Wednesday, December 14, 2016

The Perfect Weapon: How Russian Cyberpower Invaded the U.S.


When Special Agent Adrian Hawkins of the Federal Bureau of Investigation called the Democratic National Committee in September 2015 to pass along some troubling news about its computer network, he was transferred, naturally, to the help desk.

His message was brief, if alarming. At least one computer system belonging to the D.N.C. had been compromised by hackers federal investigators had named “the Dukes,” a cyberespionage team linked to the Russian government.

The F.B.I. knew it well: The bureau had spent the last few years trying to kick the Dukes out of the unclassified email systems of the White House, the State Department and even the Joint Chiefs of Staff, one of the government’s best-protected networks.

Yared Tamene, the tech-support contractor at the D.N.C. who fielded the call, was no expert in cyberattacks. His first moves were to check Google for “the Dukes” and conduct a cursory search of the D.N.C. computer system logs to look for hints of such a cyberintrusion. By his own account, he did not look too hard even after Special Agent Hawkins called back repeatedly over the next several weeks — in part because he wasn’t certain the caller was a real F.B.I. agent and not an impostor.[...]

An examination by The Times of the Russian operation — based on interviews with dozens of players targeted in the attack, intelligence officials who investigated it and Obama administration officials who deliberated over the best response — reveals a series of missed signals, slow responses and a continuing underestimation of the seriousness of the cyberattack.

The D.N.C.’s fumbling encounter with the F.B.I. meant the best chance to halt the Russian intrusion was lost. The failure to grasp the scope of the attacks undercut efforts to minimize their impact. And the White House’s reluctance to respond forcefully meant the Russians have not paid a heavy price for their actions, a decision that could prove critical in deterring future cyberattacks.

The low-key approach of the F.B.I. meant that Russian hackers could roam freely through the committee’s network for nearly seven months before top D.N.C. officials were alerted to the attack and hired cyberexperts to protect their systems. In the meantime, the hackers moved on to targets outside the D.N.C., including Mrs. Clinton’s campaign chairman, John D. Podesta, whose private email account was hacked months later.

Even Mr. Podesta, a savvy Washington insider who had written a 2014 report on cyberprivacy for President Obama, did not truly understand the gravity of the hacking.[...]

In recent days, a skeptical president-elect, the nation’s intelligence agencies and the two major parties have become embroiled in an extraordinary public dispute over what evidence exists that President Vladimir V. Putin of Russia moved beyond mere espionage to deliberately try to subvert American democracy and pick the winner of the presidential election.

Many of Mrs. Clinton’s closest aides believe that the Russian assault had a profound impact on the election, while conceding that other factors — Mrs. Clinton’s weaknesses as a candidate; her private email server; the public statements of the F.B.I. director, James B. Comey, about her handling of classified information — were also important.

While there’s no way to be certain of the ultimate impact of the hack, this much is clear: A low-cost, high-impact weapon that Russia had test-fired in elections from Ukraine to Europe was trained on the United States, with devastating effectiveness. For Russia, with an enfeebled economy and a nuclear arsenal it cannot use short of all-out war, cyberpower proved the perfect weapon: cheap, hard to see coming, hard to trace.

“There shouldn’t be any doubt in anybody’s mind,” Adm. Michael S. Rogers, the director of the National Security Agency and commander of United States Cyber Command said at a postelection conference. “This was not something that was done casually, this was not something that was done by chance, this was not a target that was selected purely arbitrarily,” he said. “This was a conscious effort by a nation-state to attempt to achieve a specific effect.”[...]

The United States, too, has carried out cyberattacks, and in decades past the C.I.A. tried to subvert foreign elections. But the Russian attack is increasingly understood across the political spectrum as an ominous historic landmark — with one notable exception: Mr. Trump has rejected the findings of the intelligence agencies he will soon oversee as “ridiculous,” insisting that the hacker may be American, or Chinese, but that “they have no idea.”

Mr. Trump cited the reported disagreements between the agencies about whether Mr. Putin intended to help elect him. On Tuesday, a Russian government spokesman echoed Mr. Trump’s scorn.[...]

Over the weekend, four prominent senators — two Republicans and two Democrats — joined forces to pledge an investigation while pointedly ignoring Mr. Trump’s skeptical claims.

“Democrats and Republicans must work together, and across the jurisdictional lines of the Congress, to examine these recent incidents thoroughly and devise comprehensive solutions to deter and defend against further cyberattacks,” said Senators John McCain, Lindsey Graham, Chuck Schumer and Jack Reed.

