Posts

The Evidence to Prove the Russian Hack

/39 Comments/in , , /by

In this post, I’m going to lay out the evidence needed to fully explain the Russian hack. I think it will help to explain some of the timing around the story that the CIA believes Russia hacked the DNC to help win Trump win the election, as well as what is new in Friday’s story. I will do rolling updates on this and eventually turn it into a set of pages on Russia’s hacking.

As I see it, intelligence on all the following are necessary to substantiate some of the claims about Russia tampering in this year’s election.

  1. FSB-related hackers hacked the DNC
  2. GRU-related hackers hacked the DNC
  3. Russian state actors hacked John Podesta’s emails
  4. Russian state actors hacked related targets, including Colin Powell and some Republican sites
  5. Russian state actors hacked the RNC
  6. Russian state actors released information from DNC and DCCC via Guccifer 2
  7. Russian state actors released information via DC Leaks
  8. Russian state actors or someone acting on its behest passed information to Wikileaks
  9. The motive explaining why Wikileaks released the DNC and Podesta emails
  10. Russian state actors probed voter registration databases
  11. Russian state actors used bots and fake stories to make information more damaging and magnify its effects
  12. The level at which all Russian state actors’ actions were directed and approved
  13. The motive behind the actions of Russian state actors
  14. The degree to which Russia’s efforts were successful and/or primary in leading to Hillary’s defeat

I explain all of these in more detail below. For what it’s worth, I think there was strong publicly available information to prove 3, 4, 7, 11. I think there is weaker though still substantial information to support 2. It has always been the case that the evidence is weakest at point 6 and 8.

At a minimum, to blame Russia for tampering with the election, you need high degree of confidence that GRU hacked the DNC (item 2), and shared those documents via some means with Wikileaks (item 8). What is new about Friday’s story is that, after months of not knowing how the hacked documents got from Russian hackers to Wikileaks, CIA now appears to know that people close to the Russian government transferred the documents (item 8). In addition, CIA now appears confident that all this happened to help Trump win the presidency (item 13).

1) FSB-related hackers hacked the DNC

The original report from Crowdstrike on the DNC hack actually said two separate Russian-linked entities hacked the DNC: one tied to the FSB, which it calls “Cozy Bear” or APT 29, and one tied to GRU, which it calls “Fancy Bear” or APT 28. Crowdstrike says Cozy Bear was also responsible for hacks of unclassified networks at the White House, State Department, and US Joint Chiefs of Staff.

I’m not going to assess the strength of the FSB evidence here. As I’ll lay out, the necessary hack to attribute to the Russians is the GRU one, because that’s the one believed to be the source of the DNC and Podesta emails. The FSB one is important to keep in mind, as it suggests part of the Russian government may have been hacking US sites solely for intelligence collection, something our own intelligence agencies believe is firmly within acceptable norms of spying. In the months leading up to the 2012 election, for example, CIA and NSA hacked the messaging accounts of a bunch of Enrique Peña Nieto associates, pretty nearly the equivalent of the Podesta hack, though we don’t know what they did with that intelligence. The other reason to keep the FSB hack in mind is because, to the extent FSB hacked other sites, they also may be deemed part of normal spying.

2) GRU-related hackers hacked the DNC

As noted, Crowdstrike reported that GRU also hacked the DNC. As it explains, GRU does this by sending someone something that looks like an email password update, but which instead is a fake site designed to get someone to hand over their password. The reason this claim is strong is because people at the DNC say this happened to them.

Note that there are people who raise questions of whether this method is legitimately tied to GRU and/or that the method couldn’t be stolen and replicated. I will deal with those questions at length elsewhere. But for the purposes of this post, I will accept that this method is a clear sign of GRU involvement. There are also reports that deal with GRU hacking that note high confidence GRU hacked other entities, but less direct evidence they hacked the DNC.

Finally, there is the real possibility that other people hacked the DNC, in addition to FSB and GRU. That possibility is heightened because a DNC staffer was hacked via what may have been another method, and because DNC emails show a lot of password changes off services for which DNC staffers had had their accounts exposed in other hacks.

All of which is a way of saying, there is some confidence that DNC got hacked at least twice, with those two revealed efforts being done by hackers with ties to the Russian state.

3) Russian state actors (GRU) hacked John Podesta’s emails

Again, assuming that the fake Gmail phish is GRU’s handiwork, there is probably the best evidence that GRU hacked John Podesta and therefore that Russia, via some means, supplied Wikileaks, because we have a copy of the actual email used to hack him. The Smoking Gun has an accessible story describing how all this works. So in the case of Podesta, we know he got a malicious phish email, we know that someone clicked the link in the email, and we know that emails from precisely that time period were among the documents shared with Wikileaks. We just have no idea how they got there.

4) Russian state actors hacked related targets, including some other Democratic staffers, Colin Powell and some Republican sites

That same Gmail phish was used with victims — including at a minimum William Rinehart and Colin Powell — that got exposed in a site called DC Leaks. We can have the same high degree of confidence that GRU conducted this hack as we do with Podesta. As I note below, that’s more interesting for what it tells us about motive than anything else.

5) Russian state actors hacked the RNC

The allegation that Russia also hacked the RNC, but didn’t leak those documents — which the CIA seems to rely on in part to argue that Russia must have wanted to elect Trump — has been floating around for some time. I’ll return to what we know of this. RNC spox Sean Spicer is denying it, though so did Hillary’s people at one point deny that they had been hacked.

There are several points about this. First, hackers presumed to be GRU did hack and release emails from Colin Powell and an Republican-related server. The Powell emails (including some that weren’t picked up in the press), in particular, were detrimental to both candidates. The Republican ones were, like a great deal of the Democratic ones, utterly meaningless from a news standpoint.

So I don’t find this argument persuasive in its current form. But the details on it are still sketchy precisely because we don’t know about that hack.

