Spitfire List Web site and blog of anti-fascist researcher and radio personality Dave Emory.

For The Record  

FTR #940 The Trumpenkampfverbande, Part 14: Unsettling In, Part 2 (German Ostpolitik, part 5)

Dave Emory’s entire life­time of work is avail­able on a flash dri­ve that can be obtained HERE. The new dri­ve is a 32-giga­byte dri­ve that is cur­rent as of the pro­grams and arti­cles post­ed by ear­ly win­ter of 2016. The new dri­ve (avail­able for a tax-deductible con­tri­bu­tion of $65.00 or more.) (The pre­vi­ous flash dri­ve was cur­rent through the end of May of 2012.)

WFMU-FM is pod­cast­ing For The Record–You can sub­scribe to the pod­cast HERE.

You can sub­scribe to e‑mail alerts from Spitfirelist.com HERE.

You can sub­scribe to RSS feed from Spitfirelist.com HERE.

You can sub­scribe to the com­ments made on pro­grams and posts–an excel­lent source of infor­ma­tion in, and of, itself HERE.

This broad­cast was record­ed in one, 60-minute seg­ment.

trump-hat

Trump kept a copy of this by his bedside.

Trump kept a copy of this by his bed­side.

Intro­duc­tion: This pro­gram con­tin­ues our analy­sis of the Trump admin­is­tra­tion as the trans­for­ma­tion of what Mr. Emory has called “The Under­ground Reich” into a mass polit­i­cal move­ment. At a pol­i­cy lev­el, the “Trumpenkampfver­bande” is a vehi­cle for the imple­men­ta­tion of Ger­man Ost­poli­tik, as set forth in FTR #‘s 918 and 919.

Heav­i­ly over­lapped with infor­ma­tion dis­cussed fleet­ing­ly in FTR #939, the pro­gram begins with analy­sis of a pos­si­ble Ukrainian/OUN/B con­nec­tion to the “high-pro­file hacks” alleged­ly per­pe­trat­ed by Rus­sia.

The hack of Clin­ton cam­paign man­ag­er John Podesta’s e‑mail account (blamed on Rus­sia) orig­i­nat­ed with a phish­ing e‑mail from Ukraine. “. . . . The email, with the sub­ject line “*Some­one has your pass­word,*” greet­ed Podes­ta, “Hi John” and then said, “Some­one just used your pass­word to try to sign into your Google Account john.podesta@gmail.com.” Then it offered a time stamp and an IP address in “Loca­tion: Ukraine.” . . . ”

Analy­sis of cyber-war­fare is daunting–a skilled hack­er or hack­ers can mask their iden­ti­ty effec­tive­ly, with the result that “cyber-false flag” oper­a­tions are dif­fi­cult to dis­cern. It is in this con­text that we revis­it the sub­ject of a Ukrain­ian fas­cist link to the “Rus­sia did it” meme.

The OUN/B milieu in the U.S. has appar­ent­ly been instru­men­tal in gen­er­at­ing the “Rus­sia did it” dis­in­for­ma­tion about the high-pro­file hacks. In the Alternet.org arti­cle, Mark Ames high­lights sev­er­al points:

  • Emblem of the Ukrainian Azov Battalion

    Emblem of the Ukrain­ian Azov Bat­tal­ion

    The “Pro­pOrNot” group quot­ed in a Wash­ing­ton Post sto­ry tag­ging media out­lets, web­sites and blogs as “Russian/Kremlin stooges/propaganda tools/agents” is linked to the OUN/B heirs now in pow­er in Ukraine. ” . . . One Pro­pOrNot tweet, dat­ed Novem­ber 17, invokes a 1940s Ukrain­ian fas­cist salute “Hero­iam Sla­va!!” [17] to cheer a news item on Ukrain­ian hack­ers fight­ing Rus­sians. The phrase means “Glo­ry to the heroes” and it was for­mal­ly intro­duced by the fas­cist Orga­ni­za­tion of Ukrain­ian Nation­al­ists (OUN) at their March-April 1941 con­gress in Nazi occu­pied Cra­cow, as they pre­pared to serve as Nazi aux­il­iaries in Oper­a­tion Bar­barossa. . . . ‘the OUN‑B intro­duced anoth­er Ukrain­ian fas­cist salute at the Sec­ond Great Con­gress of the Ukrain­ian Nation­al­ists in Cra­cow in March and April 1941. This was the most pop­u­lar Ukrain­ian fas­cist salute and had to be per­formed accord­ing to the instruc­tions of the OUN‑B lead­er­ship by rais­ing the right arm ‘slight­ly to the right, slight­ly above the peak of the head’ while call­ing ‘Glo­ry to Ukraine!’ (Sla­va Ukraїni!) and respond­ing ‘Glo­ry to the Heroes!’ (Hero­iam Sla­va!). . . .”

  • The OUN/B heirs rul­ing Ukraine com­piled a list of jour­nal­ists who were “Russian/Kremlin stooges/propaganda tools/agents,” includ­ing per­son­al data and con­tact infor­ma­tion (like that made pub­lic in the Wik­iLeaks data dump of DNC e‑mails). This list was com­piled by the Ukrain­ian intel­li­gence ser­vice, inte­ri­or min­istry and–ahem–hackers: “. . . . One of the more fright­en­ing poli­cies enact­ed by the cur­rent oli­garch-nation­al­ist regime in Kiev is an online black­list [42] of jour­nal­ists accused of col­lab­o­rat­ing with pro-Russ­ian ‘ter­ror­ists.’ [43]  The web­site, ‘Myrotvorets’ [43] or ‘Peacemaker’—was set up by Ukrain­ian hack­ers work­ing with state intel­li­gence and police, all of which tend to share the same ultra­na­tion­al­ist ide­olo­gies as Paru­biy and the new­ly-appoint­ed neo-Nazi chief of the Nation­al Police. . . . Ukraine’s jour­nal­ist black­list website—operated by Ukrain­ian hack­ers work­ing with state intel­li­gence—led to a rash of death threats against the doxxed jour­nal­ists, whose email address­es, phone num­bers and oth­er pri­vate infor­ma­tion was post­ed anony­mous­ly to the web­site. Many of these threats came with the wartime Ukrain­ian fas­cist salute: “Sla­va Ukrai­ni!” [Glo­ry to Ukraine!] So when PropOrNot’s anony­mous “researchers” reveal only their Ukrainian(s) iden­ti­ty, it’s hard not to think about the spy-linked hack­ers who post­ed the dead­ly ‘Myrotvorets’ black­list of “trea­so­nous” jour­nal­ists. . . .”
  • Helmets of the Ukrainian Azov battalion: Your tax dollars at work

    Hel­mets of the Ukrain­ian Azov bat­tal­ion: Your tax dol­lars at work

    A Ukrain­ian activist named Alexan­dra Chalu­pa has been instru­men­tal in dis­trib­ut­ing the “Rus­sia did it” dis­in­for­ma­tion to Hillary Clin­ton and influ­enc­ing the progress of the dis­in­for­ma­tion in the media. ” . . . . One of the key media sources [46] who blamed the DNC hacks on Rus­sia, ramp­ing up fears of cryp­to-Putin­ist infil­tra­tion, is a Ukrain­ian-Amer­i­can lob­by­ist work­ing for the DNC. She is Alexan­dra Chalupa—described as the head of the Demo­c­ra­t­ic Nation­al Committee’s oppo­si­tion research on Rus­sia and on Trump, and founder and pres­i­dent of the Ukrain­ian lob­by group ‘US Unit­ed With Ukraine Coali­tion’ [47], which lob­bied hard to pass a 2014 bill increas­ing loans and mil­i­tary aid to Ukraine, impos­ing sanc­tions on Rus­sians, and tight­ly align­ing US and Ukraine geostrate­gic inter­ests. . . . In one leaked DNC email [50] ear­li­er this year, Chalu­pa boasts to DNC Com­mu­ni­ca­tions Direc­tor Luis Miran­da that she brought Isikoff to a US-gov­ern­ment spon­sored Wash­ing­ton event fea­tur­ing 68 Ukrain­ian jour­nal­ists, where Chalu­pa was invit­ed ‘to speak specif­i­cal­ly about Paul Man­afort.’ In turn, Isikoff named her as the key inside source [46] ‘prov­ing’ that the Rus­sians were behind the hacks, and that Trump’s cam­paign was under the spell of Krem­lin spies and sor­cer­ers. . . .”

With tra­di­tion­al, “Atlanti­cist” con­ser­v­a­tive GOP fig­ures align­ing with ele­ments of the CIA to fin­ger Trump as a Putin tool, etc. an epochal event is unfold­ing, in our opin­ion. What the bril­liant Berke­ley pro­fes­sor Peter Dale Scott has termed “The Deep State” is squar­ing off with the Trumpenkampfver­bande, with the lat­ter net­work­ing with Euro­pean fas­cist and cen­ter-left par­ties to improve rela­tions with Rus­sia. NATO and the Atlanti­cist dynam­ic that has dom­i­nat­ed post World War II pol­i­tics are reced­ing, and a Ger­man-led EU mil­i­tary is gain­ing momen­tum.

