Hardly a day goes by without some “news” about the Russian “threat,” and in the past twenty-four hours the hate-on-Russia campaign seems to have picked up speed. After learning from Hillary Clinton that Vladimir Putin is not only responsible for the Trump campaign, but also for the “global nationalist movement” that yanked the British out of the European Union, mainstream media are telling us that Russian interlopers are supposedly invading our electoral process by hacking into voter databases. The Washington Post “reports”:
Hackers targeted voter registration systems in Illinois and Arizona, and the FBI alerted Arizona officials in June that Russian hackers were behind the assault on the election system in that state.So the Russkies are invading the American polity, launching a cybernetic assault on the very basis of our democracy? Really? Well, no, as becomes apparent when the reader gets down in the weeds and exercises his critical faculties, if such exist. Because by the time we arrive at paragraph five of this “news” story, we learn that:
The bureau told Arizona officials that the threat was ‘credible’ and severe, ranking as ‘an 8 on a scale of 1 to 10,’ said Matt Roberts, a spokesman for the secretary of state’s office.
As a result, Secretary of State Michele Reagan shut down the state voter registration system for almost a week.
It turned out that the hackers did not succeed in compromising the state system or even any county system, but rather had managed to steal the user name and password for one Gila County elections official.Oh, but never mind that nothing much happened and no data was altered, because:
Nonetheless, the revelation comes amid news that the FBI is investigating suspected foreign hacks of state election computer systems, and earlier this month warned states to be on the alert for intrusions.“Russian” hackers have now been magically transformed into “suspected foreign hacks”: we aren’t supposed to notice this shift in attribution because, after all, the FBI is supposedly putting its imprimatur on this conspiracy theory. Except they aren’t: nowhere in the story does the FBI confirm that the Russians or any foreign actors are behind this.
In Illinois, election officials – who just happen to be Democrats – report a similarly minor intrusion, which one Kyle Thomas, director of voting and registration systems for the State Board of Elections, describes as “a highly sophisticated attack most likely from a foreign (international) entity.” How does he know that? Well, he doesn’t. As we read on, we are told that “The bureau has told Illinois officials that they’re looking at possible foreign government agencies as well as criminal hackers.”
In other words, it could’ve been a couple of teenagers sitting in a cyber-café in Shanghai.
Is there a shred of evidence the Russians were behind any of this, as reporter Ellen Nakashima states in her opening paragraph? The answer to that question is an unequivocal no.
The same day the Washington Post story appeared yet another act of Russian aggression on American soil was revealed to a breathless world: Russian “state actors” have hacked into a number of unnamed Washington thinktanks! The story appeared in “Defense One,” a web site that caters to “insiders” in the national security bureaucracy and their corporate cronies. In an “exclusive,” they claim:
Last week, one of the Russia-backed hacker groups that attacked Democratic computer networks also attacked several Russia-focused think tanks in Washington, D.C., Defense One has learned.So the same company paid by the Democratic National Committee to echo the party line on the DNC hacks is now telling us that they know the Russians are behind this alleged hack. And yet, as cyber-security expert Jeffrey Carr points out here, there is no way CrowdStrike (or anybody else) could definitively point to Russian “state actors” as the culprits in this or any other case: that’s because the procedure they use in “tracing” a hack is inherently subjective, what Carr calls “faith-based attribution.”
The perpetrator is the group called COZY BEAR, or APT29, one of the two groups that cybersecurity company CrowdStrike blamed for the DNC hack, according to founder Dmitri Alperovitch. CrowdStrike discovered the attack on the DNC and provides security for the think tanks.
Technical analysis of code and the software utilized by the hackers is less than helpful in identifying hackers: if Chinese characters are found in code, well then you’ve been hacked by the People’s Liberation Army. If Russian characters are discovered, well then it’s Putin’s spies. Except this is nonsense: as Carr explains it, if a Kalashnikov is used in a murder, does that mean the murderer is a Russian? Well, uh, no – and no one would ever make that assumption. And yet this is precisely the sort of “analysis” we’re getting from the hucksters who infest the “cyber-security” industry. In short,the “scientific” analysis marketed by these companies is based on assumptions that cannot be objectively verified.
These companies would like their customers to believe that their conclusions are based on science, but as Carr points out:
It’s important to know that the process of attributing an attack by a cybersecurity company has nothing to do with the scientific method. Claims of attribution aren’t testable or repeatable because the hypothesis is never proven right or wrong.If you look at the “analysis” done by those who attribute the DNC hack to Russian state actors, a pattern of confirmation bias emerges, as Carr shows:
When looking at professions who use an investigative process to determine a true and accurate answer, the closest profession to the attribution estimate of a cyber intelligence analyst is that of a religious office like a priest or a minister, who simply asks their congregation to believe what they say on faith. The likelihood that a nation state will acknowledge that a cybersecurity company has correctly identified one of their operations is probably slightly less likely than God making an appearance at the venue where a theological debate is underway about whether God exists.