6) Russian state actors released information from DNC and DCCC via Guccifer 2

Some entity going by the name Guccifer 2 started a website in the wake of the announcement that the DNC got hacked. The site is a crucial part of this assessment, both because it released DNC and DCCC documents directly (though sometimes misattributing what it was releasing) and because Guccifer 2 stated clearly that he had shared the DNC documents with Wikileaks. The claim has always been that Guccifer 2 was just a front for Russia — a way for them to adopt plausible deniability about the DNC hack.

That may be the case (and obvious falsehoods in Guccifer’s statements make it clear deception was part of the point), but there was always less conclusive (and sometimes downright contradictory) evidence to support this argument (this post summarizes what it claims are good arguments that Guccifer 2 was a front for Russia; on the most part I disagree and hope to return to it in the future). Moreover, this step has been one that past reporting said the FBI couldn’t confirm. Then there are other oddities about Guccifer’s behavior, such as his “appearance” at a security conference in London, or the way his own production seemed to fizzle as Wikileaks started releasing the Podesta emails. Those details of Guccifer’s behavior are, in my opinion, worth probing for a sense of how all this was orchestrated.

Yesterday’s story seems to suggest that the spooks have finally figured out this step, though we don’t have any idea what it entails.

7) Russian state actors released information via DC Leaks

Well before many people realized that DC Leaks existed, I suspected that it was a Russian operation. That’s because two of its main targets — SACEUR Philip Breedlove and George Soros — are targets Russia would obviously hit to retaliate for what it treats as a US-backed coup in Ukraine.

DC Leaks is also where the publicly released (and boring) GOP emails got released.

Perhaps most importantly, that’s where the Colin Powell emails got released (this post covers some of those stories). That’s significant because Powell’s emails were derogatory towards both candidates (though he ultimately endorsed Hillary).

It’s interesting for its haphazard targeting (if someone wants to pay me $$ I would do an assessment of all that’s there, because some just don’t make any clear sense from a Russian perspective, and some of the people most actively discussing the Russian hacks have clearly not even read all of it), but also because a number of the victims have been affirmatively tied to the GRU phishing methods.

So DC Leaks is where you get obvious Russian targets and Russian methods all packaged together. But of the documents it released, the Powell emails were the most interesting for electoral purposes, and they didn’t target Hillary as asymmetrically as the Wikileaks released documents did.

8) Russian state actors or someone acting on its behest passed information to Wikileaks

The basis for arguing that all these hacks were meant to affect the election is that they were released via Wikileaks. That is what was supposed to be new, beyond just spying (though we have almost certainly hacked documents and leaked them, most probably in the Syria Leaks case, but I suspect also in some others).

And as noted, how Wikileaks got two separate sets of emails has always been the big question. With the DNC emails, Guccifer 2 clearly said he had given them to WL, but the Guccifer 2 ties to Russia was relatively weak. And with the Podesta emails, I’m not aware of any known interim step between the GRU hack and Wikileaks.

A late July report said the FBI was still trying to determine how Russia got the emails to Wikileaks or even if they were the same emails.

The FBI is still investigating the DNC hack. The bureau is trying to determine whether the emails obtained by the Russians are the same ones that appeared on the website of the anti-secrecy group WikiLeaks on Friday, setting off a firestorm that roiled the party in the lead-up to the convention.

The FBI is also examining whether APT 28 or an affiliated group passed those emails to WikiLeaks, law enforcement sources said.

An even earlier report suggested that the IC wasn’t certain the files had been passed electronically.

And the joint DHS/ODNI statement largely attributed its confidence that Russia was involved in the the leaking (lumping Guccifer 2, DC Leaks, and Wikileaks all together) not because it had high confidence in that per se (a term of art saying, effectively, “we have seen the evidence”), but instead because leaking such files is consistent with what Russia has done elsewhere.

The recent disclosures of alleged hacked e-mails on sites like DCLeaks.com and WikiLeaks and by the Guccifer 2.0 online persona are consistent with the methods and motivations of Russian-directed efforts.

Importantly, that statement came out on October 7, so well after the September briefing at which CIA claimed to have further proof of all this.

Now, Julian Assange has repeatedly denied that Russia was his source. Craig Murray asserted, after having meeting with Assange, that the source is not the Russian state or a proxy. Wikileaks’ tweet in the wake of yesterday’s announcement — concluding that an inquiry directed at Russia in this election cycle is targeted at Wikileaks — suggests some doubt. Also, immediately after the election, Sergei Markov, in a statement deemed to be consistent with Putin’s views, suggested that “maybe we helped a bit with WikiLeaks,” even while denying Russia carried out the hacks.

That’s what’s new in yesterday’s story. It stated that “individuals with connections to the Russian government” handed the documents to Wikileaks.

Intelligence agencies have identified individuals with connections to the Russian government who provided WikiLeaks with thousands of hacked emails from the Democratic National Committee and others, including Hillary Clinton’s campaign chairman, according to U.S. officials. Those officials described the individuals as actors known to the intelligence community and part of a wider Russian operation to boost Trump and hurt Clinton’s chances.

[snip]

[I]ntelligence agencies do not have specific intelligence showing officials in the Kremlin “directing” the identified individuals to pass the Democratic emails to WikiLeaks, a second senior U.S. official said. Those actors, according to the official, were “one step” removed from the Russian government, rather than government employees. Moscow has in the past used middlemen to participate in sensitive intelligence operations so it has plausible deniability.

I suspect we’ll hear more leaked about these individuals in the coming days; obviously, the IC says it doesn’t have evidence of the Russian government ordering these people to share the documents with Wikileaks.

Nevertheless, the IC now has what it didn’t have in July: a clear idea of who gave Wikileaks the emails.

9) The motive explaining why Wikileaks released the DNC and Podesta emails

There has been a lot of focus on why Wikileaks did what it did, which notably includes timing the DNC documents to hit for maximum impact before the Democratic Convention and timing the Podesta emails to be a steady release leading up to the election.

I don’t rule out Russian involvement with all of that, but it is entirely unnecessary in this case. Wikileaks has long proven an ability to hype its releases as much as possible. More importantly, Assange has reason to have a personal gripe against Hillary, going back to State’s response to the cable release in 2010 and the subsequent prosecution of Chelsea Manning.

