The joint report issued by the Department of Homeland Security and the FBI about alleged Russian cyberattacks during the 2016 election titled “Grizzly Steppe” is as definitive as a scattering of unconnected dots.
According to Jeffrey Carr, author of “Inside Cyber Warfare,” the report “merely listed every threat group ever reported on by a commercial cybersecurity company that is suspected of being Russian-made and lumped them under the heading of Russian Intelligence Services (RIS) without providing any supporting evidence that such a connection exists.”
For example, the DHS/FBI report cites SEDNIT as one “actor” in a list associated with the RIS, which strangely includes, not just “actors,” but malware names like Havex and BlackEnergy.
The security solutions company ESET describes SEDNIT as a group of cyber-attackers operating since 2004, also known as APT28, Fancy Bear and Sofacy, whose main objective is stealing confidential information from specific targets.
The DHS/FBI report suggests SEDNIT, APT28, Fancy Bear and Sofacy as separate actors associated with the RIS, when they are really different names for the same operation.
More importantly, as Carr notes, in its “En Route with Sednit: Observing the Comings and Goings,” ESET states:
“As security researchers, what we call “the Sednit group” is merely a set of software and the related network infrastructure, which we can hardly correlate with any specific organization.”
That is, once malware is deployed on the internet, “it can be reverse-engineered, copied, modified, shared and redeployed again and again by anyone,” including X-Agent used in the Democratic National Committee attack and separately harvested by ESET.
Robert Lee, a former Air Force cyberwarfare officer, describes the DHS/FBI report, half of which is merely cybersecurity advice for network administrators, as “intended to help network defenders; it is not the technical evidence of attribution.”
According to a September10, 2015 Daily Beast report:
“More than 50 intelligence analysts working out of the U.S. military’s Central Command have formally complained that their reports on ISIS and al Qaeda’s branch in Syria were being inappropriately altered by senior officials.”
Yes, Russia engages in espionage against the United States including cyberwarfare, but let’s identify this so-called “Russian election hacking” for what it is – disinformation.
The Russian connection began in October as a political maneuver by the Democrats to divert attention away from the damaging content of the Wikileaks emails and negatively label Donald Trump as a Vladimir Putin sycophant or puppet. Immediately after the election, it became an excuse for Hillary Clinton’s devastating loss and a ploy to discredit Trump’s victory.
The questionable DHS/FBI report is meant to justify all of the above and the implementation of sanctions against Russia.
Sanctions provide cover for the Obama/Clinton failed “reset” with Russia and, similar to the disgraceful anti-Israel UN resolution as a parting shot at Prime Minister Netanyahu , they are Obama’s retribution against Putin, who he feared, loathed and by whom he was constantly out-maneuvered.
For Obama, intelligence assessments are simply the continuation of politics by other means.