Again, we fore­cast this in FTR #‘s 918 and 919.

Trump supporters at the National Policy Institute Conference

Trump sup­port­ers at the Nation­al Pol­i­cy Insti­tute Con­fer­ence

Next, we note the selec­tion of Stephen Miller, anoth­er “alt-right” fig­ure, as an advis­er to Trump. “. . . . Miller is a for­mer staffer for the nativist Sen. Jeff Ses­sions (R‑Ala.), now Trump’s nom­i­nee for attor­ney gen­er­al. The announce­ment of Miller’s new role drew praise from white nation­al­ist leader Richard Spencer. ‘Stephen is a high­ly com­pe­tent and tough indi­vid­ual,’ Spencer, who famous­ly coined the term ‘alt-right’ to describe the insur­gent right-wing move­ment that has attract­ed white nation­al­ists and suprema­cists, told Moth­er Jones on Wednes­day. ‘So I have no doubt that he will do a great job.’ . . . .”

In past pro­grams, we have not­ed the Third Reich ori­gins of the Free­dom Par­ty in Aus­tria. That par­ty is now net­work­ing both with Putin and Trump’s “alt-right” lean­ing Nation­al Secu­ri­ty Advis­er Michael Fly­nn. One of the shared goals of both the Free­dom Par­ty, cor­po­rate Ger­many and–through the latter–the Under­ground Reich is the lift­ing of eco­nom­ic sanc­tions on Rus­sia.

The broad­cast under­scores the con­ti­nu­ity between the “new” Free­dom Par­ty and the old, Nazi-gen­er­at­ed Free­dom Par­ty. The issue of the South Tyrol region is exem­plary in this regard:

  •  ” . . . . A TV talk show host, Corin­na Mil­born, grilled [Free­dopm Par­ty pres­i­den­tial can­di­date Nor­bert] . . . Hofer last week for an hour over his alleged nation­al­ist views and his calls for undo­ing the “unjust bor­der” that keeps South Tyrol, a region of north­ern Italy, apart from Austria’s Tyrol. Mr. Hofer’s grin evap­o­rat­ed and he almost blew his cool. . . .”
  •  
    vWaffen SS veteran Herbert Schweiger: Activist for South Tyrolean Independence

    Waf­fen SS vet­er­an Her­bert Schweiger: Activist for South Tyrolean Inde­pen­dence

    Aus­tri­an Free­dom Par­ty founder Her­bert Schweiger is no stranger to the issue of the South Tyrol: “. . . . Her­bert Schweiger makes no attempt to hide his Nazi views. At his home in the Aus­tri­an moun­tains, the for­mer SS offi­cer gazes out of a win­dow to a view of a misty alpine val­ley. Described to me as the ‘Pup­pet Mas­ter’ of the far right, Schweiger, 85, is a leg­endary fig­ure for neo-Nazis across the world. Our time is com­ing again and soon we will have anoth­er leader like Hitler,’ he says. Still remark­ably sharp-mind­ed, Schweiger was a lieu­tenant in the infa­mous Waf­fen SS Panz­er Divi­sion Leib­stan­darte Adolf Hitler, an elite unit orig­i­nal­ly formed before WWII to act as the Führer’s per­son­al body­guards. . . .He was a found­ing mem­ber of three polit­i­cal par­ties in Aus­tria – the VDU, the banned NDP and the FPO. He has giv­en his sup­port to the cur­rent leader of the FPO. ‘Stra­che is doing the right thing by fight­ing the for­eign­er,’ says Schweiger. He is now in close con­tact with the Kam­er­ad­schaften, under­ground cells of hard­core neo-Nazis across Aus­tria and Ger­many who, over the past three years, have start­ed to infil­trate polit­i­cal par­ties such as the FPO. His belief that the bul­let and the bal­lot box go hand in hand goes back to 1961, when he helped to train a ter­ror­ist move­ment fight­ing for the reuni­fi­ca­tion of Aus­tria and South Tyrol. ‘I was an explo­sives expert in the SS so I trained Burschen­schaften how to make bombs. We used the hotel my wife and I owned as a train­ing camp,’ he says. The hotel he refers to is 50 yards from his home. Thir­ty peo­ple in Italy were mur­dered dur­ing the cam­paign. One of the men con­vict­ed for the atroc­i­ties, Nor­bert Burg­er, lat­er formed the now-banned neo-Nazi NDP par­ty with Schweiger. . . .”

In France, the cen­ter-left can­di­date for pres­i­dent–Fran­cois Fil­lon–is push­ing both for an increase in French defense spend­ing and a Ger­man-led dri­ve for an all EU army. Both are goals of the Under­ground Reich and the Trumpenkampfver­bande, as set forth in FTR #‘s 918 and 919. His views on rap­proche­ment with Rus­sia are typ­i­cal of a sig­nif­i­cant por­tion of a rel­a­tive­ly broad spec­trum of Euro­pean polit­i­cal par­ties. This res­onates well with the Trumpenkampfver­bande, again, as dis­cussed in FTR #‘s 918 and 919.  ” . . . . sim­i­lar trends are play­ing out in sev­er­al Euro­pean coun­tries, along their own par­tic­u­lar nation­al lines. In Ger­many, for instance, cen­ter-left lead­ers are push­ing to aban­don their country’s role in lead­ing Euro­pean efforts to counter Rus­sia. Instead, they advo­cate revert­ing to the Cold War-era pol­i­cy of Ost­poli­tik, in which West Ger­many sought a neu­tral bal­anc­ing role between East and West. Often, West Euro­pean politi­cians do not see them­selves as explic­it­ly call­ing for align­ing with Moscow, but rather for aban­don­ing the cost­ly mis­sion to counter Russia’s aggres­sion against far­away east­ern states at a moment when they have more imme­di­ate con­cerns. West Euro­pean lead­ers see them­selves as fight­ing an increas­ing­ly unten­able two-front war: a south­ern front against immi­gra­tion and ter­ror­ism and an east­ern front against Rus­sia. The east­ern front is large­ly a project of pol­i­cy estab­lish­ments that see it as essen­tial to main­tain­ing Europe’s post­war order. Vot­ers are more skep­ti­cal; a 2015 Pew poll found that slight majori­ties in France, Ger­many and Italy said their coun­tries should not uphold their treaty oblig­a­tion to defend an east­ern NATO ally should it be attacked by Rus­sia. Vot­ers, par­tic­u­lar­ly those on the right, have long seen south­ern issues — ter­ror­ism and immi­gra­tion — as more impor­tant. Their threats to install far-right gov­ern­ments that would dis­man­tle the Euro­pean project entire­ly are increas­ing­ly cred­i­ble. . . .” 

The broad­cast con­cludes with a look at Rex W. Tiller­son, the CEO of Exxon Mobil, cho­sen by Trump to be Sec­re­tary of State. Tiller­son is opposed to main­tain­ing sanc­tions against Rus­sia: ” . . . .  At the cen­ter of the debate are ques­tions about Mr. Tillerson’s vocal oppo­si­tion to Amer­i­can sanc­tions imposed on Rus­sia as he pur­sued oil and gas deals in that coun­try. . . .” This too, is res­o­nant with cor­po­rate Ger­many’s wish­es as set forth in FTR #‘s 918 and 919. Again, cor­po­rate Ger­many is dom­i­nat­ed by the Bor­mann net­work.

We con­clude with a recap of the Bor­mann cap­i­tal net­work’s influ­ence with­in Stan­dard Oil of New Jer­sey (Exxon was for­mer­ly Stan­dard of New Jer­sey, now merged with Mobil, Stan­dard of New York.) ” . . .Vast­ly diver­si­fied, it is said to be the largest land-own­er in South Amer­i­ca, and through stock­hold­ings, con­trols Ger­man heavy indus­try and the trust estab­lished by the late Her­mann Schmitz, for­mer pres­i­dent of I.G. Far­ben, who held as much stock in Stan­dard Oil of New Jer­sey as did the Rock­e­fellers. . . .”

Pro­gram High­lights Include: 

  • A recap of ele­men­tary fea­tures of Ger­man Ost­poli­tik.
  • A syn­op­sis of the OUN/B and its World War II and post-World War II oper­a­tions.
  • A syn­op­sis of the infor­ma­tion indi­cat­ing Rus­sia was not behind the high-pro­file hacks for which it has been pun­ished.

1a. The hack of John Podesta’s e‑mail–alleged to have been per­formed by Russia–originated with a phish­ing attack from Ukraine.

“The Phish­ing Email that Hacked the Account of John Podes­ta;” CBS News; 10/28/2016.

This appears to be the phish­ing email that hacked Clin­ton cam­paign chair­man John Podesta’s Gmail account. Fur­ther, The Clin­ton campaign’s own com­put­er help desk thought it was real email sent by Google, even though the email address had a sus­pi­cious “googlemail.com” exten­sion. . . .

. . . . The email, with the sub­ject line “*Some­one has your pass­word,*” greet­ed Podes­ta, “Hi John” and then said, “Some­one just used your pass­word to try to sign into your Google Account john.podesta@gmail.com.” Then it offered a time stamp and an IP address in “Loca­tion: Ukraine.” 

