Democrats are jubilant now that “Trumpcare” has bit the dust. But they should be careful because Russia-gate, the pseudo-scandal that they’ve latched onto in hopes of driving Donald Trump out of office, is also flashing red. The more they ignore the warning signs, the greater the odds that they’ll go down in flames as well.
Russian President Vladimir Putin, following his address to the UN General Assembly on Sept. 28, 2015. (UN Photo)
Russia-gate, of course, is the story of how the Kremlin allegedly used surreptitious means to hijack the American political process and place a “Siberian candidate” in the White House. It purportedly started five years ago when, according to the famous Christopher Steele dossier, Vladimir Putin foresaw that Donald Trump would become president and set about turning him into a compliant tool of Russian interests.
The Kremlin supposedly threw sweetheart real-estate deals his way (although a lucrative hotel plan never materialized for unexplained reasons) and fed him valuable intelligence about his opponents, all the while blackmailing him with a secret video showing him cavorting with prostitutes at Moscow’s Ritz Carlton.
Then, at the height of last year’s election, Russia was said to have followed up by hacking Democratic National Committee computers and releasing thousands of private emails to WikilLeaks in order to embarrass Hillary Clinton and tip the contest in favor of Trump. This audacious effort succeeded when Trump eked out a victory by virtue of the Electoral College. As a result, Vladimir Putin now controls not one presidential office but two, one in Moscow and the other in Washington, DC.
It’s a cool story about treason, international intrigue and hot babes, but it’s no more convincing than “Birthergate” was seven or eight years ago. Putin would have required superhuman powers to predict that Trump would become president at a time when no one other than “The Simpsons” thought he had a chance. The “golden showers” episode, in which Trump’s female hires supposedly urinated on the same bed that Barack and Michelle Obama used on one of their official Russian visits, is unverified and probably unverifiable as well.
The dossier also contains obvious errors and non-sequiturs, as Consortiumnews’ Robert Parry points out, e.g. placing Trump attorney Michael Cohen at a meeting with a Russian official in Prague, a city that Cohen says he’s never visited, or crediting Putin with stirring up resistance to Obama’s proposed Pacific trade deals when opposition had been building for years on its own. The fact that Steele, an ex-MI6 agent, has been in hiding since January does nothing to enhance his credibility.
But yet another flaw concerns the DNC hack itself. Although everyone from The New York Times to the neo-lib hipsters at Vox accepts the story as gospel, it is in fact gone into a nosedive as a growing army of cyber analysts, Internet sleuths, and other Doubting Thomases probe its most obvious contradictions.
One line of attack concerns the question of “confirmation bias,” the tendency of investigators who are already inclined to blame Russia to zero in only on evidence supporting their point of view. When DNC officials discovered that their computers had been compromised, they did what anyone in such a situation would do: they called their lawyer, in this case a former federal prosecutor and cybercrime specialist named Michael Sussmann.
Former Secretary of State Hillary Clinton speaking with supporters at a campaign rally in Phoenix, Arizona, March 21, 2016. (Photo by Gage Skidmore)
Sussman, in turn, called an old friend named Shawn Henry, former head of the FBI’s cyber division and now president of an Irvine, California, cyber-security firm known as CrowdStrike. Henry contacted his chief technical officer, Russian-born Dimitri Alperovitch, who sent over a team of investigators. Within the day, the CrowdStrike team concluded that the intruders were Russian government operatives.
It sounds as logical and objective as obtaining the name of a top-flight medical specialist and then scheduling an appointment. But the resemblance is misleading. For one thing, cyber sleuths are not objective. As even The New York Times admits: “Attribution, as the skill of identifying a cyberattacker is known, is more art than science. It is often impossible to name an attacker with absolute certainty.”
Hence, it’s more like obtaining the name of a faith healer than a physician. For another, this particular group of cyber sleuths seems to have been even less objective than most.
Like any enterprise, CrowdStrike is in the business of convincing potential customers to purchase its services. Hence it had an incentive to blame the email loss on a dark and spooky Kremlin conspiracy rather than something more mundane such as an internal leak.
As an ex-Soviet who emigrated to America as a teenager, moreover, Alperovitch was particularly inclined to blame Russia first. As he once told a reporter: “A lot of people who are born here don’t appreciate the freedoms we have, the opportunities we have, because they’ve never had it any other way. I have.”
