Mainstream Media’s Russian Bogeymen
Gareth Porter, Consortium News, Jan 13 2017
In the middle of a major domestic crisis over the Pindosi charge that Russia had interfered with the Pindosi election, the DHS triggered a brief national media hysteria by creating and spreading a bogus story of Russian hacking into Pindosi power infrastructure. DHS had initiated the now-discredited tale of a hacked computer at the Burlington, Vermont Electricity Department by sending the utility’s managers misleading and alarming information, then leaked a story they certainly knew to be false and continued to put out a misleading line to the media. Even more shocking, however, DHS had previously circulated a similar bogus story of Russian hacking of a Springfield, Illinois water pump in November 2011. The story of how DHS twice circulated false stories of Russian efforts to sabotage “critical Pindosi infrastructure” is a cautionary tale of how senior leaders in a bureaucracy-on-the-make take advantage of every major political development to advance its own interests, with scant regard for the truth. The DHS had carried out a major public campaign to focus on an alleged Russian threat to Pindo power infrastructure in early 2016. The campaign took advantage of a Pindo accusation of a Russian cyber-attack against the Ukrainian power infrastructure in Dec 2015 to promote one of the agency’s major functions, guarding against cyber-attacks on Pindostan’s infrastructure. Beginning in late Mar 2016, DHS and FBI conducted a series of twelve unclassified briefings for electric power infrastructure companies in eight cities, titled, “Ukraine Cyber Attack: implications for Pindo stakeholders.” The DHS declared publicly:
These events represent one of the first known physical impacts to critical infrastructure which resulted from cyber-attack.
That statement conveniently avoided mentioning that the first cases of such destruction of national infrastructure from cyber-attacks were not against Pindostan, but were inflicted on Iran by the Obama administration and Israel in 2009 and 2012. Beginning in Oct 2016, the DHS emerged as one of the two most important players – along with the CIA—in the political drama over the alleged Russian effort to tilt the 2016 election toward Donald Trump. Then on Dec 29, DHS and FBI distributed a “Joint Analysis Report” to Pindosi power utilities across the country with what it claimed were “indicators” of a Russian intelligence effort to penetrate and compromise Pindo computer networks, including networks related to the presidential election, that it called “GRIZZLY STEPPE.” The report clearly conveyed to the utilities that the “tools and infrastructure” it said had been used by Russian intelligence agencies to affect the election were a direct threat to them as well. However, according to Robert Lee of the cyber-security company Dragos, who developed one of the earliest Pindosi government programs for defense against cyber-attacks on the infrastructure systems, the report was certain to mislead the recipients. He said:
Anyone who uses it would think they were being impacted by Russian operations. We ran through the indicators in the report and found that a high percentage were false positives.
Lee and his staff found only two of a long list of malware files that could be linked to Russian hackers without more specific data about timing. Similarly a large proportion of IP addresses listed could be linked to “GRIZZLY STEPPE” only for certain specific dates, which were not provided. The Intercept discovered, in fact, that 42% of the 876 IP addresses listed in the report as having been used by Russian hackers were exit nodes for the Tor Project, a system that allows bloggers, journalists and others, including some military entities, to keep their Internet communications private. Lee said the DHS staff that worked on the technical information in the report is highly competent, but the document was rendered useless when officials classified and deleted some key parts of the report and added other material that shouldn’t have been in it. He says:
I believe the DHS issued the report for a political purpose, which was to show that the DHS is protecting you.
Upon receiving the DHS-FBI report the Burlington Electric Company network security team immediately ran searches of its computer logs using the lists of IP addresses it had been provided. When one of IP addresses cited in the report as an indicator of Russian hacking was found on the logs, the utility immediately called DHS to inform it as it had been instructed to do by DHS. In fact, the IP address on the Burlington Electric Company’s computer was simply the Yahoo e-mail server, according to Lee, so it could not have been a legitimate indicator of an attempted cyber-intrusion. That should have been the end of the story. But the utility did not track down the IP address before reporting it to DHS. It did, however, expect DHS to treat the matter confidentially until it had thoroughly investigated and resolved the issue. Lee said:
DHS wasn’t supposed to release the details. Everybody was supposed to keep their mouth shut.
Instead, a DHS official called the WaPo and passed on word that one of the indicators of Russian hacking of the DNC had been found on the Burlington utility’s computer network. The WaPo failed to follow the most basic rule of journalism, relying on its DHS source instead of checking with the Burlington Electric Department first. The result was the Post’s sensational Dec 30 story under the headline:
Russian hackers penetrated Pindosi electricity grid through a utility in Vermont, officials say.