“Google stopped this sign-in attempt. You should change your pass­word imme­di­ate­ly.” And it then offered a link to change his pass­word.

“This is a legit­i­mate email,” Charles Del­e­van at the HFA help desk wrote to Podesta’s chief of staff, Sara Lath­am. “John needs to change his pass­word imme­di­ate­ly, and ensure that two-fac­tor authen­ti­ca­tion is turned on his account.”

Del­e­van includ­ed the Gmail link that would be used to change a user’s pass­word, but who­ev­er changed Podesta’s pass­word instead clicked on the short­ened URL that was in the orig­i­nal phish­ing email. This is the same tech­nique used to hack Col­in Powell’s emails and the Demo­c­ra­t­ic Nation­al Com­mit­tee emails, accord­ing to the web­site Moth­er­board.

All of these hacks were exe­cut­ed using these short­ened URLs in fake emails, accord­ing to Moth­er­board, and those URLs “were cre­at­ed with a Bit­ly account linked to a domain under the con­trol of Fan­cy Bear,” a group of Russ­ian hack­ers.

1b. Next, the pro­gram high­lights a top­ic that was ini­tial­ly broached in the last pro­gram. The OUN/B milieu in the U.S. has appar­ent­ly been instru­men­tal in gen­er­at­ing the “Rus­sia did it” dis­in­for­ma­tion about the high-pro­file hacks. A Ukrain­ian activist named Alexan­dra Chalu­pa has been instru­men­tal in dis­trib­ut­ing this dis­in­for­ma­tion to Hillary Clin­ton and influ­enc­ing the progress of the dis­in­for­ma­tion in the media. ” . . . . One of the key media sources [46] who blamed the DNC hacks on Rus­sia, ramp­ing up fears of cryp­to-Putin­ist infil­tra­tion, is a Ukrain­ian-Amer­i­can lob­by­ist work­ing for the DNC. She is Alexan­dra Chalupa—described as the head of the Demo­c­ra­t­ic Nation­al Committee’s oppo­si­tion research on Rus­sia and on Trump, and founder and pres­i­dent of the Ukrain­ian lob­by group ‘US Unit­ed With Ukraine Coali­tion’ [47], which lob­bied hard to pass a 2014 bill increas­ing loans and mil­i­tary aid to Ukraine, impos­ing sanc­tions on Rus­sians, and tight­ly align­ing US and Ukraine geostrate­gic inter­ests. . . . In one leaked DNC email [50] ear­li­er this year, Chalu­pa boasts to DNC Com­mu­ni­ca­tions Direc­tor Luis Miran­da that she brought Isikoff to a US-gov­ern­ment spon­sored Wash­ing­ton event fea­tur­ing 68 Ukrain­ian jour­nal­ists, where Chalu­pa was invit­ed ‘to speak specif­i­cal­ly about Paul Man­afort.’ In turn, Isikoff named her as the key inside source [46] ‘prov­ing’ that the Rus­sians were behind the hacks, and that Trump’s cam­paign was under the spell of Krem­lin spies and sor­cer­ers. . . .”

“The Anony­mous Black­list Quot­ed by the Wash­ing­ton Post Has Appar­ent Ties to Ukrain­ian Fas­cism and CIA Spy­ing” by Mark Ames; Alternet.org; 12/7/2016.

. . . . Still the ques­tion lingers: Who is behind Pro­pOrNot? Who are they? We may have to await the defama­tion law­suits that are almost cer­tain­ly com­ing from those smeared by the Post and by Pro­pOrNot. Their descrip­tion sounds like the “About” tab on any num­ber of Wash­ing­ton front groups that jour­nal­ists and researchers are used to com­ing across:

“Pro­pOrNot is an inde­pen­dent team of con­cerned Amer­i­can cit­i­zens with a wide range of back­grounds and exper­tise, includ­ing pro­fes­sion­al expe­ri­ence in com­put­er sci­ence, sta­tis­tics, pub­lic pol­i­cy, and nation­al secu­ri­ty affairs.”

The only spe­cif­ic clues giv­en were an admis­sion that at least one of its mem­bers with access to its Twit­ter han­dle is “Ukrain­ian-Amer­i­can”. They had giv­en this away in a hand­ful of ear­ly Ukrain­ian-lan­guage tweets, par­rot­ing Ukrain­ian ultra­na­tion­al­ist slo­gans, before the group was known.

One Pro­pOrNot tweet, dat­ed Novem­ber 17, invokes a 1940s Ukrain­ian fas­cist salute “Hero­iam Sla­va!!” [17] to cheer a news item on Ukrain­ian hack­ers fight­ing Rus­sians. The phrase means “Glo­ry to the heroes” and it was for­mal­ly intro­duced by the fas­cist Orga­ni­za­tion of Ukrain­ian Nation­al­ists (OUN) at their March-April 1941 con­gress in Nazi occu­pied Cra­cow, as they pre­pared to serve as Nazi aux­il­iaries in Oper­a­tion Bar­barossa. As his­to­ri­an Grz­gorz Rossolińs­ki-Liebe, author of the defin­i­tive biog­ra­phy [18] on Ukraine’s wartime fas­cist leader and Nazi col­lab­o­ra­tor [19] Stepan Ban­dera, explained [20]:

“the OUN‑B intro­duced anoth­er Ukrain­ian fas­cist salute at the Sec­ond Great Con­gress of the Ukrain­ian Nation­al­ists in Cra­cow in March and April 1941. This was the most pop­u­lar Ukrain­ian fas­cist salute and had to be per­formed accord­ing to the instruc­tions of the OUN‑B lead­er­ship by rais­ing the right arm ‘slight­ly to the right, slight­ly above the peak of the head’ while call­ing ‘Glo­ry to Ukraine!’ (Sla­va Ukraїni!) and respond­ing ‘Glo­ry to the Heroes!’ (Hero­iam Sla­va!).”

Two months after for­mal­iz­ing this salute, Nazi forces allowed Bandera’s Ukrain­ian fas­cists to briefly take con­trol of Lvov [21], at the time a pre­dom­i­nant­ly Jew­ish and Pol­ish city—whereupon the Ukrain­ian “patri­ots” mur­dered, tor­tured and raped thou­sands of Jews [22], in one of the most bar­bar­ic [23] and blood­i­est pogroms ever.

Since the 2014 Maid­an Rev­o­lu­tion brought Ukrain­ian neo-fas­cists [24] back into the high­est rungs of pow­er [25], Ukraine’s Nazi col­lab­o­ra­tors and wartime fas­cists have been reha­bil­i­tat­ed [26] as heroes [27], with major high­ways and roads named after them [28], and pub­lic com­mem­o­ra­tions. The speak­er of Ukraine’s par­lia­ment, Andriy Paru­biy [29], found­ed Ukraine’s neo-Nazi “Social-Nation­al Par­ty of Ukraine” [30] and pub­lished a white suprema­cist man­i­festo, “View From the Right” [31] fea­tur­ing the par­lia­ment speak­er in full neo-Nazi uni­form in front of fas­cist flags with the Nazi Wolf­san­gel sym­bol. Ukraine’s pow­er­ful Inte­ri­or Min­is­ter, Arsen Avakov, spon­sors [32] sev­er­al ultra­na­tion­al­ist and neo-Nazi mili­tia groups like the Azov Bat­tal­ion [33], and last month he helped appoint anoth­er neo-Nazi[34], Vadym Troy­an [35], as head of Ukraine’s Nation­al Police [36]. (Ear­li­er this year, when Troy­an was still police chief of the cap­i­tal Kiev, he was wide­ly accused [35] of hav­ing ordered an ille­gal sur­veil­lance oper­a­tion on inves­tiga­tive jour­nal­ist Pavel Sheremet just before his assas­si­na­tion by car bomb [37].)

A Ukrain­ian intel­li­gence ser­vice black­list as PropOrNot’s mod­el

Since com­ing to pow­er in the 2014 Maid­an Rev­o­lu­tion, Ukraine’s US-backed regime has waged an increas­ing­ly sur­re­al war on jour­nal­ists who don’t toe the Ukrain­ian ultra­na­tion­al­ist line, and against treach­er­ous Krem­lin pro­pa­gan­dists, real and imag­ined. Two years ago, Ukraine estab­lished a “Min­istry of Truth” [38]. This year the war has gone from sur­re­al para­noia [39] to an increas­ing­ly dead­ly [40] kind of “ter­ror.” [41]

One of the more fright­en­ing poli­cies enact­ed by the cur­rent oli­garch-nation­al­ist regime in Kiev is an online black­list [42] of jour­nal­ists accused of col­lab­o­rat­ing with pro-Russ­ian “ter­ror­ists.” [43]  The web­site, “Myrotvorets” [43] or “Peacemaker”—was set up by Ukrain­ian hack­ers work­ing with state intel­li­gence and police, all of which tend to share the same ultra­na­tion­al­ist ide­olo­gies as Paru­biy and the new­ly-appoint­ed neo-Nazi chief of the Nation­al Police.