In other words, absent really good evidence to the contrary, I assume that Russia’s interests and Wikileaks’ coincided perfectly for this operation.

10) Russian state actors probed voter registration databases

Back in October, a slew of stories reported that “Russians” had breached voter related databases in a number of states. The evidence actually showed that hackers using a IP tied to Russia had done these hacks. Even if the hackers were Russian (about which there was no evidence in the first reports), there was also no evidence the hackers were tied to the Russian state. Furthermore, as I understand it, these hacks used a variety of methods, some or all of which aren’t known to be GRU related. A September DHS bulletin suggested these hacks were committed by cybercriminals (in the past, identity thieves have gone after voter registration lists). And the October 7 DHS/ODNI statement affirmatively said the government was not attributing the probes to the Russians.

Some states have also recently seen scanning and probing of their election-related systems, which in most cases originated from servers operated by a Russian company. However, we are not now in a position to attribute this activity to the Russian Government.

In late November, an anonymous White House statement said there was no increased malicious hacking aimed at the electoral process, though remains agnostic about whether Russia ever planned on such a thing.

The Federal government did not observe any increased level of malicious cyber activity aimed at disrupting our electoral process on election day. As we have noted before, we remained confident in the overall integrity of electoral infrastructure, a confidence that was borne out on election day. As a result, we believe our elections were free and fair from a cybersecurity perspective.

That said, since we do not know if the Russians had planned any malicious cyber activity for election day, we don’t know if they were deterred from further activity by the various warnings the U.S. government conveyed.

Absent further evidence, this suggests that reports about Russian trying to tamper with the actual election infrastructure were at most suspicions and possibly just a result of shoddy reporting conflating Russian IP with Russian people with Russian state.

11) Russian state actors used bots and fake stories to make information more damaging and magnify its effects

Russia has used bots and fake stories in the past to distort or magnify compromising information. There is definitely evidence some pro-Trump bots were based out of Russia. RT and Sputnik ran with inflammatory stories. Samantha Bee famously did an interview with some Russians who were spreading fake news. But there were also people spreading fake news from elsewhere, including Macedonia and Surburban LA. A somewhat spooky guy even sent out fake news in an attempt to discredit Wikileaks.

As I have argued, the real culprit in this economy of clickbait driven outrage is closer to home, in the algorithms that Silicon Valley companies use that are exploited by a whole range of people. So while Russian directed efforts may have magnified inflammatory stories, that was not a necessary part of any intervention in the election, because it was happening elsewhere.

12) The level at which all Russian state actors’ actions were directed and approved

The DHS/ODNI statement said clearly that “We believe, based on the scope and sensitivity of these efforts, that only Russia’s senior-most officials could have authorized these activities.” But the WaPo story suggests they still don’t have proof of Russia directing even the go-between who gave WL the cables, much less the go-between directing how Wikileaks released these documents.

Mind you, this would be among the most sensitive information, if the NSA did have proof, because it would be collection targeted at Putin and his top advisors.

13) The motive behind the actions of Russian state actors

The motive behind all of this has varied. The joint DHS/ODNI statement said it was “These thefts and disclosures are intended to interfere with the US election process.” It didn’t provide a model for what that meant though.

Interim reporting — including the White House’s anonymous post-election statement — had suggested that spooks believed Russia was doing it to discredit American democracy.

The Kremlin probably expected that publicity surrounding the disclosures that followed the Russian Government-directed compromises of e-mails from U.S. persons and institutions, including from U.S. political organizations, would raise questions about the integrity of the election process that could have undermined the legitimacy of the President-elect.

At one level, that made a lot of sense — the biggest reason to release the DNC and Podesta emails, it seems to me, was to confirm the beliefs a lot of people already had about how power works. I think one of the biggest mistakes of journalists who have political backgrounds was to avoid discussing how the sausage of politics gets made, because this material looks worse if you’ve never worked in a system where power is about winning support. All that said, there’s nothing in the emails (especially given the constant release of FOIAed emails) that uniquely exposed American democracy as corrupt.

All of which is to say that this explanation never made any sense to me; it was mostly advanced by people who live far away from people who already distrust US election systems, who ignored polls showing there was already a lot of distrust.

Which brings us to the other thing that is new in the WaPo story: the assertion that CIA now believes this was all intended to elect Trump, not just make us distrust elections.

The CIA has concluded in a secret assessment that Russia intervened in the 2016 election to help Donald Trump win the presidency, rather than just to undermine confidence in the U.S. electoral system, according to officials briefed on the matter.

[snip]

“It is the assessment of the intelligence community that Russia’s goal here was to favor one candidate over the other, to help Trump get elected,” said a senior U.S. official briefed on an intelligence presentation made to U.S. senators. “That’s the consensus view.”

For what it’s worth, there’s still some ambiguity in this. Did Putin really want Trump? Or did he want Hillary to be beat up and weak for an expected victory? Did he, like Assange, want to retaliate for specific things he perceived Hillary to have done, in both Libya, Syria, and Ukraine? That’s unclear.

14) The degree to which Russia’s efforts were successful and/or primary in leading to Hillary’s defeat

Finally, there’s the question that may explain Obama’s reticence about this issue, particularly in the anonymous post-election statement from the White House, which stated that the “election results … accurately reflect the will of the American people.” It’s not clear that Putin’s intervention, whatever it was, had anywhere near the effect as (for example) Jim Comey’s letters and Bret Baier’s false report that Hillary would be indicted shortly. There are a lot of other factors (including Hillary’s decision to ignore Jake Sullivan’s lonely advice to pay some attention to the Rust Belt).

And, as I’ve noted repeatedly, it is no way the case that Vladimir Putin had to teach Donald Trump about kompromat, the leaking of compromising information for political gain. Close Trump associates, including Roger Stone (who, by the way, may have had conversations with Julian Assange), have been rat-fucking US elections since the time Putin was in law school.

But because of the way this has rolled out (and particularly given the cabinet picks Trump has already made), it will remain a focus going forward, perhaps to the detriment of other issues that need attention.

