Intercept in bed with the dark side: OMG! Russian hackers!

Brian Tue, 2017-06-06 21:26
The Intercept: Why are they printing  this BS?

One of yesterday's big stories, at least on my Facebook wall, was a The Intercept big scoop. They published a story on a National Security Agency (NSA) document that had been leaked to them.

(The federal contractor employee involved has been arrested and charged with nefarious national security offences. But that's a tragic story I won't be able to deal with here.)

Horrors! Apparently, according to this document, the Russians have been caught red-handed hacking into the computer systems of someone who actually has some significant duty in actual elections.

One of the reasons this is big news, of course, is that the entire case for Russian interference has been built entirely on the leaked Democratic National Committee (DNC) and John Podesta e-mails. There's never been any suggestion that Russian hackers got anywhere near the actual voting procedures and systems. Nothing. That, of course, didn't prevent the Hillborg from making entirely unwarranted accusations. But now, I'm guessing to their immense relief, they've got something.

You can find the article here. I strongly suggest you read it before you continue on in this piece.

I've given it a very careful read. Here's what I think other readers should pay close attention to.

* * * * *

Good grief! I had to scroll up to the top several times just to be sure I wasn't reading the Washington freaking Post! This article is so weaselly it drags the Intercept down into the swamp. (NB. I'm not a Trumpiste. I despise the man. But it is a swamp.)

Here are some examples of what I mean:

Russian hacking "may have penetrated." And maybe not. "...further into US voting systems than was previously understood" Since nothing was understood about "penetration into voting systems," it wouldn't take much.

It was done "evidently to obtain" something. So they don't know what was "obtained," but they go on to say what it was used for.

It's a NSA "summary judgment." Very low level stuff. Professional intelligence people will be laughing hysterically.

"The NSA analysis does not draw conclusions about whether the interference had any effect on the election’s outcome and concedes that much remains unknown." Good grief. They've clearly got very little.

It "raises the possibility that Russian hacking may have breached..." and maybe not. "Raises the possibility"? I thought they were damned sure.

"The report adds significant new detail" to the BS that the Obama administration released in January.

"Concluded with high confidence" How many times do we have to hear them say this before we realize we're being lied to.

"That review (the BS that the Obama administration released in January) did not attempt to assess what effect the Russian efforts had on the election." And neither does this one.

"Could have provided an ideal staging point" Sure, that's what phishing attacks do. But they clearly don't know whether it did.

"[P]arts of the system" "including a private sector manufacturer." One private sector manufacturer, which is all they have, does not amount to "parts."

"[T]he Russian plan was simple." That's right. So simple just about any hacker with a modicum of knowledge could do it.

After a long-winded explanation of how the attack might have taken place, it is "unknown" whether anyone was compromised. Amazing. What's the point?

Quotes, quotes, quotes from experts.

"[S]tolen logins can be even more dangerous." Yes, they can be, but given that they don't know if anyone's login was stolen, what's the point?

After a long description of the alleged attack, we learn the Microsoft document involved "'very likely' would have instructed the infected computer to begin downloading in the background." Very likely? So they don't even know what this "trojanized" document did? Apparently they don't have a copy of it. Why wouldn't they have a copy of it?

The second bit of malware "could have provided attackers with 'persistent access' to the computer or the ability to 'survey the victims for items of interest.'" Well, yes, that's what some of these attacks do. So why "could have provided"? Usually that construction means they don't actually know.

Then it repeats: The NSA is "is uncertain about the results of the attack." “It is unknown,” they say, whether anything was compromised. That's some indictment! Let's all get outraged and afraid for democracy!

Interesting. "This was not hard to defend against." You'd think Russia's GRU, if it attacked at all, would use something that was hard to defend against.

"The report does not indicate why the Russians targeted the tiny Pacific islands [of American Samoa]." Indeed. It beggars belief. Maybe it's just a way for those clever tricksters at the GRU to lead us astray by acting like unsophisticated kiddie hackers. Jeez, they're fiendish!

Even though we don't really know that anything was compromised, they go on in some length about what VR Systems does, so you can get really scared about what might happen if something bad happened. (Though, of course, it didn't, for all we know.)

Though VR Systems is not involved in tabulating the vote, Mark Graff tells us "hackers would target a company like VR Systems to get closer to the actual tabulation of the vote." Oh, please. That makes no sense at all. I'm guessing Graff didn't know what VR Systems does when he said this.

The rest of that paragraph is hand-waving. Yes, VR Systems' equipment is on the internet, but we've already been told They're not involved in tabulating the vote. In order for the attack to spread "like germs through a handshake" into the tabulation of the vote, they'd have to get into the actual tabulating machinery.

All right, that's enough, I'm getting bored silly. All the rest of the article does is set out how difficult it would be to effect an attack on the voting machinery in any significant way, which argues for the GRU not having done it. An attack on one (three, as they would have it) that might have had some marginal success is certainly not going to have much effect.

Finally, VR Systems does not have contracts in three of the four states—Pennsylvania, Wisconsin, and Michigan—that made the difference in the 2016 POTUS election.

But here's the thing: We know from the Vault 7 Wikileaks leak that the CIA/NSA have all the stuff they need to fake an attack from another country, but there's no information here—nothing, nada, niente, aucun, ничего—about why they're certain Russia did it.

That's an important point entirely unmentioned. WaPo!!


(A postscript. We've heard a lot about "confirmation bias" in the last little while, and I'm quite sure a lot of it is true. People on Facebook —and elsewhere—do often exist in their little bubbles, some of which, as we've heard recently, Facebook encourages them to stay in. (See, for example, this video. Warning! It's a bit like an advert.)

But here's the thing. I myself would be shocked—shocked!!—if the Russian "intelligence community" weren't hacking the bejeezus out of western government systems. We already know our own "hybrid warfare" leaders do, to the other side. Ever heard of Stuxnet?

But in real life, this kind of thing isn't handled by making a big existential crisis out of it. It's everyday stuff. You defend yourself, of course, but since you expect your adversaries to monkey-wrench you, you monkey-wrench back.

Remember: When they're trying to scare you, it's because they're selling you something, usually something you don't need, and wouldn't buy otherwise.

BS printed with CIA approval