Con­demned by the Com­mit­tee to Pro­tect Jour­nal­ists [44] and numer­ous news orga­ni­za­tions in the West and in Ukraine, the online black­list includes the names and per­son­al pri­vate infor­ma­tion on some 4,500 jour­nal­ists [45], includ­ing sev­er­al west­ern jour­nal­ists [43] and Ukraini­ans work­ing for west­ern media. The web­site is designed to fright­en and muz­zle jour­nal­ists from report­ing any­thing but the pro-nation­al­ist par­ty line, and it has the back­ing of gov­ern­ment offi­cials, spies and police—including the SBU (Ukraine’s suc­ces­sor to the KGB), the pow­er­ful Inte­ri­or Min­is­ter Avakov and his noto­ri­ous far-right deputy, Anton Geraschenko.

Ukraine’s jour­nal­ist black­list website—operated by Ukrain­ian hack­ers work­ing with state intelligence—led to a rash of death threats against the doxxed jour­nal­ists, whose email address­es, phone num­bers and oth­er pri­vate infor­ma­tion was post­ed anony­mous­ly to the web­site. Many of these threats came with the wartime Ukrain­ian fas­cist salute: “Sla­va Ukrai­ni!” [Glo­ry to Ukraine!] So when PropOrNot’s anony­mous “researchers” reveal only their Ukrainian(s) iden­ti­ty, it’s hard not to think about the spy-linked hack­ers who post­ed the dead­ly “Myrotvorets” black­list of “trea­so­nous” jour­nal­ists.

The DNC’s Ukrain­ian ultra-nation­al­ist researcher cries trea­son

Because the Pro­pOrNot black­list of Amer­i­can jour­nal­ist “trai­tors” is anony­mous, and the Wash­ing­ton Post front-page arti­cle pro­tects their anonymi­ty, we can only spec­u­late on their iden­ti­ty with what lit­tle infor­ma­tion they’ve giv­en us. And that lit­tle bit of infor­ma­tion reveals only a Ukrain­ian ultra­na­tion­al­ist thread—the salute, the same obses­sive­ly vio­lent para­noia towards Rus­sia, and towards jour­nal­ists, who in the eyes of Ukrain­ian nation­al­ists have always been dupes and stooges, if not out­right col­lab­o­ra­tors, of Russ­ian evil.

One of the key media sources [46] who blamed the DNC hacks on Rus­sia, ramp­ing up fears of cryp­to-Putin­ist infil­tra­tion, is a Ukrain­ian-Amer­i­can lob­by­ist work­ing for the DNC. She is Alexan­dra Chalupa—described as the head of the Demo­c­ra­t­ic Nation­al Committee’s oppo­si­tion research on Rus­sia and on Trump, and founder and pres­i­dent of the Ukrain­ian lob­by group “US Unit­ed With Ukraine Coali­tion” [47], which lob­bied hard to pass a 2014 bill increas­ing loans and mil­i­tary aid to Ukraine, impos­ing sanc­tions on Rus­sians, and tight­ly align­ing US and Ukraine geostrate­gic inter­ests.

In Octo­ber of this year, Yahoo News named Chalu­pa [48] one of “16 Peo­ple Who Shaped the 2016 Elec­tion” [49] for her role in pin­ning the DNC leaks on Russ­ian hack­ers, and for mak­ing the case that the Trump cam­paign was under Krem­lin con­trol. “As a Demo­c­ra­t­ic Par­ty con­sul­tant and proud Ukrain­ian-Amer­i­can, Alexan­dra Chalu­pa was out­raged last spring when Don­ald Trump named Paul Man­afort as his cam­paign man­ag­er,” the Yahoo pro­file began. “As she saw it, Man­afort was a key fig­ure in advanc­ing Russ­ian Pres­i­dent Vladimir Putin’s agen­da inside her ances­tral home­land — and she was deter­mined to expose it.”

Chalu­pa worked with vet­er­an reporter Michael Isikoff of Yahoo News to pub­li­cize her oppo­si­tion research on Trump, Rus­sia and Paul Man­afort, as well as her many Ukrain­ian sources. In one leaked DNC email [50] ear­li­er this year, Chalu­pa boasts to DNC Com­mu­ni­ca­tions Direc­tor Luis Miran­da that she brought Isikoff to a US-gov­ern­ment spon­sored Wash­ing­ton event fea­tur­ing 68 Ukrain­ian jour­nal­ists, where Chalu­pa was invit­ed “to speak specif­i­cal­ly about Paul Man­afort.” In turn, Isikoff named her as the key inside source [46] “prov­ing” that the Rus­sians were behind the hacks, and that Trump’s cam­paign was under the spell of Krem­lin spies and sor­cer­ers.

(In 2008, when I broke the sto­ry [51] about the Man­afort-Krem­lin ties in The Nation with Ari Berman, I did not go on to to accuse him or John McCain, whose cam­paign was being run by Manafort’s part­ner, of being Manchuri­an Can­di­dates under the spell of Vladimir Putin. Because they weren’t; instead, they were sleazy, cor­rupt, hyp­o­crit­i­cal politi­cians who fol­lowed mon­ey and pow­er rather than prin­ci­ple. A media hack feed­ing fren­zy turned Man­afort from what he was—a sleazy scumbag—into a fan­tas­ti­cal Krem­lin mole [52], forc­ing Man­afort to resign from the Trump cam­paign, thanks in part to kom­pro­mat mate­r­i­al leaked by the Ukrain­ian SBU [53], suc­ces­sor to the KGB.)

Mean­while, Chalupa’s Twit­ter feed went wild accus­ing Trump of treason—a crime that car­ries the death penal­ty. Along with well over 100 tweets hash­tagged #Trea­so­nous­Trump [54] Chalu­pa repeat­ed­ly asked pow­er­ful gov­ern­ment offi­cials and bod­ies like the Depart­ment of Jus­tice [55] to inves­ti­gate Trump for the cap­i­tal crime of trea­son. In the weeks since the elec­tion, Chalu­pa has repeat­ed­ly accused [56] both the Trump cam­paign and Rus­sia of rig­ging the elec­tions, demand­ing fur­ther inves­ti­ga­tions. Accord­ing to The Guardian [57], Chalu­pa recent­ly sent a report to Con­gress prov­ing Russ­ian hacked into the vote count, hop­ing to ini­ti­ate a Con­gres­sion­al inves­ti­ga­tion. In an inter­view with Gothamist [58], Chalu­pa described alleged Russ­ian inter­fer­ence in the elec­tion result as “an act of war.”

To be clear, I am not argu­ing that Chalu­pa is behind Pro­pOrNot. But it is impor­tant to pro­vide con­text to the boasts by Pro­pOrNot about its Ukrain­ian nation­al­ist links—within the larg­er con­text of the Clin­ton campaign’s anti-Krem­lin hys­te­ria, which crossed the line into Cold War xeno­pho­bia time and time again, an anti-Russ­ian xeno­pho­bia shared by Clinton’s Ukrain­ian nation­al­ist allies. To me, it looks like a clas­sic case of blow­back: A hyper-nation­al­ist group whose extrem­ism hap­pens to be use­ful to Amer­i­can geopo­lit­i­cal ambi­tions, and is there­fore nur­tured to cre­ate prob­lems for our com­peti­tor. Indeed, the US has cul­ti­vat­ed extreme Ukrain­ian nation­al­ists as prox­ies [59] for decades, since the Cold War began.

As inves­tiga­tive jour­nal­ist Russ Bel­lant doc­u­ment­ed in his clas­sic exposé, “Old Nazis, New Right,” Ukrain­ian Nazi col­lab­o­ra­tors were brought into the Unit­ed States and weaponized [60] for use against Rus­sia dur­ing the Cold War, despite what­ev­er role they may have played in the Holo­caust and in the mass slaugh­ter of Ukraine’s eth­nic Poles. After spend­ing so many years encour­ag­ing extreme Ukrain­ian nation­al­ism, it’s no sur­prise that the whole pol­i­cy is begin­ning to blow back.

2. It looks like Steve Ban­non will have some Alt-Right com­pa­ny in the White House advi­so­ry staff: Stephen Miller, for­mer chief aide to Trump’s pick for Attor­ney Gen­er­al Jeff Ses­sions, is set to be Trumps senior advi­sor for pol­i­cy. He’s also report­ed­ly quite close to Alt-Right ring-leader Richard Spencer going back to their time at Duke University’s Duke Con­ser­v­a­tive Union.

“Trump’s Newest Senior Advis­er Seen as a White Nation­al­ist Ally” by Josh Harkin­son; Moth­er Jones; 12/14/2016.

Stephen Miller drew praise from a top white nation­al­ist, who hopes he’ll “do good things for white Amer­i­ca.”

Pres­i­dent-elect Don­ald Trump’s newest pick to be a senior advis­er in the White House has long ties to a promi­nent white nation­al­ist, who sees him as an ally of the move­ment.

