years of Trump’s tax returns being hacked and put out there.

    Face it, Democrats. You would have been hard pressed to find a candidate that couldn’t beat Trump, but you managed.

    1. You are wrong, Diane. Team Clinton did try to push the narrative that the released emails had been allegedly “doctored,” going so far as to enlist “experts” to assert that the emails “indisputably” had been altered. Turned out that the Clinton narrative was, alas, fake news.

  18. This article seems intentionally misleading. No one is claiming Putin was involved because of SecureWorks’ or Crowdstrike’s research, it’s because intelligence officials at some level may (probably do) know of evidence we don’t, and they shared their conclusions with journalists.

    “The US intelligence community could have some incontrovertible proof that the Russian government leaked information to help Donald Trump win the presidency. But if they do, it is hard to understand exactly why they have not made it public by now. It can’t be that they fear unnecessarily antagonizing foreign governments or spooking the American public?they’ve already done that handily.”

    This is assuming the people who leaked information are the ones who make decisions about when or if the agencies will make it public, or that those people in charge couldn’t have a reason to release information like this instead – maybe to hide their tactics or avoid the greater culpability of making the statements as official representatives.

    Be skeptical of politicians, “spooks” and confidential findings, but also be skeptical of lazy, contrarian ideas and writers.

  19. I Quit my office-job and now I am getting paid 99 USD hourly. How? I work over internet! My old work was making me miserable, so I was forced to try something different, 2 years after…I can say my life is changed-completely!

    Check it out what i do:===>

  20. of course the CIA would never use Russian methods to hack into a network in an attempt to hide the fact that it was a disgruntled dnc worker that leaked the documents in the first place

  21. it’s far from clear the Russian government directed the leaks of the DNC or John Podesta emails.

    Of course the Russians are hacking us. As are the Chinese. The Iranians. And of course, our own government.

    Meanwhile, Wikileaks Editor-in-Chief Julian Assange broke the site’s longstanding prohibition against discussing sources to deny that Wikileaks received the explosive leaks from the Russian government.

    The tell if a news story on Russian hacking of emails and undermining our elections is complete propaganda:
    do they fail to mention that Wikileaks openly and explicitly denies that they got their information from the Russians?

    1. Have I mentioned lately that I really hate the Lying Media?

      They’ve gone so far beyond “bias” these days. It’s just outright propaganda now.

  22. Wikileaks claims that they got the E-mails from an insider in the DNC.

    There does seem to have been phishing attempt on both the DNC and the RNC originating from somewhere in Russia. People at the DNC stupidly fell for it, people at the RNC had enough E-mail security that it wasn’t effective.

    No matter how you look at it, this wasn’t “Russian hacking”, it was Democratic incompetence.

  23. Russia bashing is being coordinated by the political left. Hillary was obviously pissed off at Putin because he was supporting Assad, which Hillary wanted to remove from power (she was receiving millions in “donations” from Saudi Arabia and Qatar, who were funding the “rebels” to fight Assad, not for moral reasons, but for economic reasons). Hillary wants to run again in 2020, and so it is in her interest to blame her loss on Russia and the FBI. Russia is obviously engaged in hacking, but there is no evidence that they leaked information (they would more likely use hacked information for blackmail). In any case, leaked information is true information, not misinformation. What is ironic is the fact that they left used to be lovers of Russia: it was a communist paradise far superior to the evil, capitalistic USA. The left used to viciously attack McCarthyism, not only because it was quick to accuse without sufficient evidence, but also because McCarthy attacked true defenders of Russia and their Marxist idealism, which they secretly admired.

  24. And not a word about Washington interfering with Ukraine.

    Brokering power: US role in Ukraine coup hard to overlook

  25. Start working at home with Google! It’s by-far the best job I’ve had. Last Wednesday I got a brand new BMW since getting a check for $6474 this – 4 weeks past. I began this 8-months ago and immediately was bringing home at least $77 per hour. I work through this link, go to tech tab for work detail.

  26. happy christmas

    Peyton . you think Connie `s blog is cool, I just purchased BMW M3 from having made $4287 this-last/5 weeks an would you believe ten-k last month . it’s by-far my favourite-work I’ve ever had . I began this 8-months ago and straight away startad earning more than $72, per-hr . visit the website


  27. my friend’s sister makes $79 /hour on the laptop . She has been out of a job for 10 months but last month her payment was $19847 just working on the laptop for a few hours…


  28. upto I looked at the paycheck saying $9861 , I accept that my father in law was like they say trully bringing in money in their spare time online. . there best friend haz done this less than 8 months and a short time ago repayed the dept on there appartment and bourt a great Citro?n 2CV . see at this site


  29. Facebook gives you a great opportunity to earn 98652$ at your home.If you are some intelligent you makemany more Dollars.I am also earning many more, my relatives wondered to see how i settle my Life in few days thank GOD to you for this…You can also make cash i never tell alie you should check this I am sure you shocked to see this amazing offer…I’m Loving it!!!!

Please to post comments

Comments are closed.