Unpacking the New CIA Leak: Don’t Ignore the Aluminum Tube Footnote

/57 Comments/in , , /by

This post will unpack the leak from the CIA published in the WaPo tonight.

Before I start with the substance of the story, consider this background. First, if Trump comes into office on the current trajectory, the US will let Russia help Bashar al-Assad stay in power, thwarting a 4-year effort on the part of the Saudis to remove him from power. It will also restructure the hierarchy of horrible human rights abusing allies the US has, with the Saudis losing out to other human rights abusers, potentially up to and including that other petrostate, Russia. It will also install a ton of people with ties to the US oil industry in the cabinet, meaning the US will effectively subsidize oil production in this country, which will have the perhaps inadvertent result of ensuring the US remains oil-independent even though the market can’t justify fracking right now.

The CIA is institutionally quite close with the Saudis right now, and has been in charge of their covert war against Assad.

This story came 24 days after the White House released an anonymous statement asserting, among other things, “the Federal government did not observe any increased level of malicious cyber activity aimed at disrupting our electoral process on election day,” suggesting that the Russians may have been deterred.

This story was leaked within hours of the time the White House announced it was calling for an all-intelligence community review of the Russia intelligence, offered without much detail. Indeed, this story was leaked and published as an update to that story.

Which is to say, the CIA and/or people in Congress (this story seems primarily to come from Democratic Senators) leaked this, apparently in response to President Obama’s not terribly urgent call to have all intelligence agencies weigh in on the subject of Russian influence, after weeks of Democrats pressuring him to release more information. It was designed to both make the White House-ordered review more urgent and influence the outcome.

So here’s what that story says.

In September, the spooks briefed “congressional leaders” (which for a variety of reasons I wildarseguess is either a Gang of Four briefing including Paul Ryan, Nancy Pelosi, Mitch McConnell, and Harry Reid or a briefing to SSCI plus McConnell, Reid, Jack Reed, and John McCain). Apparently, the substance of the briefing was that Russia’s intent in hacking Democratic entities was not to increase distrust of institutions, but instead to elect Trump.

The CIA has concluded in a secret assessment that Russia intervened in the 2016 election to help Donald Trump win the presidency, rather than just to undermine confidence in the U.S. electoral system, according to officials briefed on the matter.

The difference between this story and other public assessments is that it seems to identify the people — who sound like people with ties to the Russian government but not necessarily part of it — who funneled documents from Russia’s GRU to Wikileaks.

Intelligence agencies have identified individuals with connections to the Russian government who provided WikiLeaks with thousands of hacked emails from the Democratic National Committee and others, including Hillary Clinton’s campaign chairman, according to U.S. officials. Those officials described the individuals as actors known to the intelligence community and part of a wider Russian operation to boost Trump and hurt Clinton’s chances.

[snip]

[I]ntelligence agencies do not have specific intelligence showing officials in the Kremlin “directing” the identified individuals to pass the Democratic emails to WikiLeaks, a second senior U.S. official said. Those actors, according to the official, were “one step” removed from the Russian government, rather than government employees.

This is the part that has always been missing in the past: how the documents got from GRU, which hacked the DNC and John Podesta, to Wikileaks, which released them. It appears that CIA now thinks they know the answer: some people one step removed from the Russian government, funneling the documents from GRU hackers (presumably) to Wikileaks to be leaked, with the intent of electing Trump.

Not everyone buys this story. Mitch McConnell doesn’t buy the intelligence.

In September, during a secret briefing for congressional leaders, Senate Republican Leader Mitch McConnell (Ky.) voiced doubts about the veracity of the intelligence, according to officials present.

That’s one doubt raised about CIA’s claim — though like you all, I assume Mitch McConnell shouldn’t be trusted on this front.

But McConnell wasn’t the only one. One source for this story — which sounds like someone like Harry Reid or Dianne Feinstein — claimed that this CIA judgment is the “consensus” view of all the intelligence agencies, a term of art.

“It is the assessment of the intelligence community that Russia’s goal here was to favor one candidate over the other, to help Trump get elected,” said a senior U.S. official briefed on an intelligence presentation made to U.S. senators. “That’s the consensus view.”

Except that in a briefing this week (which may have been what impressed John McCain and Lindsey Graham to do their own investigation), that’s not what this represented.

The CIA shared its latest assessment with key senators in a closed-door briefing on Capitol Hill last week, in which agency officials cited a growing body of intelligence from multiple sources. Agency briefers told the senators it was now “quite clear” that electing Trump was Russia’s goal, according to the officials, who spoke on the condition of anonymity to discuss intelligence matters.

The CIA presentation to senators about Russia’s intentions fell short of a formal U.S. assessment produced by all 17 intelligence agencies. A senior U.S. official said there were minor disagreements among intelligence officials about the agency’s assessment, in part because some questions remain unanswered. [my emphasis]

That’s a conflict. Some senior US official (often code for senior member of Congress) says this is the consensus view. Another senior US official (or maybe the very same one) says there are “minor disagreements.”

Remember: we went to war against Iraq, which turned out to have no WMD, in part because no one read the “minor disagreements” from a few agencies about some aluminum tubes. A number of Senators who didn’t read that footnote closely (and at least one that did) are involved in this story. What we’re being told is there are some aluminum tube type disagreements.

Let’s hear about those disagreements this time, shall we?

Here’s the big takeaway. The language “a formal US assessment produced by all 17 intelligence agencies” is, like “a consensus view,” a term of art. It’s an opportunity for agencies which may have differing theories of what happened here to submit their footnotes.

That may be what Obama called for today: the formal assessment from all agencies (though admittedly, the White House purposely left the scope and intent of it vague).

Whatever that review is intended to be, what happened as soon as Obama announced it is that the CIA and/or Democratic Senators started leaking their conclusion. That’s what this story is.