“This cannot become a partisan issue,” they said. “The stakes are too high for our country.”[...]

Shawn Henry, who once led the F.B.I.’s cyber division and is now president of CrowdStrike Services, the cybersecurity firm retained by the D.N.C. in April, said he was baffled that the F.B.I. did not call a more senior official at the D.N.C. or send an agent in person to the party headquarters to try to force a more vigorous response.

“We are not talking about an office that is in the middle of the woods of Montana,” Mr. Henry said. “We are talking about an office that is half a mile from the F.B.I. office that is getting the notification.”

“This is not a mom-and-pop delicatessen or a local library. This is a critical piece of the U.S. infrastructure because it relates to our electoral process, our elected officials, our legislative process, our executive process,” he added. “To me it is a high-level, serious issue, and if after a couple of months you don’t see any results, somebody ought to raise that to a higher level.”[...]

Mr. Obama was briefed regularly on all this, but he made a decision that many in the White House now regret: He did not name Russians publicly, or issue sanctions. There was always a reason: fear of escalating a cyberwar, and concern that the United States needed Russia’s cooperation in negotiations over Syria.

“We’d have all these circular meetings,” one senior State Department official said, “in which everyone agreed you had to push back at the Russians and push back hard. But it didn’t happen.”

So the Russians escalated again — breaking into systems not just for espionage, but to publish or broadcast what they found, known as “doxing” in the cyberworld.

It was a brazen change in tactics, moving the Russians from espionage to influence operations. In February 2014, they broadcast an intercepted phone call between Victoria Nuland, the assistant secretary of state who handles Russian affairs and has a contentious relationship with Mr. Putin, and Geoffrey Pyatt, the United States ambassador to Ukraine. Ms. Nuland was heard describing a little-known American effort to broker a deal in Ukraine, then in political turmoil.

They were not the only ones on whom the Russians used the steal-and-leak strategy. The Open Society Foundation, run by George Soros, was a major target, and when its documents were released, some turned out to have been altered to make it appear as if the foundation was financing Russian opposition members.

Last year, the attacks became more aggressive. Russia hacked a major French television station, frying critical hardware. Around Christmas, it attacked part of the power grid in Ukraine, dropping a portion of the country into darkness, killing backup generators and taking control of generators. In retrospect, it was a warning shot.[...]

But asked whether he believed the leaks were one reason for Mr. Trump’s election, Mr. Assange seemed happy to take credit. “Americans extensively engaged with our publications,” he wrote. “According to Facebook statistics WikiLeaks was the most referenced political topic during October.”

Though Mr. Assange did not say so, WikiLeaks’ best defense may be the conduct of the mainstream American media. Every major publication, including The Times, published multiple stories citing the D.N.C. and Podesta emails posted by WikiLeaks, becoming a de facto instrument of Russian intelligence.

Mr. Putin, a student of martial arts, had turned two institutions at the core of American democracy — political campaigns and independent media — to his own ends. The media’s appetite for the hacked material, and its focus on the gossipy content instead of the Russian source, disturbed some of those whose personal emails were being reposted across the web.

“What was really surprising to me?” Ms. Tanden said. “I could not believe that reporters were covering it.”[...]

As the year draws to a close, it now seems possible that there will be multiple investigations of the Russian hacking — the intelligence review Mr. Obama has ordered completed by Jan. 20, the day he leaves office, and one or more congressional inquiries. They will wrestle with, among other things, Mr. Putin’s motive.

Did he seek to mar the brand of American democracy, to forestall anti-Russian activism for both Russians and their neighbors? Or to weaken the next American president, since presumably Mr. Putin had no reason to doubt American forecasts that Mrs. Clinton would win easily? Or was it, as the C.I.A. concluded last month, a deliberate attempt to elect Mr. Trump?

In fact, the Russian hack-and-dox scheme accomplished all three goals.

What seems clear is that Russian hacking, given its success, is not going to stop. Two weeks ago, the German intelligence chief, Bruno Kahl, warned that Russia might target elections in Germany next year. “The perpetrators have an interest to delegitimize the democratic process as such,” Mr. Kahl said. Now, he added, “Europe is in the focus of these attempts of disturbance, and Germany to a particularly great extent.”

But Russia has by no means forgotten its American target. On the day after the presidential election, the cybersecurity company Volexity reported five new waves of phishing emails, evidently from Cozy Bear, aimed at think tanks and nonprofits in the United States.

