On July 25, as the Democratic Party’s convention got underway in Philadelphia, presidential candidate Hillary Clinton found herself struggling to unite the party behind her nomination as the party’s presidential nominee, after the shock release of 20,000 emails through WikiLeaks, which exposed top party officials as campaigning to discredit her rival Bernie Sanders.
This breach of objectivity in Clinton’s favor was supported by documents, statistical tables and videos attached to the emails hacked from the Democratic National Committee’s servers. To damp the crisis. party leaders, including Clinton, took two immediate steps that made the situation worse: They sacked the head of the Democratic National Committee (DNC), Debbie Wasserman Schultz, the day she was due to open the convention and, second, they called on the FBI to investigate the hacking and find who was responsible for the embarrassing leaks.
The culprit was quickly named as Russia’s military intelligence service, the GRU, by “experts close to the examination” – namely, the information security company CrowdStrike, which was hired by the DNC, and the FBI.
CrowdStrike said it had found two types of Advanced Persistent Threat (APT) malware inside the DNC’s servers that were intended to remain undetected for long periods of time, slowly spread inside the servers, and secretly send the data back to the culprits who planted the malware.
However, an analysis by DEBKAfile’s intelligence and cyber defense sources has determined that the hacking was almost certainly not carried out by the GRU’s cyber warfare branch, contrary to assertions by senior DNC officials who fix the blame on Russian intelligence.
Their assertions don’t hold water in the light of four facts:
1. Russia’s cyber warfare system is still mostly a “black hole” for the West. Although it is highly effective, very little is known about its methods of operation, organizational structures, scale of cooperation with counterparts in other countries, and the tools and resources at its disposal.
Had any branch of Russian intelligence been responsible for the hacking the Democratic party’s servers, no obvious signatures, such as the terms “Fancy Bear,” and “Cozy Bear” that were discovered, would have been left behind for investigators to find.
2. Intelligence organizations, including those of Russia, are usually fully focused on seeking security, strategic and economic data. It is hard to see Russian military intelligence, whose resources are stretched, expending time and manpower on digging out the DMC;s views of Bernie Sanders’ religiosity.
3. Then, too, CrowdStrike’s claim to have cracked the case in two hours is hardly credible. Getting to the bottom of an APT (Advanced Persistent Threat) calls for extra-powerful computers, working in conjunction with the internet service provider (ISP), and consuming weeks, if not months of analysis.
4. Attributing the hacking attack to the Russians provided US agencies with a convenient reminder that the most notorious leaker of classified US documents, Edward Snowden, still lives safe from prosecution in Russian exile, and that WikiLeaks founder Julian Assange, remains in asylum at the Ecuadorean embassy in Britain.
(read more)