Stephen Miller, a top aide to Trump’s pres­i­den­tial cam­paign, will serve as a senior White House advis­er for pol­i­cy, Trump’s tran­si­tion team announced Tues­day. Miller is a for­mer staffer for the nativist Sen. Jeff Ses­sions (R‑Ala.), now Trump’s nom­i­nee for attor­ney gen­er­al. The announce­ment of Miller’s new role drew praise from white nation­al­ist leader Richard Spencer. “Stephen is a high­ly com­pe­tent and tough indi­vid­ual,” Spencer, who famous­ly coined the term “alt-right” to describe the insur­gent right-wing move­ment that has attract­ed white nation­al­ists and suprema­cists, told Moth­er Jones on Wednes­day. “So I have no doubt that he will do a great job.”

Spencer and Miller first came to know each oth­er in the late 2000s as stu­dents at Duke Uni­ver­si­ty, where they both belonged to the Duke Con­ser­v­a­tive Union. Miller earned notice for stand­ing up for white lacrosse play­ers false­ly accused in 2006 of gang rap­ing a black woman. Spencer also defend­ed the Duke lacrosse play­ers, writ­ing about the case for Pat Buchanan’s Amer­i­can Con­ser­v­a­tive, which lat­er hired him as an edi­tor.

Spencer told me that at Duke, Miller helped him with fundrais­ing and pro­mo­tion for an on-cam­pus debate on immi­gra­tion pol­i­cy that Spencer orga­nized in 2007, fea­tur­ing influ­en­tial white nation­al­ist Peter Brimelow. Anoth­er for­mer mem­ber of the Duke Con­ser­v­a­tive Union con­firms that Miller and Spencer worked togeth­er on the event. At DCU meet­ings, accord­ing to a past pres­i­dent of the group, Miller denounced mul­ti­cul­tur­al­ism and expressed con­cerns that immi­grants from non-Euro­pean coun­tries were not assim­i­lat­ing.

“I knew [Miller] very well when I was at Duke,” Spencer told me when I vis­it­ed him at his home in White­fish, Mon­tana, a few weeks before the elec­tion. “But I am kind of glad no one’s talked about this, because I don’t want to harm Trump.”

Miller wrote about two dozen columns for the Duke Chron­i­cle, and his arti­cles assailed mul­ti­cul­tur­al­ism (which he called “seg­re­ga­tion”) and paid fam­i­ly leave (which he said results in men get­ting laid off). He also denied there was sys­tem­at­ic racism (which he dubbed “racial para­noia”).

When con­tact­ed by Moth­er Jones in Octo­ber, Miller did not respond on the record to spe­cif­ic ques­tions about his activ­i­ties with the DCU or his views on race and immi­gra­tion, but he denied ever being close to Spencer. “I have absolute­ly no rela­tion­ship with Mr. Spencer,” he said in an email that month. “I com­plete­ly repu­di­ate his views, and his claims are 100 per­cent false.”

Before join­ing the Trump cam­paign last year, Miller, who is 30, served as Ses­sions’ chief of com­mu­ni­ca­tions. “Those who worked with them say that Ses­sions and Miller had a ‘mind meld,’” Julia Ioffe wrote in a June Politi­co pro­file of Miller. Ses­sions and Miller worked close­ly in oppos­ing the Supreme Court con­fir­ma­tion of Sonia Sotomay­or, who Ses­sions implied might not be impar­tial due to her His­pan­ic her­itage. In 2014, after the Sen­ate had passed a bipar­ti­san deal on com­pre­hen­sive immi­gra­tion reform, Ses­sions helped kill it in the House by dis­trib­ut­ing anti-immi­gra­tion fig­ures and talk­ing points that were writ­ten by Miller.

Dur­ing the cam­paign, Miller, as a senior advis­er to Trump, warmed up crowds at Trump ral­lies with fiery, pop­ulist speech­es draw­ing from a nativist play­book. “We’re going to build that wall high and we’re going to build it tall,” he pro­claimed at a Trump event in Dal­las in June. “We’re going to build that wall, and we’re going to build it out of love. We’re going to build it out of love for every fam­i­ly who wants to raise their kids in safe­ty and peace…We’re build­ing it out of love for Amer­i­ca and Amer­i­cans of all back­grounds.”

3a. Orig­i­nal­ly found­ed by Third Reich vet­er­ans as a vehi­cle for the polit­i­cal reha­bil­i­ta­tion of NSDAP mem­bers, Austria’s Free­dom Par­ty has net­worked with Putin and Trump’s nation­al secu­ri­ty advis­er des­ig­nate Michael Fly­nn. The pri­ma­ry focus is on lift­ing the sanc­tions imposed on Rus­sia. This step is also favored by cor­po­rate Ger­many, as dis­cussed in FTR #‘s 918 and 919” . . . . Free­dom Par­ty leader Heinz-Chris­t­ian Stra­che and Nor­bert Hofer, the los­ing can­di­date in this month’s pres­i­den­tial elec­tion, signed a “work­ing agree­ment” with Russ­ian Pres­i­dent Vladimir Putin’s Unit­ed Rus­sia par­ty in Moscow on Mon­day, accord­ing to a state­ment issued by the Aus­tri­an par­ty. It added that Stra­che met last month in New York with Michael Fly­nn, nom­i­nat­ed to become Pres­i­dent-elect Don­ald Trump’s Nation­al Secu­ri­ty Advis­er. Stra­che wants to roll back ‘the sanc­tions that are harm­ful and ulti­mate­ly use­less for the econ­o­my,’ accord­ing to the Free­dom Par­ty state­ment. . . . ”

“Aus­tri­an Pop­ulists Go to Moscow to Pitch Trump-Putin Bridge” by Boris Groen­dahl and Jonathan Tirone; Bloomberg Pol­i­tics; 12/19/2016.

* Free­dom Par­ty chiefs in ‘diplo­mat­ic talks’ with Unit­ed Rus­sia
* Par­ty has opposed sanc­tions on Rus­sia; leads in Aus­tri­an polls

Austria’s pop­ulist Free­dom Par­ty said it wants to bro­ker an end to sanc­tions on Rus­sia by using its con­tacts with the White House and the Krem­lin to reduce east-west ten­sions.

Free­dom Par­ty leader Heinz-Chris­t­ian Stra­che and Nor­bert Hofer, the los­ing can­di­date in this month’s pres­i­den­tial elec­tion, signed a “work­ing agree­ment” with Russ­ian Pres­i­dent Vladimir Putin’s Unit­ed Rus­sia par­ty in Moscow on Mon­day, accord­ing to a state­ment issued by the Aus­tri­an par­ty. It added that Stra­che met last month in New York with Michael Fly­nn, nom­i­nat­ed to become Pres­i­dent-elect Don­ald Trump’s Nation­al Secu­ri­ty Advis­er.

Stra­che wants to roll back “the sanc­tions that are harm­ful and ulti­mate­ly use­less for the econ­o­my,” accord­ing to the Free­dom Par­ty state­ment, which described itself as “a neu­tral and reli­able medi­a­tor and part­ner.” The del­e­ga­tion met with Unit­ed Russia’s inter­na­tion­al sec­re­tary, Sergei Zheleznyak, accord­ing to a spokesman for the Russ­ian par­ty.

This is the first for­mal agree­ment with a major par­ty from EU-mem­ber state since the bloc imposed its sanc­tions on Rus­sia for annex­ing Crimea and sup­port­ing sep­a­ratists in East­ern Ukraine.

While the Free­dom Par­ty was defeat­ed for the Aus­tri­an pres­i­den­cy by an inde­pen­dent can­di­date, it tops nation­al opin­ion polls with about a third of the vote.

Par­ty offi­cials have in the past called for an end to Euro­pean Union sanc­tions against Rus­sia and voiced sup­port for Russia’s annex­a­tion of Crimea. In a Face­book post­ing, Stra­che said that Rus­sia had “freed Alep­po” from Islam­ic State.

“Aus­tria needs inter­na­tion­al polit­i­cal and busi­ness con­tacts rather than neg­a­tive and dam­ag­ing sanc­tions,” Stra­che said on Face­book. Aus­tria was neu­tral dur­ing the Cold War. Aus­tri­an com­pa­nies includ­ing oil and gas group OMV AG and Raif­feisen Bank Inter­na­tion­al AG have close busi­ness ties to Moscow.

Dur­ing this year’s pres­i­den­tial bal­lot, Hofer cam­paigned on the promise to build a bridge between Trump and the Krem­lin. The election’s win­ner, for­mer Green Par­ty leader Alexan­der Van der Bellen, off­set Hofer’s appeals by argu­ing Austria’s most impor­tant eco­nom­ic inter­ests are inside the EU. . . .

3b. We review the Nazi ori­gins of the Free­dom Par­ty, recap­ping its ori­gins as a vehi­cle for re-intro­duc­ing Ger­man Nazi Par­ty vet­er­ans into Aus­tri­an pol­i­tics. Note the place of the South Tyrol in a Pan-Ger­man­ic “New Europe.”  

“Aus­tri­a’s Far Right Sees a Prize With­in Reach: The Pres­i­den­cy” by Ali­son Smale; The New York Times; 11/29/2016.

In his office in Aus­tria’s grand old Par­lia­ment, Nor­bert Hofer, the man who would be Austria’s next pres­i­dent, presents him­self as any­thing but a threat.

