Thanks to a tweet by Stephen McIntyre, I’ve finally found a document that explains the hacking of the DNC emails. It’s by a company called “CrowdStrike”, a computer security firm which was called in by the Democrats back in June when the intrusions were discovered. The document is from June 16. Here’s the short version.
There are not one but two different hacking groups involved. The CrowdStrike folks name all Russian hacking groups with the code name “Bear”. One group called “Cozy Bear”, also known as TG-4127, was able to break into the DNC server and the Hillary Clinton campaign server. The “Fancy Bear” group attacked the Republican National Committee and Trump campaign, but couldn’t get in.
These two groups are known to have been involved in a host of other attacks, often in Russia, and are known to be hired by the Russian Government for this kind of operation. It gives the Russians deniability. Nor is it unusual to have two different groups working on it, different Russian government departments often hire different hacking groups.
So it appears that the ex-Communists have learned the beauty of outsourcing …
Here’s the ironic part. The difference in the ability to penetrate the two campaigns came down to a seemingly trivial choice. The DNC used Google mail. The GOP did not.
Seriously. The attackers used a phishing attack to penetrate the Google mail system.
Now, this and a whole lot more was all publicly known back in June. So in answer to the question “Did the Russians mount a cyber-attack on both campaigns” the answer is “Yes”.
However, two things are NOT known. One is whether this particular instance of Russian ongoing attempts to hack anyone and everyone is or is not connected to the Wikileaks emails. This is closely related to the question of whether the Russians were trying to affect the election.
For me, I’d say on balance it’s not likely that the Russians were behind Wikileaks or trying to affect the election. To start with, Julian Assange of Wikileaks says absolutely no way. His version is supported by a somewhat tarnished ex-British Ambassador, who said he was given the documents in a park by someone fed up with DNC dirty tricks aimed at denying Bernie Saunders the nomination. In other words, they were leaked, not hacked. He said:
I don’t understand why the CIA would say the information came from Russian hackers when they must know that isn’t true. Regardless of whether the Russians hacked into the DNC, the documents Wikileaks published did not come from that.
Next, as far as is known neither the CIA nor the FBI nor anybody have found the slightest scrap of evidence suggesting that the Russians were the source of the Wikileaks emails. None of them have even hinted at such evidence, and you know they’d love to prove Assange and company were being fed by the Russians.
Next, I can’t see the logic in trying to make Hillary lose. Does anyone seriously believe that the Russians would rather be up against General “Mad Dog” Mattis and Rex “T. Rex” Tillerson, than be up against Hillary and Huma?
Heck, throughout and since the Election the Democrats have kept saying they’re terrified that Trump is so unstable that he should be denied the Presidency for fear he might accidentally push the nuclear button. If that is true, where is the upside for the Kremlin in swinging the election to a madman? The missiles are all aimed at Russia, if Trump is loony do you think the Russians want him in charge of the nuclear button?
I say they’d much rather have Hillary and her famous big red “Reset” button that she pushed to signal a new relationship with Russia, than Trump with the actual red button. But not because they think Trump is crazy or unstable. The Russians know neither is true.
They’d prefer Hillary because Trump picks a Secretary of Defense whose nickname is the “Warrior Monk” and who is called “Mad Dog” …
Next, the fact that it was the Russians who hacked the DNC computer was publicly known back in early June when the CrowdStrike report was published. This was before the Wikileaks first release on 22 June … so the Russians would have to know that fingers would all be certain to point at them, and that the blowback would be intense, as indeed it has been. So facing the certain public knowledge that their penetration had already been discovered, why release the emails? Where’s the upside?
My final reason that I don’t think it’s the Russians is that it’s not their style. They’re more into blackmail than the Wikileaks-style expose because as J. Edgar Hoover proved, the payoff of having a blackmailed politician in your pocket is larger, longer-lived and more certain than just wasting your inside knowledge and evidence of wrongdoing on outing them in public. And the Russians are masters of blackmail, it’s a favorite KGB tactic.
But blackmail only works when you DON’T publish what you find …
My conclusions are:
• Yes, the Russians did hack the Democrats and try to hack the Republicans, the CrowdStrike documentation is detailed and convincing, and
• Yes, the DNC emails released by Wikileaks were leaked to them rather than hacked by the Russians, and
• No, the Russians did not release whatever they found, they’ve kept it close to their vests. They may or may not have more or different information than revealed in the Wikileaks emails. Whatever they have, I greatly doubt they’d waste it trying to swing an election after their penetration was discovered, particularly to support Trump.
Anyhow, that’s how it looks from the outside. We may find out more from the inside, who knows … but at least I have a better handle on what’s happening.
Finally, Assange has said that there are more emails to be released … who knows? The beat goes on, it’s the most fascinating election I could ever imagine.
Best to all, and don’t write anything down that you wouldn’t want to see in the tabloid headlines … I just assume the NSA is totally fascinated by my emails and act accordingly.
As is my custom, let me request that if you disagree with someone, you QUOTE THE EXACT WORDS YOU OBJECT TO. That way we can all be clear what you are referring to.