The Soviet-born journalist Yasha Levine, who covered the 2008 Russo-Georgian War over the breakaway province of South Ossetia, recalls that the air at the time was thick with charges of Russian government cyber warfare, none of which proved true, and that Alperovitch “was one of the minor online voices supporting the idea that the cyber attacks against Georgia were some kind of Russian plot.”
Since then, Alperovitch has joined forces with the Atlantic Council, a hawkish Washington think tank funded by the U.S. State Department, NATO, Ukrainian exiles, Persian Gulf oil exporters, and U.S. arms manufacturers, all with interests hostile to a sensible and constructive approach to U.S.-Russian relations.
Indeed, the Atlantic Council has been a spark-plug powering the New Cold War with Russia and maintains close ties with Clinton and her supporters. In 2013, it gave her its “distinguished leadership award,” and in 2015 it recruited her to give a major address kicking off its “Latin American women’s leadership initiative.”
The Atlantic Council also chose ex-Secretary of State Madeleine Albright, a major Clinton ally, to head a Mideast study group that echoed Clinton’s call for a Syrian “no-fly zone, “a proposal that would almost certainly lead to a direct U.S.-Russian military clash.
So the Russophobic Clinton camp hired Russophobic Dimitri Alperovitch, both linked via the Russophobic Atlantic Council, to find out who hacked the DNC. To absolutely no one’s surprise, they decided that Russia was it.
But CrowdStrike has come under criticism not only on the grounds of bias but methodology. Critics have noted that the firm’s report on the DNC hack was loaded with weasel words suggesting that Russian intelligence was guilty without quite coming out and saying so. It argued, for instance, that hackers were so sophisticated that they had to be state supported:
“Their tradecraft is superb, operational security second to none, and the extensive usage of ‘living-off-the-land’ techniques enables them to easily bypass many security solutions they encounter. In particular, we identified advanced methods consistent with nation-state level capabilities including deliberate targeting and ‘access management’ tradecraft – both groups were constantly going back into the environment to change out their implants, modify persistent methods, move to new Command & Control channels and perform other tasks to try to stay ahead of being detected. Both adversaries engage in extensive political and economic espionage for the benefit of the government of the Russian Federation and are believed to be closely linked to the Russian government’s powerful and highly capable intelligence services.”
The hackers’ methods are so “consistent with nation-state level capabilities” that they “are believed to be closely linked” to Russian intelligence. But does this mean that they, in fact, connected? The report didn’t say. A few weeks later, CrowdStrike CEO George Kurtz admitted that proof was lacking when he told Bloomberg News: “We talk about having high confidence, but there’s no absolute in cyber security, and that’s one of the things that makes it so hard.”
An earlier report by a California cyber security firm known as FireEye was equally evasive. In 2014, it declared that the hackers show “evidence of long-standing, focused operations that indicate a government sponsor – specifically a government based in Moscow” – which in turn “suggests that [they] receives direct ongoing financial and other resources from a well-established organization, most likely a nation state government.”
Indicates, suggests, most likely – this was no more than speculation. When a hacker calling himself Guccifer 2.0 released another batch of Democratic Party documents a couple of days later, DirectThreat, yet another cyber-security firm, concluded that the intervention “most likely is a Russian denial and deception (D&D) effort” aimed at throwing investigators off the track.
The reason had to do with telltale traces that Guccifer 2.0 had left behind, specifically a document uploaded in a Russian-language format by someone calling himself “Felix Edmundovich,” an obvious reference to Felix E. Dzerzhinsky, founder of the Cheka, as the Soviet political police were originally known.
For the Kremlin-done-it crowd, this was proof that Russian intelligence was involved. But this led to another objection: if the hackers were so super-sophisticated, how could they be guilty of such an elementary mistake?
Referring to two of Russia’s top intelligence agencies, Jeffrey Carr, a well-known cyber-security expert, was unable to restrain his sarcasm: “OK. Raise your hand if you think that a GRU or FSB officer would add Iron Felix’s name to the metadata of a stolen document before he released it to the world while pretending to be a Romanian hacker. Someone clearly had a wicked sense of humor.”
Sam Biddle, The Intercept’s formidable tech writer, was equally dismissive: “It’s very hard to buy the argument that the Democrats were hacked by one of the most sophisticated, diabolical foreign intelligence services in history, and that we know this because they screwed up over and over again.”