He enters with a pro­nounced limp as a result of a 2003 paraglid­ing acci­dent. He air-kiss­es a visitor’s hand. He then spends much of the next hour pro­fess­ing that he is not nation­al­ist and cer­tain­ly not anti-Semit­ic, insists that he is too young to have any­thing to do with Nazism and says that he is no part of any pop­ulist wave. . . .

. . . . Mr. Trump’s vic­to­ry, Mr. Hofer said, has erod­ed any lin­ger­ing inhi­bi­tions that Aus­tri­ans may have had about open­ly sup­port­ing his can­di­da­cy, though that remained to be seen.

“With Trump’s vic­to­ry, that bar­ri­er has loos­ened a bit,” Mr. Hofer said with evi­dent sat­is­fac­tion.

The exis­tence of such bar­ri­ers hints at a last­ing stig­ma around the Free­dom Par­ty, which was cre­at­ed by a group of for­mer Nazis in the 1950s and gained polit­i­cal trac­tion under the charis­mat­ic lead­er­ship of the pop­ulist Jörg Haider in the 1990s. . . .

. . . . Mr. Hofer’s oppo­nents are keen­ly active. Last Thurs­day, Mr. Van der Bellen post­ed a video appeal for votes from an 89-year-old Vien­nese woman who sur­vived Auschwitz and said she was hor­ri­fied by Free­dom Par­ty talk of a com­ing “civ­il war.”

Iden­ti­fied only as Gertrude, she recalled see­ing her first dead body dur­ing the 1934 left-right street bat­tles here and Vien­nese res­i­dents’ mock­ing the Jews forced to scrub streets with tooth­brush­es after the Nazis took pow­er.

Mr. Van der Bellen’s cam­paign said her iden­ti­ty would be kept secret for fear of hate attacks on social media that have already been a fea­ture of the months of cam­paign vit­ri­ol. The video gar­nered over 2.5 mil­lion views in three days.

A TV talk show host, Corin­na Mil­born, grilled Mr. Hofer last week for an hour over his alleged nation­al­ist views and his calls for undo­ing the “unjust bor­der” that keeps South Tyrol, a region of north­ern Italy, apart from Austria’s Tyrol. Mr. Hofer’s grin evap­o­rat­ed and he almost blew his cool. . . .

3c. A founder of the Free­dom Par­ty is SS vet­er­an Her­bert Schweiger, who has long cam­paigned and exe­cut­ed vio­lence in sup­port of South Tyrolean reuni­fi­ca­tion with Aus­tria.

“The Far Right Is on the March Again: The Rise of  Fas­cism in Aus­tria” by Bil­ly Brig­gs; Dai­ly Mail; 3/18/2009.

. . . . Her­bert Schweiger makes no attempt to hide his Nazi views. At his home in the Aus­tri­an moun­tains, the for­mer SS offi­cer gazes out of a win­dow to a view of a misty alpine val­ley. Described to me as the ‘Pup­pet Mas­ter’ of the far right, Schweiger, 85, is a leg­endary fig­ure for neo-Nazis across the world.

‘Our time is com­ing again and soon we will have anoth­er leader like Hitler,’ he says.

Still remark­ably sharp-mind­ed, Schweiger was a lieu­tenant in the infa­mous Waf­fen SS Panz­er Divi­sion Leib­stan­darte Adolf Hitler, an elite unit orig­i­nal­ly formed before WWII to act as the Führer’s per­son­al body­guards.

This is his first inter­view for four years and the first he has ever giv­en to a jour­nal­ist from out­side Aus­tria. It hap­pens a few weeks before he is due to appear in court charged with pro­mot­ing neo-Nazi ide­ol­o­gy.

It will be the fifth time he has stood tri­al for break­ing a law, the Ver­bots­ge­setz, enact­ed in 1947 to halt the spread of fas­cist ide­ol­o­gy. He has been found guilty twice and acquit­ted twice. It quick­ly becomes appar­ent that lit­tle has changed in Schweiger’s mind­set since his Third Reich days.

‘The Jew on Wall Street is respon­si­ble for the world’s cur­rent eco­nom­ic cri­sis. It is the same now as in 1929 when 90 per cent of mon­ey was in the hands of the Jew. Hitler had the right solu­tions then,’ he says, invok­ing the lan­guage of Goebbels.

The room is filled with memen­tos from his past and indi­ca­tors of his sick­en­ing beliefs. His book­shelf is a library of loathing. I spot a book by con­tro­ver­sial British Holo­caust denier David Irv­ing and one on the ‘myth of Auschwitz’. On a shelf hangs a pen­nant from the SS Death’s Head unit that ran Hitler’s con­cen­tra­tion camps. Such mem­o­ra­bil­ia is banned in Aus­tria but Schweiger defi­ant­ly dis­plays his Nazi pos­ses­sions.

If Schweiger was an old Nazi liv­ing out his final days in this remote spot, it might be pos­si­ble to shrug him off as a now harm­less man liv­ing in his past. But Schweiger has no inten­tion of keep­ing qui­et.

‘My job is to edu­cate the fun­da­men­tals of Nazism. I trav­el reg­u­lar­ly in Aus­tria and Ger­many speak­ing to young mem­bers of our dif­fer­ent groups,’ he says.

Schweiger’s lec­tures are full of hate and prej­u­dice. He refers to Jews as ‘intel­lec­tu­al nomads’ and says poor Africans should be allowed to starve.

‘The black man only thinks in the present and when his bel­ly is full he does not think of the future,’ he says. ‘They repro­duce en masse even when they have no food, so sup­port­ing Africans is sui­cide for the white race.

‘It is not nation against nation now but race against race. It is a ques­tion of sur­vival that Europe unites against the rise of Asia. There is an unstop­pable war between the white and yel­low races. In Eng­land and Scot­land there is very strong racial poten­tial.

‘Of course I am a racist, but I am a sci­en­tif­ic racist,’ he adds, as if this is a jus­ti­fi­ca­tion.

Schweiger’s rai­son d’être is pol­i­tics. He was a found­ing mem­ber of three polit­i­cal par­ties in Aus­tria – the VDU, the banned NDP and the FPO. He has giv­en his sup­port to the cur­rent leader of the FPO. He has giv­en his sup­port to the cur­rent leader of the FPO.

‘Stra­che is doing the right thing by fight­ing the for­eign­er,’ says Schweiger.

He is now in close con­tact with the Kam­er­ad­schaften, under­ground cells of hard­core neo-Nazis across Aus­tria and Ger­many who, over the past three years, have start­ed to infil­trate polit­i­cal par­ties such as the FPO.

His belief that the bul­let and the bal­lot box go hand in hand goes back to 1961, when he helped to train a ter­ror­ist move­ment fight­ing for the reuni­fi­ca­tion of Aus­tria and South Tyrol.

‘I was an explo­sives expert in the SS so I trained Burschen­schaften how to make bombs. We used the hotel my wife and I owned as a train­ing camp,’ he says. The hotel he refers to is 50 yards from his home.

Thir­ty peo­ple in Italy were mur­dered dur­ing the cam­paign. One of the men con­vict­ed for the atroc­i­ties, Nor­bert Burg­er, lat­er formed the now-banned neo-Nazi NDP par­ty with Schweiger. . . .

3d. In the con­text of a Euro­pean re-align­ment vis a vis Rus­sia, we turn to the sub­ject of Fran­cois Fil­lon, the recent win­ner of France’s cen­ter-right par­ty pres­i­den­tial pri­ma­ry.

We begin with an arti­cle from July about Fillon’s atti­tudes to mil­i­tary spend­ing. To sum­ma­rize, Fil­lon is for increased mil­i­tary spend­ing, increased invest­ments in Frances nuclear forces, cit­ing Russia’s invest­ments as a rea­son to do so, and he advo­cates France push­ing Ger­many to cre­ate a Euro­pean Army. At the same time, Fil­lon sug­gests that NATO’s enlarge­ment to include Russia’s neigh­bors was a major mis­take and that France should be work­ing more close­ly with Rus­sia on areas like ter­ror­ism and Syr­ia.

“Defense Spend­ing Emerges as French Elec­tion Top­ic” by Pierre Tran; Defense News ; 7/13/2016.

François Fil­lon, a for­mer prime min­is­ter, said July 13 he would com­mit France to spend­ing two per­cent of its gross domes­tic prod­uct on defense and also retain the air­borne and sub­ma­rine-launched nuclear weapons if he won the pres­i­den­tial elec­tion next year.

Fil­lon, one of the can­di­dates in the pri­maries of the con­ser­v­a­tive par­ty Les Répub­li­cains, said the two per­cent fig­ure “is impor­tant.”

“That is a tar­get I would pur­sue,” he told the Euro­pean-Amer­i­can Press Club. “And equal­ly, I would main­tain the two com­po­nents for nuclear deter­rence.”

French defense spend­ing has slipped to around 1.5 per­cent, below the two per­cent tar­get set by NATO, as the nation­al econ­o­my strug­gles to grow.

