The DNC emails were not hacked by Russian GRU
DEBKAfile, Jul 26 2016
On Jul 25, as the Democratic Party’s convention got underway in Philadelphia, presidential candidate Hillary Clinton found herself struggling to unite the party behind her nomination as the party’s presidential nominee, after the shock release of 20,000 emails through WikiLeaks, which exposed top party officials as campaigning to discredit her rival Bernie Sanders. This breach of objectivity in Clinton’s favor was supported by documents, statistical tables and videos attached to the emails hacked from the Democratic National Committee’s servers. To damp the crisis. party leaders, including Clinton, took two immediate steps that made the situation worse: They sacked the head of the Democratic National Committee (DNC), Debbie Wasserman Schultz, the day she was due to open the convention and, second, they called on the FBI to investigate the hacking and find who was responsible for the embarrassing leaks. The culprit was quickly named as Russia’s military intelligence service, the GRU, by “experts close to the examination,” namely, the information security company CrowdStrike, which was hired by the DNC, and the FBI. CrowdStrike said it had found two types of Advanced Persistent Threat (APT) malware inside the DNC’s servers that were intended to remain undetected for long periods of time, slowly spread inside the servers, and secretly send the data back to the culprits who planted the malware. However, an analysis by DEBKAfile’s intelligence and cyber-defense sources have determined that the hacking was almost certainly not carried out by the GRU’s cyber-warfare branch, contrary to assertions by senior DNC officials who fix the blame on Russian intelligence. Their assertions don’t hold water in the light of four facts:
- Russia’s cyber warfare system is still mostly a “black hole” for the West. Although it is highly effective, very little is known about its methods of operation, organizational structures, scale of cooperation with counterparts in other countries, and the tools and resources at its disposal. Had any branch of Russian intelligence been responsible for the hacking the Democrat Party’s servers, no obvious signatures such as the terms “Fancy Bear” and “Cozy Bear” that were discovered, would have been left behind for investigators to find.
- Intelligence organizations, including those of Russia, are usually fully focused on seeking security, strategic and economic data. It is hard to see Russian military intelligence, whose resources are stretched, expending time and manpower on digging out the DMC;s views of Bernie Sanders’ religiosity.
- Then, too, CrowdStrike’s claim to have cracked the case in two hours is hardly credible. Getting to the bottom of an APT (Advanced Persistent Threat) calls for extra-powerful computers, working in conjunction with the internet service provider (ISP), and consuming weeks, if not months of analysis.
- Attributing the hacking attack to the Russians provided Pindostani agencies with a convenient reminder that Edward Snowden still lives safe from prosecution in Russian exile, and that Julian Assange remains in asylum at the Ecuadorean embassy in Britain.
The true identity of the hacker that sent the cat among the Democratic party pigeons, at the most damaging moment for Hillary Clinton, remains the subject of conjecture for lack of firm proof. The leading suspects may well be one or more of her party opponents. But although the current crisis may be glossed over in the interim to allow the convention and nomination to take its course, the Clinton campaign up until November is more than likely to be bedevilled by fresh e-mails leaked via WikiLeaks or other means that are just as embarrassing.
Notes on the Democrat Convention (excerpt)
Jeffrey St Clair, Counterpunch, Jul 27 2016
The Democrats are working overtime to transform the DNC email episode into a story about Russian hackers, Putin and Trump. One Democrat Party flack called it the most outrageous political break-in since Watergate. Anything to divert attention from the scandalous content of the emails. But there’s little hard evidence that Russians were behind the hack. Cyber-expert Bill Blunden wrote to me this morning:
Note that Julian Assange has said: “We have not disclosed our source, and of course, this is a diversion that’s being pushed by the Hillary Clinton campaign.” Thanks to documents released by Ed Snowden, and other whistle-blowers, it’s part of the public record that intelligence services have invested heavily in tools that are designed to subvert the process of attribution. It would be risky to presume that such activities were limited to the NSA and GCHQ. Likewise classified programs like JTRIG and HACIENDA are conducted with the explicit intention of obscuring the source of cyber-intrusions. Entities from the private sector are also involved in this sort of activity. When dealing with an organization with the requisite skill and resources, successful attribution is highly unlikely. Subtle operational signatures can be mimicked and tell-tale forensic clues can be counterfeited. Welcome to the wilderness of mirrors. Peace, Bill.