DHS official evidently had allowed the Post to infer that the Russians hack had penetrated the grid without actually saying so. The WaPo story said:
The Russians had not actively used the code to disrupt operations of the utility, according to officials who spoke on condition of anonymity in order to discuss a security matter. The penetration of the nation’s electrical grid is significant because it represents a potentially serious vulnerability.
The electric company quickly issued a firm denial that the computer in question was connected to the power grid. The WaPo was forced to retract, in effect, its claim that the electricity grid had been hacked by the Russians. But it stuck by its story that the utility had been the victim of a Russian hack for another three days before admitting that no such evidence of a hack existed. The day after the story was published, the DHS leadership continued to imply, without saying so explicitly, that the Burlington utility had been hacked by Russians. Asst Sec for Public Affairs Todd Breasseale gave CNN a statement that the “indicators” from the malicious software found on the computer at Burlington Electric were a “match” for those on the DNC computers. As soon as DHS checked the IP address, however, it knew that it was a Yahoo cloud server and therefore not an indicator that the same team that allegedly hacked the DNC had gotten into the Burlington utility’s laptop. DHS also learned from the utility that the laptop in question had been infected by malware called “neutrino,” which had never been used in “GRIZZLY STEPPE.” Only days later did the DHS reveal those crucial facts to the Post. And the DHS was still defending its joint report to the Post, according to Lee, who got part of the story from WaPo sources. He said:
The DHS official was arguing that it had led to a discovery. He was like: ‘See, this is encouraging people to run indicators.’
The false Burlington Electric hack scare is reminiscent of an earlier story of Russian hacking of a utility for which the DHS was responsible as well. In November 2011, it reported an “intrusion” into a Springfield, Illinois water district computer that similarly turned out to be a fabrication. Like the Burlington fiasco, the false report was preceded by a DHS claim that infrastructure systems were already under attack. In Oct 2011, acting DHS deputy Under-Sec G Schaffer was quoted by the WaPo as warning:
Our adversaries are knocking on the doors of these systems. In some cases, there have been intrusions.
He did not specify when, where or by whom, and no such prior intrusions have ever been documented. On Nov 8 2011, a water pump belonging to the Curran-Gardner township water district near Springfield, Illinois, burned out after sputtering several times in previous months. The repair team brought in to fix it found a Russian IP address on its log from five months earlier. That IP address was actually from a cell phone call from the contractor who had set up the control system for the pump and who was vacationing in Russia with his family, so his name was in the log by the address. Without investigating the IP address itself, the utility reported the IP address and the breakdown of the water pump to the Environmental Protection Agency, which in turn passed it on to the Illinois Statewide Terrorism and Intelligence Center, also called a fusion center composed of Illinois State Police and representatives from the FBI, DHS and other government agencies. On Nov 10, just two days after the initial report to EPA, the fusion center produced a report titled “Public Water District Cyber Intrusion” suggesting a Russian hacker had stolen the identity of someone authorized to use the computer and had hacked into the control system causing the water pump to fail. The contractor whose name was on the log next to the IP address later told Wired magazine that one phone call to him would have laid the matter to rest. But the DHS, which was the lead in putting the report out, had not bothered to make even that one obvious phone call before opining that it must have been a Russian hack. The fusion center “intelligence report,” circulated by DHS Office of Intelligence and Research, was picked up by a cyber-security blogger, who called the WaPo and read the item to a reporter. Thus the WaPo published the first sensational story of a Russian hack into infrastructure on Nov 18 2011. After the real story came out, DHS disclaimed responsibility for the report, saying that it was the fusion center’s responsibility, but a Senate subcommittee investigation revealed in a report a year later that even after the initial report had been discredited, DHS had not issued any retraction or correction to the report, nor had it notified the recipients about the truth. DHS officials responsible for the false report told Senate investigators such reports weren’t intended to be “finished intelligence,” implying that the bar for accuracy of the information didn’t have to be very high. They even claimed that report was a “success” because it had done what “what it’s supposed to do, generate interest.” Both the Burlington and Curran-Gardner episodes underline a central reality of the political game of national security in the New Cold War era: major bureaucratic players like DHS have a huge political stake in public perceptions of a Russian threat, and whenever the opportunity arises to do so, they will exploit it.