On June 15, 2016, CrowdStrike’s co-founder and CTO Dmitri Alperovich announced in a blog post that two Russian hacker groups were responsible for the DNC breach: Cozy Bear and Fancy Bear; and that both hacker groups worked for competing Russian intelligence services.What we are dealing with here is an industry – “cyber-security” – that has a vested interest in promoting the idea that its methodology is “scientific,’ and that it can provide answers to its paying customers who want to know for sure who hacked their computer systems. It wouldn’t do to tell them that no definitive answers are possible, and that any attribution procedure is necessarily based on a whole range of assumptions that are not objectively verifiable. That wouldn’t do much to improve their profit margins. So they market themselves as “scientists” who have all the answers, when, in fact, they have no answers.
Other cybersecurity companies including FireEye, Kaspersky Lab, ESET, TrendMicro, Microsoft, iSight Partners, and AlienLab have made similar claims of attribution to the Russian government. The question that this article seeks to answer is, are those claims grounded in evidence or guesswork?
I chose to look at Fancy Bear (APT28 in FireEye’s ecosystem). The most comprehensive report on that threat actor was written by FireEye and released last October, 2014 so I started with that. To my surprise, the report’s authors declared that they deliberately excluded evidence that didn’t support their judgment that the Russian government was responsible for APT28’s activities: ‘APT28 has targeted a variety of organizations that fall outside of the three themes we highlighted above. However, we are not profiling all of APT28’s targets with the same detail because they are not particularly indicative of a specific sponsor’s interests.’ (emphasis added)
That is the very definition of confirmation bias. Had FireEye published a detailed picture of APT28’s activities including all of their known targets, other theories regarding this group could have emerged; for example, that the malware developers and the operators of that malware were not the same or even necessarily affiliated.
This is how a corporate scam turns into a political scam. Reporters looking for “experts” to verify what they already believe, and government officials and partisan players who have a similar agenda, are all too willing to suspend disbelief. A combination of technical ignorance, laziness, and extreme bias produces the kind of “journalism” that is fueling the campaign to attribute every case of hacking to the Russians.
In the case of these mostly unnamed “Russia-focused” thinktanks, the bias is inherent in their ideologically-driven orientation. One alleged victim is named, however, the Center for Strategic and International Studies. Their Senior Vice President, one James Andrew Lewis, boasted:
It’s like a badge of honor – any respectable think tank has been hacked. The Russians just don’t get the idea of independent institutions, so they are looking for secret instructions from Obama. Another benefit is they can go to their bosses and show what they took to prove their worth as spies.Lewis is naturally eager to pin himself and his employer with that “badge of honor,” as well as to imbue CSIS with the penumbra of “respectability.” And as for actual evidence that the Russians are responsible for this, Lewis couldn’t care less. In a piece on the DNC hacks, he avers:
Wrangling over evidentiary standards misses the point. The rules for great power politics are not the same as the rules for a court, if a country wants to remain a great power. This is politics, not jurisprudence.The rules of logic, let alone legal standards of proof, don’t apply to Lewis and his confreres in the national security Establishment. After all, he writes, “it is far too late to reverse this story. Both private and government sources attribute the hacking to Russia.” These are the same sources, I might point out, who assured us that Saddam Hussein had “weapons of mass destruction” – and who now exhibit same disregard for truth that resulted in that infamous “intelligence failure.” The reality is that, for Lewis and the grandees of the national security state, there is no truth, because “this is politics, not jurisprudence.”
Oh, those rascally Russkies are everywhere! According to our news media, they are not only responsible for the hacking of the Democratic National Committee, but Putin’s spies have also gotten their mitts on the computer files of the Clinton Foundation. The same evidence-free rationale – promulgated by the same “cyber-security” companies in the pay of the Democrats – is utilized to validate this latest claim. And indeed a Bloomberg piece on the alleged hack informs us that:
If the Democrats can show the hidden hand of Russian intelligence agencies, they believe that voter outrage will probably outweigh any embarrassing revelations, a person familiar with the party’s thinking said.Deny, deflect, distract – that’s Hillary’s strategy. With a compliant media in tow, so far it seems to be working, at least to the extent that Russian hackers are now generally accepted as a veritable arm of the Trump campaign – when, in fact, there is absolutely zero evidence that Russian state actors are involved in any way. We haven’t seen this level of deception since the ginned up “evidence” of Iraqi “weapons of mass destruction.”