As Gregory Elich noted in an excellent roundup on Counterpunch, disguising the origin of a hack is trivial even for beginners. Referring to half-baked amateurs, James Scott, a senior fellow at the Washington-based Institute for Critical Infrastructure Technology, pokes fun at the very idea of cyber-sleuths claiming to know where one originates:
“It’s common knowledge among even script kiddies that all one needs to do is compromise a system geolocated in Russia (ideally in a government office) and use it as a beachhead for attack so that indicators of compromise lead back to Russia. … Want to add another layer? Compromise a Chinese system, leap-frog onto a hacked Russian machine, and then run the attack from China to Russia to any country on the globe. Want to increase geopolitical tensions, distract the global news cycle, or cause a subtle, but exploitable shift in national positions? Hack a machine in North Korea and use it to hack the aforementioned machine in China, before compromising the Russian system and launching global attacks. This process is so common and simple that’s its virtually ‘Script Kiddie 101’ among malicious cyber upstarts.”
After the FBI, Department of Homeland Security, and Director of National Intelligence James Clapper issued a report on Dec. 29 alluding to “malware” used in the DNC attack, Mark Maunder, CEO of Wordfence, Seattle-based makers of a popular computer-security program, joined with a colleague named Rob McMahon to try to track it down. Working through the night, they discovered that the malware was an early version of a publicly available program known as P.A.S. that had been developed in the Ukraine.
Director of National Intelligence James Clapper (right) talks with President Barack Obama in the Oval Office, with John Brennan and other national security aides present. (Photo credit: Office of Director of National Intelligence)
This was strange, they recounted, since “one might reasonably expect Russian intelligence operatives to develop their own tools or at least use current malicious tools from outside sources.”
Maunder and McMahon also examined 876 Internet Protocol addresses used by the hackers provided by the Department of Homeland Security and found that the largest number originated in the U.S., followed by Russia, the Netherlands, Germany, France, and China. Some 15 percent were TOR exit notes of unknown origin since they are designed to be anonymous.
“The IP addresses that DHS provided may have been used for an attack by a state actor like Russia,” Maunder and McMahon concluded. “But they don’t appear to provide any association with Russia. They are probably used by a wide range of other malicious actors….”
In other words, proof is nowhere to be found. The only certainty about the DNC hack is that certainty is unwarranted. CrowdStrike’s credibility meanwhile took a major hit after it published a report in December claiming that Russia had used the same malware to hack an Android app that Ukrainian artillery units used to target Russian-backed separatists, a feat that enabled separatists to turn tables on the Ukrainians by pinpointing their location instead.
As a result, CrowdStrike wrote, “Ukrainian artillery forces have lost over 50 percent of their weapons in the two years of conflict and over 80 percent of D-30 howitzers, the highest percentage of loss of any other artillery pieces in Ukraine’s arsenal.”
Unfortunately, the London-based International Institute for Strategic Studies complained that the company had misused its data in coming up with such figures while the Ukrainian Ministry of Defense said that the hacking and resultant combat losses had never occurred at all. Yaroslav Sherstyuk, the Ukrainian military officer who developed the Android app, called the CrowdStrike report “delusional” in an angry Facebook post.
So when CrowdStrike’s findings were put to the test, they failed. Skepticism is therefore in order no less than during the run-up to the invasion of Iraq when the intelligence community lined up solidly behind reports that Saddam Hussein possessed weapons of mass destruction Iraq – and Clapper, at the time head of the National Imagery and Mapping Agency, said that the Iraqi dictator had “unquestionably” spirited them over the Syrian border when no WMDs were found.
Democrats certainly have much to criticize. They could go after Trump for sabotaging the fight against global warming, for cutting everything from the National Endowment for the Humanities to the National Institute of Health to add more money to the Pentagon’s budget, for unleashing violence on immigrants, or for escalating U.S. military intervention in the Middle East. Instead, they’ve seized on Trump’s call for a rapprochement with Russia, one of the few semi-sensible things he said on the campaign trail. And the Democrats have made it the centerpiece of a hate-Putin campaign straight out of Orwell.
But if the story of a Kremlin hack of the DNC goes, then precious little of Russia-gate will remain beyond a dubious memo and a few innocuous meetings with the Russian ambassador. The more the Democrats push this latest Washington pseudo-scandal, the more they risk joining the GOP on the political trash heap. Trump could well end up as the last man standing amid the rubble.