Fil­lon said he would pur­sue work on the next gen­er­a­tion of nuclear mis­sile sub­marines to replace the present four-strong fleet “in the medi­um term.”

Inter­na­tion­al ten­sion would not allow France “to low­er its guard on the nuclear deter­rent front,” he said, adding that Rus­sia is re-arm­ing, build­ing nuclear subs, and installing anti-bal­lis­tic mis­sile defense capa­bil­i­ties around Moscow.

It was a major mis­take for NATO to extend its reach so close to Rus­sia, and it was impor­tant for Paris and Moscow to pur­sue a dia­log as Rus­sia remains a Euro­pean coun­try, he said.

Fil­lon, prime min­is­ter from May 2007 to May 2012, is one of the can­di­dates for the pri­maries to be held in Novem­ber, which will decide which can­di­date to stand in the pres­i­den­tial elec­tion in May.

There is a con­sen­sus among Les Repub­li­cains can­di­dates for the pri­maries and the Social­ist par­ty on main­tain­ing the two nuclear forces, which offer cred­i­bil­i­ty and flex­i­bil­i­ty of response, said Jean-Pierre Maulny, deputy direc­tor of the think tank Insti­tut de Rela­tions Inter­na­tionales et Stratégiques.

There was more debate of can­cel­ing one of the nuclear weapons in the pre­vi­ous pres­i­den­tial cam­paign. The argu­ments this time around are more about whether France should be “for or against” an atom­ic response, Maulny said.

France should per­suade Ger­many to set up a Euro­pean army, accord­ing to Fil­lon. Berlin could not rely whol­ly on NATO, as the alliance was unable to meet the threat from the Islam­ic State, he argued.

Fil­lon said he told French Pres­i­dent François Hol­lande that rather than launch French airstrikes against Syr­ia, the leader should sit down with his Russ­ian coun­ter­part Vladimir Putin and Ger­man leader Angela Merkel and agree on a “medi­um-term strat­e­gy” on how to deal with Syria’s Bashar Al-Assad.

Hol­lande ordered French airstrikes in retal­i­a­tion for the Nov. 13, 2015, ter­ror attacks in Paris, for which the Islam­ic State claimed respon­si­bil­i­ty. The Syr­ia cri­sis has since deep­ened.

There may be some 60 coun­tries in the anti-Syr­ia coali­tion but as long as Rus­sia and Iran were exclud­ed, there was lit­tle chance of suc­cess, Fil­lon argued. The lat­ter is con­sid­ered essen­tial as Teheran is the region­al pow­er.

Putin is “very dif­fi­cult” to deal with but once he reach­es an agree­ment, he keeps it, accord­ing to Fil­lon. “I have nev­er seen him break his word.”

Fil­lon was prime min­is­ter under then-pres­i­dent Nico­las Sarkozy, when Putin was his Russ­ian coun­ter­part.

“France should per­suade Ger­many to set up a Euro­pean army, accord­ing to Fil­lon. Berlin could not rely whol­ly on NATO, as the alliance was unable to meet the threat from the Islam­ic State, he argued.”

Yeah, some­how it doesn’t seem like sell­ing Ger­many on a Euro­pean Army is going to be a tough sell.

3e. Fil­lon is advo­cat­ing a sig­nif­i­cant Euro­pean shift towards Rus­sia, along with a grow­ing num­ber of Euro­pean lead­ers and vot­ers:

“French Elec­tion Hints at a Euro­pean Shift Toward Rus­sia” by Max Fish­er; The New York Times; 11/30/2016.

The vic­to­ry of François Fil­lon in France’s cen­ter-right pres­i­den­tial pri­ma­ry is the lat­est sign that a tec­ton­ic shift is com­ing to the Euro­pean order: toward accom­mo­dat­ing, rather than coun­ter­ing, a resur­gent Rus­sia.

Since the end of World War II, Euro­pean lead­ers have main­tained their ever-grow­ing alliance as a bul­wark against Russ­ian pow­er. Through decades of ups and downs in Russ­ian-Euro­pean rela­tions, in peri­ods of estrange­ment or rec­on­cil­i­a­tion, their bal­ance of pow­er has kept the con­ti­nent sta­ble.

But a grow­ing move­ment with­in Europe that includes Mr. Fil­lon, along with oth­ers of a more pop­ulist bent, is push­ing a new pol­i­cy: instead of stand­ing up to Pres­i­dent Vladimir V. Putin of Rus­sia, stand with him.

Mr. Fil­lon has called for lift­ing sanc­tions on Rus­sia and for part­ner­ing with Moscow in an effort to cur­tail immi­gra­tion and ter­ror­ism. He is friend­ly with Mr. Putin. If poll­sters are right and Mr. Fil­lon wins the French pres­i­den­cy in the spring, he could join sev­er­al ris­ing Euro­pean politi­cians and new­ly elect­ed lead­ers who are like-mind­ed.

Their move­ment, schol­ars stress, is dri­ven by forces far more for­mi­da­ble than any elect­ed leader: the pop­ulist upsurge that is remak­ing the Con­ti­nent and, simul­ta­ne­ous­ly, the imper­son­al but over­whelm­ing pres­sures of inter­na­tion­al pow­er bal­anc­ing.

These changes, along with the impend­ing British with­draw­al from the Euro­pean Union and the elec­tion of Don­ald J. Trump as pres­i­dent of the Unit­ed States, fore­tell a “dra­mat­ic shift” in the half-cen­tu­ry of West­ern uni­ty against Rus­sia, said James Goldgeier, a polit­i­cal sci­en­tist and the dean of Amer­i­can University’s School of Inter­na­tion­al Ser­vice in Wash­ing­ton.

“All the trend lines right now point away from a tough approach to Russ­ian aggres­sion and point toward more accom­mo­da­tion of the Russ­ian notion that they have a priv­i­leged sphere of influ­ence,” he said.

It is unclear how far into Europe that sphere of Russ­ian influ­ence might extend, or the con­se­quences for nations that would come under it after escap­ing Sovi­et dom­i­na­tion only a gen­er­a­tion ago. But those are ques­tions of degree; Mr. Fillon’s pri­ma­ry vic­to­ry sug­gests that the shift has already begun.

A Pro-Putin Pop­ulism

Though Mr. Fil­lon would reverse his country’s hard line on Rus­sia, he would not be the first French leader to reach out to Moscow — Charles de Gaulle, the pres­i­dent from 1959 to 1969, also did this — and could not, on his own, upend Euro­pean uni­ty.

More impor­tant, he would not be alone. Mr. Trump has promised coop­er­a­tion with Rus­sia and threat­ened to dimin­ish the Unit­ed States’ role in NATO. Sev­er­al East Euro­pean coun­tries have elect­ed lead­ers who advo­cate rec­on­cil­ing with Moscow.

In West­ern Europe, pol­i­tics seems poised to move in Mr. Fillon’s direc­tion. Main­stream par­ties, forced to acknowl­edge that they can­not con­tain the far right, are instead work­ing to co-opt it.

Mr. Fil­lon illus­trates this trend well. Unlike the French far right, he wish­es to main­tain his country’s mem­ber­ship in the Euro­pean Union. But, indulging Europe’s pop­ulist wave, he has promised to cur­tail immi­gra­tion sharply, pro­mote con­ser­v­a­tive social val­ues, impose “strict admin­is­tra­tive con­trol” over Islam and bring secu­ri­ty against ter­ror­ism.

Ben­jamin Had­dad, a French ana­lyst at the Hud­son Insti­tute, a con­ser­v­a­tive think tank based in Wash­ing­ton, said that such poli­cies point, in ways that might not be obvi­ous to Amer­i­cans, toward anoth­er agen­da item of the Euro­pean far right: part­ner­ing with Mr. Putin.

“All over Europe, Putin­ism has emerged as an ide­o­log­i­cal alter­na­tive to glob­al­ism, the E.U., etc.,” Mr. Had­dad said, with Mr. Putin seen as “a bul­wark for con­ser­v­a­tive val­ues — a strong­man against gay mar­riage, immi­gra­tion, Islam.”

Mr. Had­dad added, “It’s large­ly a domes­tic phe­nom­e­non, rather than the reflec­tion of a strate­gic debate over the rela­tion­ship with Moscow.”

Mr. Fillon’s warmth toward Mr. Putin is appar­ent­ly heart­felt, and it pre­dat­ed this elec­tion. What changed is French vot­ers, who increas­ing­ly desire hard-line poli­cies and signs of strength that they per­ceive Mr. Putin as rep­re­sent­ing.

Nico­las Sarkozy, Mr. Had­dad point­ed out, won the French pres­i­den­cy in 2007 by run­ning as a prag­mat­ic pro-Amer­i­can con­ser­v­a­tive, but this year he ran as a pro-Russ­ian pop­ulist. While Mr. Sarkozy lost the cen­ter-right pri­ma­ry this month, Mr. Fil­lon car­ried that same mes­sage to suc­cess.

The East­ern and South­ern Fronts

In some ways, Mr. Fil­lon is par­tic­u­lar to France, where nation­al­ist politi­cians since de Gaulle have long assert­ed French inde­pen­dence from the Unit­ed States and Britain by reach­ing out to Rus­sia. But sim­i­lar trends are play­ing out in sev­er­al Euro­pean coun­tries, along their own par­tic­u­lar nation­al lines.