Update: One other really critical detail. When the White House announced the Obama review today, Wikileaks made what was a bizarre statement. Linking to a CNN story on the Obama ordered review that erred on the side of blaming Russia for everything, it said, “CNN: Obama orders report into WikiLeaks timed for release just prior to Trump presidency.” Even though none of the statements on the review focused on what this story does — that is, on the way that the DNC and Podesta emails got to Wikileaks — Wikileaks nevertheless interpreted it as an inquiry targeted at it.

Update: And now David Sanger (whose story on the Obama-ordered review was particularly bad) and Scott Shane reveal the RNC also got hacked, and it is the differential leaking that leads the spooks to believe the Russians wanted Trump to win.

They based that conclusion, in part, on another finding — which they say was also reached with high confidence — that the Russians hacked the Republican National Committee’s computer systems in addition to their attacks on Democratic organizations, but did not release whatever information they gleaned from the Republican networks.

In the months before the election, it was largely documents from Democratic Party systems that were leaked to the public.

This may be a fair assessment. But you would have to account for two things before making it. First, you’d need to know the timing and hacker behind the RNC hack. That’s because two entities are believed to have hacked the DNC: an FSB appearing hacking group, and a GRU one. The FSB is not believed to have leaked. GRU is believed to have. So if the FSB hacked the RNC but didn’t leak it, it would be completely consistent with what FSB did with DNC.

NYT now says the RNC hack was by GRU in the spring, so it is a fair question why the DNC things got leaked but RNC did not.

Also, Sanger and Shane say “largely documents” from Dems were leaked. That’s false. There were two streams of non-Wikileaks releases, Guccifer, which did leak all-Dem stuff, and DC Leaks, which leaked stuff that might be better qualified as Ukrainian related. The most publicized of documents from the latter were from Colin Powell, which didn’t help Trump at all.

Update: It’s clear that Harry Reid (who of course is retiring and so can leak speech and debate protected classified information without worrying he’ll be shut off in the future) is one key driver of this story. Last night he was saying, “”I was right. Comey was wrong. I hope he can look in the mirror and see what he did to this country.” This morning he is on the TV saying he believes Comey had information on this before the election.

Update, 12/10: This follow-up from WaPo is instructive, as it compares what CIA briefed the Senate Intelligence Committee about the current state of evidence with what FBI briefed the House Intelligence Committee about the current state of evidence. While the focus is on different Republican and Democratic understandings of both, the story also makes it clear that FBI definitely doesn’t back what WaPo’s sources from yesterday said was a consensus view.

On Provenance and Putin: That Sid Blumenthal Story

/21 Comments/in , /by

At a campaign appearance yesterday, Donald Trump quoted a judgment that Kurt Eichenwald made in an article last year on the Benghazi investigation.

One important point has been universally acknowledged by the nine previous reports about Benghazi: The attack was almost certainly preventable. Clinton was in charge of the State Department, and it failed to protect U.S. personnel at an American consulate in Libya. If the GOP wants to raise that as a talking point against her, it is legitimate.

The rest of the article was about how politicized the inquiry was. But right there in the middle of his article, Eichenwald included a namby pamby both-sides paragraph — one that could have better nuanced the conclusions of the many Benghazi reports — that said Benghazi was a legitimate issue to raise against Hillary.

Sucks to be Eichenwald, because Trump just used it on his campaign, to thrilled cries from his frothy supporters.

The quote came up on the campaign trail because Sid Blumenthal had forwarded the article — highlighting the description about the politicized questioning he himself had undergone, but ultimately quoting the entire article, including that namby pamby paragraph — to a bunch of undisclosed recipients, including John Podesta, under the subject line “The truth…” Blumenthal surely meant that Eichenwald’s larger point — that the whole investigation was politicized — was the truth, but he did forward the whole thing, including the namby pamby paragraph, under that heading.

The forwarded story got released by WikiLeaks as part of its Podesta leaks (emails which Hillary effectively confirmed during the debate by explaining one of the emails that had attracted the most attention).

Now, as it turns out, Sputnik published a story on the email, erroneously attributing the entire judgment, including that attacking Hillary for Benghazi was a legit talking point, to Blumenthal, not Eichenwald. They apparently realized their error and took it down. But not before Eichenwald started wondering how Trump came to be quoting his own namby pamby paragraph on the campaign trail.

In an article asserting that Trump got his talking point from the Sputnik story, Eichenwald has given up not only his namby pamby tone, but moderation. In it, having already suggested the misattribution to Blumenthal was due to “incompetence,” he then claims it was also deliberate disinformation. He then states as fact that Trump got this “falsehood” from the Kremlin.

This is not funny. It is terrifying. The Russians engage in a sloppy disinformation effort and, before the day is out, the Republican nominee for president is standing on a stage reciting the manufactured story as truth. How did this happen? Who in the Trump campaign was feeding him falsehoods straight from the Kremlin? (The Trump campaign did not respond to a request for comment).

The Russians have been obtaining American emails and now are presenting complete misrepresentations of them—falsifying them—in hopes of setting off a cascade of events that might change the outcome of the presidential election. The big question, of course, is why are the Russians working so hard to damage Clinton and, in the process, aid Donald Trump? That is a topic for another time.

Here’s an earlier version of the article, in which Eichenwald even more obviously asserts that the Sputnik article is both an error and a deliberate falsification.

Of course, this might be seen as just an opportunity to laugh at the incompetence of the Russian hackers and government press—once they realized their error, Sputnik took the article down. But this is not funny at all. The Russians have been obtaining American emails and now are presenting complete misrepresentations of them—falsifying them—in hopes of setting off a cascade of events that might change the outcome of the presidential election. The big question, of course, is why are the Russians working so hard to damage Clinton and, in the process, aid Donald Trump. That is a topic for another time.

There are two interesting details about Eichenwald’s story. Nowhere in the piece does he link the actual Wikileaks email, which makes it clear that Blumenthal had, in fact, forwarded that namby pamby paragraph along with everything else. It is clear that the email was just a forwarded Newsweek article, but given that the part Blumenthal highlighted at the top was his own testimony, it is perhaps understandable why someone might make the misattribution.

