Hack and be Hacked

Much has been made of hacking over the last few months, so for two reasons I cannot resist commenting. The first is obvious, while the second will become clearer later. However, the issue for me is that while there has been a lot of noise, we are strangely short of light, i.e. evidence. So what can we accept? Obviously, everyone will have their own criteria, but here is my view. The first thing to accept is that spying has been going on from time immemorial. Hacking is simply a more recent addition to the spying (if they are doing it) or intelligence gathering (if you are doing it) toolkit.

The first accusation was that the Russians hacked the Democrats and swung the election, thus appointing Trump instead of Clinton. Apparently there is a document around produced by various intelligence agencies, including the FBI, that says they have high confidence this occurred, although interestingly, the NSA gave it only moderate confidence. Given the political status and the positions of the other agencies, that probably means the NSA doubts it, and the NSA is probably the agency most capable of assessing hacking.

Do you see what is wrong with the accusation? Basically it is a multiple statement, and the simplest error is that if one part is believed, people believe it all. The first statement is, “The Democrats were hacked”. Strangely, there is very little real evidence that this happened, but I am reasonably convinced it probably did. One fact that swings me this way is that an accusation came that their security was so lax that a child could have hacked them. How did the accuser know if he did not try? The second statement is, “Some Russians did it.” Some hacker’s IDs have been published, and while this is hardly proof, I can accept it as quite possible. Another implied statement is, “Putin ordered it.” There is absolutely no evidence for that at all. Maybe he did, although two of the named hackers were more like private individuals, and why would he use them?

However, then we get to the really crunch bit: “the Russians then swung the election.” To me, this is highly implausible, and the only evidence produced is that some unknown hacker provided information to Wikileaks. My question is, even if the Russians hacked the Democrats, how did that affect the election? Is the average American voter a devoted fan of Wikileaks? What did the Wikileaks document say? I don’t know, and if I don’t know and I am reasonably interested, why does the average voter who probably does not care a toss over hacked emails care? My guess is, the Russians are busy collecting whatever intelligence they can, as are the US agencies. They are not trying to influence internal politics, because they will backfire in a big way; instead they simply want to know what to expect. I could be wrong on that.

The next accusation we have is that those dastardly Russians hacked Angela Merkel. Probably true, but then again, the main evidence we have is an admission the NSA did that some time before. Sounds like life in government. Following that, we have Trump accusing Obama of having hacked, or spied, on him during the election campaign. Again, not a shred of evidence has been produced. And again, we have the problem, did it happen, and if so, who did it? My personal view is it is highly unlikely President Obama did that.

The latest accusation is that the Russians hacked Yahoo. Here we at least have evidence of part of the multiple statement: Yahoo confirms it was hacked. The Americans have accused four Russians, two of whom are private sector criminals, and two were part of the FSB, the Russian state security service. This is where it gets interesting. The Russian government had apparently arrested at least one of the FSB men for illegal hacking of Putin. This sounds to me that the accused Russians may well have done that, but they were not acting on behalf of the Russian government, other than that two of them were drawing FSB pay.

The following is a good example why you need firm facts. For those who know nothing about rugby, admittedly a minor sport, the All Blacks, New Zealand’s national team, recently played the Australian national team. The All Blacks arrived at the site of their next game in Australia about 6 days ahead of the game, and apparently they found that the room allocated for team talks was bugged. Most people would jump to the conclusion that the Australians did this, because the Australians would seem to be those with the obvious motive, but seemingly they are wrong. The Australian police, after some serious investigation, found that the perpetrator was the man the All Blacks had hired to monitor security. So you see, jumping to conclusions can lead to quite erroneous conclusions. That is why I argue we need evidence.

So where does that leave me? Actually enthused. After I published ‘Bot War, I needed another project, and I decided to write about espionage and hacking. The trouble was, I didn’t really know much about it, and some time after I started I was seriously questioning whether this was a sensible project. After all the disclosure over these hacking activities, I have been provided with a whole lot of free research. Of course I don’t know the techniques of hacking, but there is enough information out there to at least make the background sort of plausible. So there is some good that comes out of this, at least for me.

Advertisements

Russia hacks the Democrats??

One other piece of news that filled up the holiday period was that allegations sprang up everywhere stating the Russians hacked the Democrats and led to a change in the election result. My attitude is when something as serious as this arises, there needs to be evidence to support it. That evidence needs to be in sufficient detail to be plausible. “Fred assures me that there was,” is not evidence.

