The New York Times has published a lengthy article setting out what it says is the “evidence” that Russia was behind the leaks of the DNC and Podesta leaks by Wikileaks.
The article reveals nothing that is really knew, but a number of points did immediately strike me:
(1) The article goes to some lengths to claim that the way the Russians go about carrying out cyber-attacks is far more stealthy than say the Chinese. Thus we read comments like this
“The Russians had not gone away, of course. “They were just a lot more stealthy,” said Kevin Mandia, a former Air Force intelligence officer who spent most of his days fighting off Russian cyberattacks before founding Mandiant, a cybersecurity firm that is now a division of FireEye — and the company the Clinton campaign brought in to secure its own systems.”
“The Russians grew stealthier and stealthier, tricking government computers into sending out data while disguising the electronic “command and control” messages that set off alarms for anyone looking for malicious actions. The State Department was so crippled that it repeatedly closed its systems to throw out the intruders. At one point, officials traveling to Vienna with Secretary of State John Kerry for the Iran nuclear negotiations had to set up commercial Gmail accounts just to communicate with one another and with reporters traveling with them.”
We also learn that the Russians attempted to conceal their responsibility for the leaks by creating the persona of a supposed Romanian hacker called “Guccifer 2.0” who supposedly claimed responsibility for the hacks and warned he would publish the information he got from them.
It is very difficult to understand why in that case these so very “stealthy” and presumably well-resourced Russians failed to make sure that “Guccifer 2.0” was able to speak fluent Romanian. I say this because it is clear that whoever has created the persona of “Guccifer 2.0” obviously does not speak Romanian. See for example this paragraph
“That gave Mr. Franceschi-Bicchierai an idea. Using Google Translate, he sent the purported hacker some questions in Romanian. The answers came back in Romanian. But when he was offline, Mr. Franceschi-Bicchierai checked with a couple of native speakers, who told him Guccifer 2.0 had apparently been using Google Translate as well — and was clearly not the Romanian he claimed to be.”
Presumably Russian intelligence agencies are not short of fluent Romanian speakers they can call on in situations like this?
It becomes even more bizarre when one reads the following
“Cyberresearchers found other clues pointing to Russia. Microsoft Word documents posted by Guccifer 2.0 had been edited by someone calling himself, in Russian, Felix Edmundovich — an obvious nom de guerre honouring the founder of the Soviet secret police, Felix Edmundovich Dzerzhinsky. Bad links in the texts were marked by warnings in Russian, generated by what was clearly a Russian-language version of Word.”
That does not sound at all “stealthy”. On the contrary it suggests that whoever is behind “Guccifer 2.0” was going out of his way to try to implicate Russia’s intelligence agencies in “Guccifer 2.0’s” activities.
That in turn suggests that “Guccifer 2.0” has nothing to do with Russia’s intelligence agencies, and that whoever has created his persona is either trying to cover his tracks by misdirecting investigators towards the Russians, or is engaging in an anti-Russian provocation.
What this means is that if “Guccifer 2.0” is the persona of the person responsible for the leaks, then he almost certainly has nothing to do with Russia’s intelligence agencies, and he may not even be Russian.
As it happens, the fact “Guccifer 2.0” pretends to be Romanian but is apparently unable to speak Romanian points to whoever he is being a private individual rather than an intelligence agency.
(2) A great deal in The New York Times article turns on the fact that the DNC and Podesta hacks were carried out by two groups of hackers identified respectively as Cozy Bear and Fancy Bear.
The connection of either of these two groups of hackers to Russia’s intelligence agencies appears to be inferred from their previous activity rather than based on actual knowledge. However the important point is that whoever they are they were clearly not working together
“To their astonishment, Mr. Alperovitch said, CrowdStrike experts found signs that the two Russian hacking groups had not coordinated their attacks. Fancy Bear, apparently not knowing that Cozy Bear had been rummaging in D.N.C. files for months, took many of the same documents.”
Given the sensitivity of any covert operation to swing the US Presidential election to Donald Trump, it is a certainty that if someone like Putin or Nikolay Patrushev (the secretary of Russia’s Security Council who is believed to coordinate the work of Russia’s intelligence agencies) had ordered it they would have ensured that it was coordinated and kept under tight control.
The fact this was not the case, and that Cozy Bear and Fancy Bear were apparently acting independently of each other and at times even at cross purposes, is an extremely strong reason for doubting such an order was ever given.
If Cozy Bear and Fancy Bear really are run by Russian intelligence agencies, then the fact they were not coordinating with each other suggests they were each engaging in ordinary spying activities and not in anything more sinister.
(3) Lastly, what the New York Times article shows is how exceptionally sloppy cyber security on the part of the DNC and Podesta was, and how extraordinarily complacent they were about the possibility of being hacked.
Whilst that makes it possible they were hacked by Russia’s intelligence agencies, it also leaves open the possibility they were hacked by all sorts of other people, including people within the US. Any one of these people might have been the person or persons behind the persona of “Guccifer 2.0”, or might have been the source of the leaks that were provided to Wikileaks.
In summary, I don’t think this article in The New York Times adds very much. If anything it shows how thin the case the Hillary Clinton campaign and the CIA are making that Russia was behind the leaks in order to swing the election to Donald Trump actually is.