More interesting still, while Eichenwald links this YouTube of what he says is Trump repeating the Sputnik talking point, he only selectively quotes from it. But it appears (and I admit that this, as with all of Trump’s ramblings, is not entirely clear) that Trump introduces the quote this way:

So Blumenthal writes a quote — this just came out a little while ago, I have to tell you this. “One important point has been …

It’s certainly possible Trump meant, “So Blumenthal writes, I quote,” but at least to my ear, he said, “Blumenthal writes a quote.” If that’s right, then Trump couldn’t have been working from Sputnik (or he at least wasn’t replicating their error), because he would have been properly attributing this judgment as a quote (of Eichenwald). Trump does go on to say “this is Sidney Blumenthal, the only one he was talking to,” after insinuating that one reason Hillary set up her email server may have been to continue talking to “Sleazy Sidney” after Obama told her to stop, but nowhere in the clip do I see Trump IDing it as an email from Blumenthal. Perhaps Eichenwald bases this assertion — “He told the assembled crowd that it was an email from Blumenthal” — on some other part of the appearance.

Eichenwald also notes that Trump was “holding a document in his hand.” But the document appears to be a transcribed talking point; it’s almost certainly not the Sputnik article. So that doesn’t tell us anything about provenance.

In other words, it’s not actually clear where Trump got this from, or whether Trump’s staffers had at least corrected Sputnik’s error. It may well be! But Eichenwald hasn’t made that case.

Apparently this frothy Trump supporter tweeted out the claim, just as Trump stated it, though he has since deleted it. (h/t Emma Jones) The supporter, who joined Twitter in February 2016, could well be a Russian troll (but one that long precedes this particular leak campaign), but he certainly models as an Infowars loving Hillary hater who overreads anything implicating her, something America has in ready supply without Putin’s help.

There’s one other part of this that I find notable, aside from the claim that Sputnik made this error out of both incompetence and deliberate disinformation. A big part of this narrative is that Wikileaks is doing Russia’s bidding rather than — a more logical explanation — attacking Hillary, with whom Julian Assange has had a 6-year adversarial relationship.

screen-shot-2016-10-11-at-8-39-57-am

Wikileaks may well be working with Russia and/or the effect of sharing a mutual interest in weakening Hillary may amount to the same.

But this is actually a case where Russia did not do what has been alleged they might. That is, Wikileaks released what is an email no one contests, a not very controversial one at all. While Wikileaks has made misleading claims about what it has released at times, this is not one of them.

One thing clearly did not happen though. Even assuming Russia is responsible for the Podesta email leak, Russia did not “falsify” the original email to say what Eichenwald is so convinced Russia wanted to claim, that Blumenthal himself had endorsed Eichenwald’s namby pamby judgment that Benghazi is a fair talking point to use against Hillary. That claim only came after Sputnik tried to make it a bigger issue (but then realized its error, according to Eichenwald).

If Russia were doing what Eichenwald claimed — and they might in the future!! — then they would have doctored the email on the front end, not when republishing it in a state outlet.

Update: Unsurprisingly, Glenn Greenwald rips this (especially Eichenwald’s inflammatory tweets about the story) apart. More interesting, WaPo also dings Eichenwald for overclaiming what this incident reveals.

Update, November 1: There’s a very strange coda to this story. The guy who, until this event, worked at Sputnik and was responsible for the mistake, Bill Moran, wrote up this story from his viewpoint. Here’s how he made the mistake.

On Columbus Day, I made an embarrassing mistake. I noticed a series of viral tweets attributing words to Sidney Blumenthal on the Benghazi scandal. The original WikiLeaks document, to which the original article linked, was lengthy – 75 pages. I reviewed the document in a hurry, but I did not read all of them.

[snip]

I was moving too fast and I made a mistake – a mistake that I remain embarrassed about making. I stepped outside to smoke a cigarette after scheduling our social media accounts, stopped halfway through, thought “why hasn’t anybody else picked this up?” gave the document a second review, realized my error, and proceeded to delete the story.

The story was up from 3:23PM EDT to 3:42PM EDT and received 1,061 views before being removed – I’d like to apologize to weekend readers for making that mistake no matter how honest an error it was.

What happened next is weirder. Eichenwald made a series of contacts with the guy, basically trying to persuade him not to tell the real story publicly, including by suggesting he could help him get a job at New Republic and then by threatening him.

Then, as Paste describes, they had a long conversation that Moran, at first, wasn’t going to release. In it, Eichenwald waggles around American spooks.

In Moran’s notes on the call, he quotes Eichenwald as repeating that the “intelligence community” was monitoring both Sputnik and a separate Twitter account, which he holds responsible for the blowback (as opposed to his own story). He went on to say that everyone at Sputnik had an intelligence file on them, and asked if Moran had made any foreign phone calls that might have raised eyebrows. He went on to imply that Moran might have issues getting a re-entry visa into America if he ever traveled abroad, and then offered to help Moran “find a real job” to extricate him from the situation. He went on to say that both Sputnik and Russia Today have been targeted by the intelligence community, and will soon be subject to sanctions that aim at shutting them down for good.

Which Eichenwald does again in a follow-up email (at which point Eichenwald seemed to be going nuts, because he didn’t realize that Moran included Newsweek’s own lawyer on the exchange and instead assumed it was Moran’s lawyer).

Next, he reverts to the threatening language—the “bad cop” persona—telling Moran that he could tie him to the Russians themselves: “Now, there is one alternative here,” Eichenwald writes. “I can write: ‘William Moran, the writer for Sputnik, said he based his article not on directives from the Russian government but on an anonymous tweet that used a clip of the image of the document. He said he accepted the anonymous tweeters’ description that this was from Blumenthal, and did so because he was rushed. However, as the government official with knowledge of the intelligence inquiry said, the original altered document that was tweeted onto the internet came from a location that has been identified as being connected to the Russian disinformation campaigns, and only the news outlet owned by the Russian government published an article based on it.”

In other words, perhaps in an attempt to salvage his reputation, or perhaps in truth, Eichenwald was dragging the intelligence community into this.