There are really two separate issues here. The first is, did the Russians hack the Democrats? A sub-question is, if yes, was it a Russian government agency, or just some private Russians? To answer the main question, we need to see evidence of when who was hacked, from where? The US Government might be a bit cagey about this, because if it announces when who was hacked from where, it starts to tell others what its capabilities are, and it may not want to do that, but if it does not, then it should have kept quiet in the first place. In WW II the British Government gave no warning to the people of Coventry that a raid was coming because they did not want to let the Germans know their enigma code was broken. That was a lot more serious than advertising that they tracked a hack on the Democratic National Congress. However, who was hacked, and with what security, is an important question because we know that Hillary Clinton had about 600,000 emails copied to the Weiner server. That should be more easily hacked, and any number of people, including but not restricted to, Russians, could have done it. For that matter, a number of industrious Republicans could have hacked it. To make this allegation stand, the details of the hack must be known.

There is one document on the web that claims to give the US government position (http://documents.latimes.com/read-us-…) Now intelligence gathering is difficult, but forming an opinion of what happened is just that; it is not evidence. Quoting: “Some analytic judgments are based directly on collected information others rest on previous judgments.” See the problem? The next problem arises when we consider the sources of the information. Quoting: “Many of the key judgments in this assessment rely on a body of reporting from multiple sources that are consistent with our understanding of Russian behavior.” In short, sources for many of the judgments came from “the behavior of Kremlin-loyal political figures, state media, and pro-Kremlin social media actors”. To me, the social media are not exactly reliable sources of facts. You might recall that the US Intelligence community, in public statements anyway, were sufficiently convinced that Saddam had weapons of mass destruction that they unleashed a war that killed hundreds of thousands of Iraqis. For me, the problem is the reputation for reliability was shot then.

Interestingly, while the CIA and the FBI had “high confidence” in these assessments, the NSA had only “moderate confidence”. The NSA should be the expert in this field. The FBI asserted it had “high confidence” that Russia tried to undermine Hillary Clinton’s campaign, but then, a week out from the election, FBI Director Comey effectively torpedoed her campaign. Prior to Comey’s comments, Clinton had a 10% lead in the polls I saw, and in the next few days, the lead vanished. If Comey had such high confidence that Russia trying to destabilize Clinton’s campaign, and it concerned him, why did he do that? My final comment on that document – there are about three pages describing what could have happened, including allegations that a Romanian hacker was really the GRU, and the far more pages criticizing the balance of RT (Russian television). Yep, RT probably is biased, but is it as bad as Fox News? And just because RT may be biased, what has that got to do with hacking? And why cannot a Romanian hacker be just that?

Am I prepared to believe Russia hacked the Dems? Yep. I have little doubt the Russian Security Service is busy hacking whatever it can. As an aside, the US does this too. Recall Angela Merkel caught them out hacking her computer, and Germany is an ally. If the US does this to its allies, why would Russia be exempt, and if Russia found out the US was spying on it, why would it not do the same? Even if it did not know about US spying, that would not stop it from spying. So to summarize, I am happy to accept that Russia was prepared to spy on the Dems, but I would expect they would stay quiet about it. Other individual hackers, including Russians may not have been so quiet. So, for evidence we first need to know what exactly was hacked, and exactly who was it that did the hacking? Details. We need details.

The second allegation is more serious. This is that as a consequence of the hack, the Russian government altered the outcome of the election. This requires even more detailed evidence. What we have so far is the allegation that the Russians provided details that would be embarrassing to the Dems to Wikileaks. For that to alter the election, either the contents then became highly public, or alternatively the voters in the swing states are avid readers of Wikileaks. Personally, I feel the latter is ridiculous. I suspect the average rustbelt voter really has little or no interest in Wikileaks.

But let’s suppose that could be wrong. This implies there was something in these Wikileaks that was so sensational that it swung the election. What was it? Why haven’t I heard of it? But let us suppose I have been asleep at the wheel. It would not hurt to publish this series of embarrassments, after all the allegation is asserting that it is in the public domain. Then there is the question of who provided this information to Wikileaks. It is alleged that it was the Russian government, but Julian Assange denies that, and he should know. Now it is true that Assange could be lying, but if so we need evidence that is convincing. The problem is, this all looks more like the Democrats, and Democrat-appointed officials, having a general whinge at their loss.

Also interesting is that there have been no protests against the FBI Director Comey, whose allegation a week before the election that Clinton was under investigation almost certainly would lose her votes. There is firm evidence this occurred, but nobody seems to be particularly interested in it. The question is, why not?