One of them purported to be from Harvard University, attaching a fake paper. Its title: “Why American Elections Are Flawed.

22 comments:

  1. The article alludes to the US interference in Ukrainian elections, where the US and EU intervened in Ukrainian parliament to overthrow the pro Soviet President and replaced him with a pro European pro western President leading to the Ukrainian war and take over of Crimea, etc.

    If US intervened in Russia's spehere of influence, why can't Russia intervene in US elections?

    It's good for the goose, but not for the gander?

    ReplyDelete
  2. Internal politicking criticism is ignoring.

    Either use the regular weapons of international relations (sanctions, cut off business, diplomatic ties, etc) or put up.

    Obama seems to need Russia for north Korea, Syria, ISIS, European natural gas, etc. So Russia has leverage.

    Obama decided to ignore. Per the article above.

    ReplyDelete
  3. Come Jan. 20, it will be Trump's job to punish Putin's Russia (with sanctions, cut off business, diplomatic ties, etc). Will he prove himself a "stronger" President than President Obama, and punish Russia? Or will he cave in and appease (reward) Putin?

    ReplyDelete
  4. If the Russian issue is so important why didn't the intelligence community come to the House Intelligence Committee meeting?

    http://www.foxnews.com/politics/2016/12/15/rep-king-canceled-intel-briefing-on-alleged-russian-interference-in-us-election-is-disgraceful.html?refresh=true

    ReplyDelete
  5. this is your proof that it was just hysteria?!

    ReplyDelete
  6. Perhaps. However, how do you explain their absence on such a critical issue?

    ReplyDelete
  7. You don't have an answer and it sure points to the whole thing being fake since they don't want to allow any examination of the allegations.

    ReplyDelete
  8. Now it becomes clear that by using a vulnerable private email server long before being nominated for the highest office in the land, Hillary Clinton exposed sensitive information to foreign hackers. Thus such a careless individual proved she was unfit to have access to even more secret material. So if anything has been proven by these revelations, it is that the country dodged a bullet by rejecting her bid to be President.

    ReplyDelete
  9. http://www.usatoday.com/story/news/politics/onpolitics/2016/12/14/intelligence-officials-refuse-brief-house-panel-russian-hacking/95453412/
    The office of the Director of National Intelligence said in a statement Wednesday: ""Last week, the President ordered a full Intelligence Community review of foreign efforts to influence recent presidential elections — from 2008 to present. "Once the review is complete in the coming weeks, the Intelligence Community stands ready to brief Congress — and will make those findings available to the public consistent with protecting intelligence sources and methods. We will not offer any comment until the review is complete.""

    ReplyDelete
  10. you obviously are ignoring the news about Flynn

    http://www.nbcnews.com/news/us-news/trump-pick-advisor-inappropriately-shared-classified-info-n695866

    ReplyDelete
  11. "They don't want to allow any examination of the allegations." Change your moniker, dude. The Democrats, as well as moderate Republicans, are calling for a full investigation of the allegations. It is Trump who is saying there is nothing to look at.

    ReplyDelete
  12. It wasn't her email server that was hacked, get your story straight.

    ReplyDelete
  13. No I'm not. And neither will senators when it is time for his confirmation hearing.

    ReplyDelete
  14. I have it straight. It's the White House that is ignoring what happened and trying to spin it against the President Elect. http://www.nytimes.com/2016/07/07/us/hillary-clintons-email-was-probably-hacked-experts-say.html
    When Trump facetiously asked Russia to find Hillary's missing emails, he obviously meant the ones they already had in their possession since her server was no longer connected.

    ReplyDelete
  15. The intelligence agencies didn't show up. Explain that.

    Your comment about everyone calling for an investigation is probably based on Leftist lying sources such as Associated Palestinians (AP), the New York Slime or the Washington Compost.

    In any case, there is no reasonable explanation for the agencies not to meet with congress except that the whole thing is overblown baloney.

    ReplyDelete
  16. This a full contradiction to their phony concern about the Russian involvement and you are not presenting any explanation for it.

    ReplyDelete
  17. This is a poor excuse for meeting with Congress and just a diversion to avoid serious grilling.

    ReplyDelete
  18. This is absolute nonsense. There is non legitimate reason why they couldn't meet now for a preliminary discussion unless they have nothing to show which is probably the case.

    So they are going to wait until the election has been confirmed and then present their nonsense. I think that's a great idea.

    ReplyDelete

ANONYMOUS COMMENTS WILL NOT BE POSTED!
please use either your real name or a pseudonym.