DC Cooties

/18 Comments/in /by

There have been a series of stories fed to the press this week intended to heighten concerns about Trump advisor Paul Manafort’s ties to Russian thugs (but not his numerous ties to other thugs). The NYT had a story about Manafort receiving cash payments from 2007 to 2012 (that is, well before Trump decided to run for President). And the AP has a story headlined, “AP Sources: Manafort tied to undisclosed foreign lobbying” that describes how Manafort’s partner, Rick Gates, funneled funds from a pro-Yanukovych non-profit to two DC lobbying firms.

Paragraph 10 of the story reveals that it relies on sources from the Podesta Group, one of the lobbying firms in question.

Paragraph 15 begins to explain salient information about the Podesta group: that its ties to the Clinton campaign are as close as Gates’ ties to the Trump campaign.

The founder and chairman of the Podesta Group, Tony Podesta, is the brother of longtime Democratic strategist John Podesta, who now is campaign chairman for Democratic nominee Hillary Clinton. The head of Mercury, Vin Weber, is an influential Republican, former congressman and former special policy adviser to Mitt Romney. Weber announced earlier this month that he will not support Trump.

After being introduced to the lobbying firms, the European nonprofit paid the Podesta Group $1.13 million between June 2012 and April 2014 to lobby Congress, the White House National Security Council, the State Department and other federal agencies, according to U.S. lobbying records.

[snip]

One former Podesta employee, speaking on condition of anonymity because of a non-disclosure agreement, said Gates described the nonprofit’s role in an April, 2012 meeting as supplying a source of money that could not be traced to the Ukrainian politicians who were paying him and Manafort.

In separate interviews, three current and former Podesta employees said disagreements broke out within the firm over the arrangement, which at least one former employee considered obviously illegal. Podesta, who said the project was vetted by his firm’s counsel, said he was unaware of any such disagreements.

In other words, the headline and lead of this story should say something to the effect of, “Trump’s campaign manager’s partner funneled potentially illegal funds to Hillary’s campaign manager’s brother.”

Or more succinctly: “DC is a corrupt, incestuous cesspool.”

But it doesn’t. Instead of telling the story about the broken foreign registry system that permits elites of both parties to take funding from some unsavory characters — some we like, some we hate — the story instead spins this as a uniquely Trump and Manafort problem.

Sure. Vladimir Putin is one scary bastard. But there are a lot of scary bastards, and they’re feeding both sides of the DC pig’s trough.

The Promise [sic] of Big Data

/12 Comments/in , /by

22 pages into the White House report on Big Data, this paragraph appears:

Government keeps the peace. It makes sure our food is safe to eat. It keeps our air and  water clean. The laws and regulations it promulgates order economic and political life. Big data technology stands to improve nearly all the services the public sector delivers.

It presents several claims that are arguably not at all true:

  • Government keeps the peace (where? South Chicago? Iraq? Wall Street?)
  • Government makes our food safe to eat (with the few inspectors who inspect factory farms? with federal guidelines that don’t combat obesity?)
  • Government keeps our air and water clean (I’m more comfortable with this claim, until you consider we’re melting the planet with stuff in the air that government doesn’t want to regulate)
  • Government laws order economic and political life (they may well, but is that order just and good?)

And that, the report says, is all made possible because of BigData.

Some 15 pages later, after it has reviewed the top secret DHS database analyzing all our public called Cerberus, has admitted the government needs to rethink the meaning of metadata across both intelligence and non-intelligence functions, and explained the new continuous evaluation systems to root out insider threats, the report again proclaims Big Data’s good.

When wrestling with the vexing issues big data raises in the public sector, it can be easy  to lose sight of the tremendous opportunities these technologies offer to improve public services, grow the economy, and improve the health and safety of our communities.  These opportunities are real and must be kept at the center of the conversation about  big data.

Meanwhile, the report offers up these other signs of Big Data progress:

  • Big data “is also enabling some of the nearly 29 percent of Americans who are ‘unbanked’ or ‘underbanked’ [often because of Big Data] to qualify for a line of credit by using a wider range of non-traditional information—such as rent payments, utilities, mobile-phone subscriptions, insurance, child care, and tuition—to establish creditworthiness.”
  • “Home appliances can now tell us when to dim our lights from a thousand miles away.”
  • “Powerful algorithms can unlock value in the vast troves of information available to businesses, and can help empower consumers.”
  • “The advertising-supported Internet creates enormous value for consumers by providing access to useful services, news, and entertainment at no financial cost.”

In short, the whole thing is rather breathless about Big Data.

And in spite of the fact that respondents to a totally unscientific (not Big Data) survey said they were most concerned about intelligence (first) and law enforcement (second), the Big Data report avoided much of the discussion about this,relegating it to discussions of local law enforcement’s use of predictive analysis.

And where they do describe surveillance, it’s either to boast about how good the security is on their database, as they do for DHS’ curiously named “Cerberus” database, or to pretend big data doesn’t dominate there, too.

Today, most law enforcement uses of metadata are still rooted in the “small data” world, such as identifying phone numbers called by a criminal suspect. In the future, metadata that is part of the “big data” world will be increasingly relevant to investigations, raising the question of what protections it should be granted. While today, the content of communications, whether written or ver-bal, generally receives a high level of legal protection, the level of protection afforded to metadata is less so.

Although the use of big data technologies by the government raises profound issues of how government power should be regulated, big data technologies also hold within them solutions that can enhance accountability, privacy, and the rights of citizens. These include sophisticated methods of tagging data by the authorities under which it was collected or generated; purpose- and user-based access restrictions on this data; tracking which users access what data for what purpose; and algorithms that alert supervisors to possible abuses.

And there are a slew of places in the report — where it talks about HIPAA without talking about using Section 215s to get HIPAA data, where it talks about FCRA without talking about NSLs to get financial data, where it neglects to mention NCTC’s ability to get federal databases, including those of DHS — where it remains silent about the surveillance piggybacking on the issue at hand.