This entire conspiracy theory is based on a much broader one, which has been pushed by a number of groups with a vehemently anti-Russian cold war agenda. The Legatum Institute, headquartered in Britain, as well as the usual neoconservative suspects in this country, have long maintained that the Russians, while militarily and economically weak, have turned to “information warfare” as their primary instrument of “aggression.” Legatum has been pushing for a government-subsidized “anti-disinformation” agency to combat this new “threat,” as well as urging outright censorship of Russian state-subsidized networks such as “Russia Today” and “Sputnik.” So who are these folks? Legatum is the creature of one Christopher Chandler, a billionaire investor aptly described by investigative reporter Mark Ames:
The Chandler brothers reportedly were the single biggest foreign beneficiaries of one of the greatest privatization scams in history: Russia’s voucher program in the early 1990s, when each Russian citizen was given a voucher that represented a share in a state concern to be privatized . . . and most naive Russians were fooled or coerced into dumping their vouchers for next to nothing, snapped up by clever vulture capitalists and factory directors from the inside. Institutional Investor magazine described how the Chandlers benefited by snapping up Russians’ vouchers and converting them into stakes in some of the largest and most lucrative companies in the world.When Putin took over from the corrupt and perpetually drunk Boris Yeltsin, the Chandlers’ game was over. As Ames puts it, with characteristic wit: “Putin’s cronies don’t need them; they replaced them and pocketed the money for themselves. Therefore, Russia is a threat to western civilization.”
The Legatum thesis, backed by Chandler’s billions, has gained momentum with journalists in this country, and flies in tandem with the “blame Putin” meme that now accompanies news of every hacking incident. We are told that a Russian “disinformation” campaign is spreading “false stories” designed to “sow discord” and causing people to question the policies favored by their leaders, such as whether Sweden ought to join NATO.
As New York Times reporter Neil MacFarquahar put it in a “news” story about this latest example of Putin’s perfidy, the Russian President has “invested heavily in a program of ‘weaponized’ information, using a variety of means to sow doubt and division. The goal is to weaken cohesion among member states, [and] stir discord in their domestic politics.” Notice the phraseology: information is now a “weapon,” the dissemination of which is an act of “aggression.”
In other words, if you question the utility of NATO – now that the Soviet Union has been dead and gone for some thirty years – you’re the functional equivalent of a Russian spook. Are you seeking to “sow discord”? Well, then, you must be an agent of the FSB, the successor to the Soviet KGB. The strategy of guilt by association – so integral to the Clinton campaign’s tactics in this election – is on full display in the MacFarquahar piece:
Tracing individual strands of disinformation is difficult, but in Sweden and elsewhere, experts have detected a characteristic pattern that they tie to Kremlin-generated disinformation campaigns.“Fake document”? What “fake document”? You can see how the framework for denying the authenticity of embarrassing documents unearthed by WikiLeaks is being built up by Hillary’s journalistic camarilla. And of course those evil “far left’ and “far right” web sites – gee, I wonder which category Antiwar.com falls under! – are also Moscow’s pawns, and therefore not credible.
’The dynamic is always the same: It originates somewhere in Russia, on Russia state media sites, or different websites or somewhere in that kind of context,’ said Anders Lindberg, a Swedish journalist and lawyer.
’Then the fake document becomes the source of a news story distributed on far-left or far-right-wing websites,’ he said. ‘Those who rely on those sites for news link to the story, and it spreads. Nobody can say where they come from, but they end up as key issues in a security policy decision.’
It’s all so transparent, and yet with practically every “mainstream” media outlet echoing the same conspiracy theory, the effect is self-reinforcing. This is how fiction becomes “fact.”
What we are seeing in this election season is a propaganda campaign the likes of which we haven’t experienced since the run up to the Iraq war. We are being buried in a veritable shit-storm of lies on a daily basis. Except that, this time, the target isn’t some third-rate Third World despot like Saddam Hussein, nor it is really Donald Trump, whose electoral prospects were never that great to begin with. Trump is just collateral damage – the real quarry is Vladimir Putin.
In concert with a bevy of exiled Russian oligarchs and Western “investors” who plundered Yeltsin-era Russia and were cut off from their orgy of lucrative looting by Putin, the historically Russophobic Clintons and their newfound neoconservative allies dream of regime change in Russia. The vast oil and mineral wealth to be found in Russia’s central Asian provinces and “near abroad,” is a tempting target for those who habitually combine profiteering with politics. The Clintons and their crony capitalist corporate benefactors are drooling at the prospect of looting a prostrate Russia, and Putin stands in their way. Therefore, he must go – and if they have to risk World War III in order to accomplish their goal, well then so be it.
Greed and politics are pushing us to the brink of an all-out conflict with nuclear-armed Russia. It’s an old story, but true.
Reprinted with permission from Antiwar.com.