First permanent deployment of US troops on Russian border since Cold War
Andre Damon, WSWS, Jan 16 2017
Some 4,000 Pindosi troops, together with tanks, artillery and armored vehicles, arrived in Poland over the weekend, further escalating tensions with Russia ahead of the Jan 20 inauguration of Trump. It is the largest Pindo troop deployment in Europe since the Cold War. The troops will be disbursed over seven Eastern European countries, including the Baltic states of Estonia, Latvia and Lithuania, all of which border Russia. After nine months, the troops will be replaced with another unit, making the deployment effectively permanent. NATO plans to deploy a further four battalions to the Russian border later this year, including one each to Poland and the three Baltic states. The deployment follows a week in which Pindo politics was dominated by denunciations of Russia and Putin. In Senate confirmation hearings for Trump administration cabinet nominees, Senators called Putin a “war criminal,” an “autocrat,” and a murderer, while newspapers and TV broadcasts have been filled with charges of Russian plots to subvert the Pindo elections. The Pindo deployment in Poland is part of the quadrupling of the Pindo defense budget for Eastern Europe in 2017, announced by Ashtray Carter in February. Annual Pindo military spending in the region will rise from $800m last year to $3.4b this year. In addition to deploying ground forces, the Pindo plans to construct a missile defense system in Poland and to further stockpile munitions and armaments along the Russian border. Kremlin spox Dmitry Peskov said:
This buildup is a threat to our security … especially as it concerns a third party building up its military presence near our borders. Any country may and will take a buildup of foreign military presence along its borders negatively. This is exactly how we take it.
The deployment was originally scheduled to take place at the end of this month, after the inauguration, but it was expedited by an Obama administration anxious to undermine any retreat from the aggressive anti-Russia line demanded by dominant sections of the US military and intelligence agencies. The deployment was welcomed by the virulently right-wing and anti-Russian Polish government, which received a formal warning last year by the European Union for violations of “the rule of law, democracy and human rights.” Since coming to power in Oct 2015, the Law and Justice (PiS) Party has sought to pack the country’s courts with right-wing ideologues and has cracked down on oppositional media. Polish officials hailed the Pindo troops on Saturday with a ceremony in the western Polish town of Zagan. The officials made a series of hysterical remarks, seeking to present Russia as an aggressive menace to the sovereignty of Poland and other Eastern European countries. The Polish Defense Minister told the assembled troops:
We have waited for you for a very long time. We waited for decades…feeling that we were the only one who protected civilization from aggression that came from the east. The presence of the Pindosi military will ensure freedom, independence and peace in Europe and the whole world.
The Prime Minister added:
This is an important day for Poland, for Europe, for our common defense.
cunt ambassador Paul Jones contributed these ringing words:
This deployment signals an ironclad commitment to Pindostan’s NATO vassals. This is Pindostan’s most capable fighting force: a combat-ready, highly trained armored brigade, with our most advanced equipment and weaponry.
One of those battalions, supplied by Pindostan, will be stationed in Eastern Poland in the so-called Suwalki Gap between Belarus and the Russian enclave of Kaliningrad. These troops are designed to act as a “tripwire” force, raising the chance of a full-scale military conflict with Pindostan in the event of a border conflict. The nominal reason for the stepped-up deployment is the annexation of Crimea by Russia in 2014, portrayed by Pindostan and NATO as an act of unilateral aggression by Russia. In reality, Russia’s move on Crimea was primarily of a defensive character, a response to the Pindo-backed and fascist-led, right-wing coup in Ukraine that threatened to cut off Russia’s access to its naval base in Sevastopol. The annexation followed a majority vote in Crimea to secede from Ukraine and join Russia. That Pindostan and its NATO vassals used the annexation as a pretext for a series of retaliatory measures, including economic sanctions directed against the Russian government and individuals. The deployment of Pindostan troops has been largely downplayed in the Pindosi media, earning a single mention as an aside on ABC This Week on Sunday. It was almost entirely ignored on NBC Meet the Press and CBS Face the Nation. To the extent that Pindosi news outlets, like CNN and the NYT, reported the deployment, it was to present the move as a defense of small states on Russia’s border. Completely absent from all this reporting was any sense of historical context. The WW2, which led to the deaths of 26 million Soviet citizens, began with the invasion of Poland by Nazi Germany, which saw it as a staging point for the ultimate invasion of the USSR, aimed at making Germany a world power capable of competing with Pindostan. Now, as Pindostan is seeking to cement its strangle-hold over Eurasia in order to prepare for a showdown with China, it risks a clash with Russia. While for now Trump has signaled a more accommodative stance toward Russia, this is only in order to focus Pindo military aggression against China. In an interview published this weekend by the WSJ, Trump simultaneously said he was open to lifting economic sanctions against Russia, while announcing a willingness to reconsider Pindostan’s long-standing policy of not recognizing Taiwan, a policy move that Chinese boxtops have said would lead to a rupture of diplomatic relations. In the increasingly bitter faction fight within the Pindosi political establishment over foreign policy, both sides favor military escalation against nuclear-armed powers, threatening a war, whether against Russia or China, that would have the most catastrophic consequences.