Perhaps the most frustrating part of the report — aside from the fact that it actually had to advance the recommendation that we only use Big Data collected in schools for educational purposes (setting aside how well or poorly Big Data is serving our students) — is the silence about the things we don’t use Big Data for enough, notably solving the financial crisis and regulating banksters (including things like tax havens, inequality, and shadow banking), or really doing something about climate change.

Big Data, as it appears in the report (as presented by a bunch of boosters) is not something we’re going to throw at our most intractable problems. We’re just going to use it to turn the lights off on the other side of the country.

And to spy.

If by “Big Data” You Mean “Big Campaign Donations”

/8 Comments/in , /by

President Obama has named the people who will help John Podesta accomplish this task.

I have also asked my Counselor, John Podesta, to lead a comprehensive review of big data and privacy. This group will consist of government officials who—along with the President’s Council of Advisors on Science and Technology—will reach out to privacy experts, technologists and business leaders, and look at how the challenges inherent in big data are being confronted by both the public and private sectors; whether we can forge international norms on how to manage this data; and how we can continue to promote the free flow of information in ways that are consistent with both privacy and security.

As I said in my annotations to Obama’s speech, effectively Obama responded “to a review by calling for another review,” but at least it would be a welcome first time he reached out to technologists.

Here’s the list:

That’s why in his speech, the President asked me to lead a comprehensive review of the way that “big data” will affect the way we live and work; the relationship between government and citizens; and how public and private sectors can spur innovation and maximize the opportunities and free flow of this information while minimizing the risks to privacy. I will be joined in this effort by Secretary of Commerce Penny Pritzker, Secretary of Energy Ernie Moniz, the President’s Science Advisor John Holdren, the President’s Economic Advisor Gene Sperling and other senior government officials.

I’ll outsource judging whether this amounts to reaching out to technologists to Chris Soghoian:

None of the big names named in the president’s “big data” review announcement are technologists. DC at its finest.

But I’m particularly interested in Penny Pritzker’s presence on the list.

After Cass Sunstein and Geoffrey Stone ended up being too independent to deliver the whitewash Obama wanted, he has picked one of his biggest campaign donors to review Big Data.

So I guess by “Big Data” we know what Obama meant.

Worse still, Pritzker heads up an Agency that — it is increasingly clear — serves a key role in offering carrots and sticks to coerce compliance from private companies with government data demands. And compliance not just for the purposes of defense of spying, but also for cyberoffense. Not exactly the kind of person who might expect candor from the Big Data companies likely to be coerced by the government.

Woodward’s Secrets

/in , , /by

Jeebus: Goldsmith may be getting a hang of this blogging thing, but I’m not: John Rizzo, not John Brennan. So the stuff I originally said about Brennan doesn’t make any sense.

I may not always agree with Jack Goldsmith, but he’s getting a hang of this blogging thing. Today, he posts the answer John Brennan gave him to the question of how Bob Woodward got very specific details of a meeting that a number of Obama’s top advisors had to leave because they didn’t have the appropriate clearance.

The first Chapter of Bob Woodward’s Obama’s Wars describes Barack Obama’s first post-election intelligence briefing from Director of National Intelligence Mike McConnell, on November 6, 2008.  The chapter shows McConnell, at the direction of President Bush, excluding many Obama aides (including Clinton Chief of Staff John Podesta and former Deputy National Security Advisor James Steinberg) from the briefing.  Because the briefing contained highly classified information about “sources and methods,” McConnell explained, only those “designated to take a top national security cabinet post” could attend.   Woodward then recounts this highly classified intelligence briefing in great detail, including several highly classified CIA and NSA programs, and their code names.

After reading this chapter, I wondered how a meeting involving classified information so sensitive that a close Obama aide and former top national security official could not attend could the following year be recounted in such loving detail in the first chapter of a best-selling book.  Woodward clearly got his information from participants in the meeting or their close aides.  Was it right for these people to speak to Woodward about these matters?  Was it legal?  I sent these questions to John Rizzo, the just-retired thirty-four year veteran CIA lawyer who has seen his share of leaked classified information over the years.

John responded:

Simple.  When a President himself is a key source and directs or at least signals to his Administration to cooperate with the author, that for all intents and purposes means the book becomes one big authorized disclosure. That’s what Obama did for Woodward, and that’s what Bush did for Woodward in his three books during that Administration, which also were packed with hitherto sensitive information.  That’s what is remarkable and unique about Woodward’s standing.

Now, Goldsmith appears offended that Obama and Bush would treat classified information so lightly.

Me, I’m more interested in what this says about Woodward’s (and, while we’re talking about it, Judy Miller’s) position in the information management function.

John Brennan–a guy who oversaw targeting for Cheney’s illegal wiretap program and therefore presumably had the highest clearance in two Administrations–lackadaisically says that if the President wants something leaked, it becomes legal to leak it.

In Judy Miller’s case, we saw how this selective leaking ensured the Administration could declassify its politicized case for war, while ensuring those who disputed the case were kept silent under threat of prosecution.

Woodward is even more interesting. Woodward knew to ask certain pointed questions of Richard Armitage–the same questions, as it turns out, that Bob Novak asked to elicit information about Valerie Plame’s purported role in Joe Wilson’s trip to Niger. But according to John Brennan, at least, even if Richard Armitage leaked Plame’s role intentionally, it would not be illegal. And remember, too, that on July 8 or 9 (this is reflected in notes introduced at trial; you’ll have to take my word for it though, because I don’t have my records with me), the VP’s office did give Woodward detailed information about the Iraq NIE. In other words, we know Woodward was a part of the OVP’s strategy for rebutting Joe Wilson in what was effectively a political hit.

More generally, though, consider what this suggests about the excuse that Cheney was prepared to use for having ordered the leak of Plame’s identity. John Brennan, at least, argues that if the President “signals to his Administration” that he wants certain information out there, it’s legal to leak it. I don’t necessarily buy that, mind you.

But it suggests one of Obama’s key advisors buys off on the idea that it’s cool for the President to selectively declassify information (you know, like leaks to the press about targeting Anwar al-Awlaki, even if you later invoke state secrets about it) for political gain.