In Ger­many, for instance, cen­ter-left lead­ers are push­ing to aban­don their country’s role in lead­ing Euro­pean efforts to counter Rus­sia. Instead, they advo­cate revert­ing to the Cold War-era pol­i­cy of Ost­poli­tik, in which West Ger­many sought a neu­tral bal­anc­ing role between East and West.

Often, West Euro­pean politi­cians do not see them­selves as explic­it­ly call­ing for align­ing with Moscow, but rather for aban­don­ing the cost­ly mis­sion to counter Russia’s aggres­sion against far­away east­ern states at a moment when they have more imme­di­ate con­cerns.

West Euro­pean lead­ers see them­selves as fight­ing an increas­ing­ly unten­able two-front war: a south­ern front against immi­gra­tion and ter­ror­ism and an east­ern front against Rus­sia.

The east­ern front is large­ly a project of pol­i­cy estab­lish­ments that see it as essen­tial to main­tain­ing Europe’s post­war order. Vot­ers are more skep­ti­cal; a 2015 Pew poll found that slight majori­ties in France, Ger­many and Italy said their coun­tries should not uphold their treaty oblig­a­tion to defend an east­ern NATO ally should it be attacked by Rus­sia.

Vot­ers, par­tic­u­lar­ly those on the right, have long seen south­ern issues — ter­ror­ism and immi­gra­tion — as more impor­tant. Their threats to install far-right gov­ern­ments that would dis­man­tle the Euro­pean project entire­ly are increas­ing­ly cred­i­ble.

4. Trump’s nom­i­nee to be Sec­re­tary of State is Exxon Mobil CEO Rex Tiller­son, who, like the Aus­tri­an Free­dom Paraty (and cor­po­rate Germany/Bormann cap­i­tal net­work) wants the sanc­tions on Rus­sia lift­ed.

“Trump Lines Up Estab­lish­ment Repub­li­cans to Vouch for Tiller­son” by Michael D. Shear; The New York Times; 12/13/2016.

After wag­ing an 18-month assault on the Repub­li­can estab­lish­ment, Pres­i­dent-elect Don­ald J. Trump changed course on Tues­day and enlist­ed the party’s high priests of for­eign pol­i­cy to help him win the con­fir­ma­tion of Rex W. Tiller­son as sec­re­tary of state.

Sev­er­al for­mer Repub­li­can sec­re­taries of defense and state sought to dis­miss bipar­ti­san con­cerns about Mr. Tiller­son, the Exxon Mobil chief exec­u­tive, over his two-decade rela­tion­ship with Pres­i­dent Vladimir V. Putin of Rus­sia. At the cen­ter of the debate are ques­tions about Mr. Tillerson’s vocal oppo­si­tion to Amer­i­can sanc­tions imposed on Rus­sia as he pur­sued oil and gas deals in that coun­try. . . .

. . . . . A series of state­ments fol­lowed from for­mer Vice Pres­i­dent Dick Cheney and for­mer sec­re­taries of state James A. Bak­er III and Con­doleez­za Rice, among oth­ers. In an inter­view, Robert M. Gates, who served as sec­re­tary of defense under Pres­i­dent Oba­ma and Pres­i­dent George W. Bush, strong­ly endorsed Mr. Tiller­son, a long­time friend, call­ing him some­one who “knows the world like the back of his hand.”

Mr. Gates, whose con­sult­ing firm has rep­re­sent­ed Exxon Mobil, said that sen­a­tors con­cerned about Mr. Tillerson’s rela­tion­ship with Mr. Putin are bas­ing their crit­i­cism “on a super­fi­cial watch­ing” of video clips of the Exxon exec­u­tive receiv­ing the Russ­ian Order of Friend­ship in 2013 with Mr. Putin. . . .

5. The Man­ning text high­lights the piv­otal role of the Bor­mann orga­ni­za­tion in Ger­man heavy indus­try and, in turn, the influ­ence of the Her­mann Schmitz trust in the Bor­mann orga­ni­za­tion. ” . . .Vast­ly diver­si­fied, it is said to be the largest land-own­er in South Amer­i­ca, and through stock­hold­ings, con­trols Ger­man heavy indus­try and the trust estab­lished by the late Her­mann Schmitz, for­mer pres­i­dent of I.G. Far­ben, who held as much stock in Stan­dard Oil of New Jer­sey as did the Rock­e­fellers. [Exxon is Stan­dard of New Jer­sey, now merged with Mobil, which is Stan­dard Oil of New York–D.E.] . . .”

Mar­tin Bor­mann: Nazi in Exile; Paul Man­ning; Copy­right 1981 [HC]; Lyle Stu­art Inc.; ISBN 0–8184-0309–8; p. 292.

. . . .The Bor­mann orga­ni­za­tion con­tin­ues to wield enor­mous eco­nom­ic influ­ence. Wealth con­tin­ues to flow into the trea­suries of its cor­po­rate enti­ti­ties in South Amer­i­ca, the Unit­ed States, and Europe. Vast­ly diver­si­fied, it is said to be the largest land-own­er in South Amer­i­ca, and through stock­hold­ings, con­trols Ger­man heavy indus­try and the trust estab­lished by the late Her­mann Schmitz, for­mer pres­i­dent of I.G. Far­ben, who held as much stock in Stan­dard Oil of New Jer­sey as did the Rock­e­fellers. . . .

Discussion

9 comments for “FTR #940 The Trumpenkampfverbande, Part 14: Unsettling In, Part 2 (German Ostpolitik, part 5)”

  1. “Trump kept a copy of this by his bed­side.”

    I bet the pages were stuck togeth­er.

    Posted by Jimmy Olson | January 4, 2017, 6:22 pm
  2. Here’s some­thing that should prob­a­bly be kept in mind now that Don­ald Trump has enthu­si­as­ti­cal­ly called for a new nuclear arms race and also basi­cal­ly told the world that hack­ing is total­ly cool as long as it reveals inter­est­ing info, along with oth­er mem­bers of the GOP, putting a giant Trump-approved bulls­eye on all US gov­ern­ment com­put­er sys­tems through­out his term: The next gen­er­a­tion of nuclear mis­siles are going to be net­worked for the first time ever and the stud­ies for what kind of new dan­gers this presents still need to be done:

    The Atlantic

    Will Amer­i­ca’s Nuclear Weapons Always Be Safe From Hack­ers?

    The future arse­nal will be net­worked, pre­sent­ing unique secu­ri­ty chal­lenges for the U.S. Air Force.

    Patrick Tuck­er
    Dec 30, 2016

    Future nuclear mis­siles may be siloed but, unlike their pre­de­ces­sors, they’ll exhib­it “some lev­el of con­nec­tiv­i­ty to the rest of the warfight­ing sys­tem,” accord­ing to Wern­er J.A. Dahm, the chair of the Air Force Sci­en­tif­ic Advi­so­ry Board. That opens up new poten­tial for nuclear mishaps that, until now, have nev­er been a part of Pen­ta­gon plan­ning. In 2017, the board will under­take a study to see how to meet those con­cerns. “Obvi­ous­ly the Air Force doesn’t con­cep­tu­al­ize sys­tems like that with­out ideas for how they would address those sure­ty con­cerns,” said Dahm.

    It’s no sim­ple or straight-for­ward under­tak­ing. The last time the Unit­ed States designed an inter­con­ti­nen­tal bal­lis­tic mis­sile was 1975. At the end of the Decem­ber, the Air Force Sci­ence Board announced that in 2017 they would explore safe­ty and prac­ti­cal con­cerns of mak­ing a mis­sile for the mod­ern age along with oth­er nuclear weapons that fall under the com­mand of the Air Force.

    “We have a num­ber of nuclear sys­tems that are in need of recap­i­tal­iza­tion,” said Dahm, refer­ring to LRSO, ICBMs and the B‑21 stealth bomber. In the future, he said, “these sys­tems are going to be quite dif­fer­ent from the ones that they may replace. In par­tic­u­lar, they will be much more like all sys­tems today, net­work con­nect­ed. They’ll be cyber enabled.” That con­nec­tiv­i­ty will cre­ate new con­cerns in terms of safe­ty and cer­ti­fi­ca­tion that will almost cer­tain­ly require changes or addi­tions to cur­rent DoD direc­tives.

    The study comes at a crit­i­cal time for the future of U.S. Nuclear Weapons. On Decem­ber 22, Don­ald Trump con­fused and alarmed the world when he tweet­ed that he would both strength­en and expand America’s nuclear weapons capa­bil­i­ty. But there was less new in the announce­ment than might actu­al­ly appear. In fact, the Oba­ma Admin­is­tra­tion was already work­ing to full­fill the “strength­en­ing” part of that same promise, hav­ing already put the Unit­ed States on track to spend more than $1 tril­lion on mod­ern­iza­tion of U.S. nuclear weapons.

    For the Unit­ed States Air Force, the mod­ern­iza­tion list includes replac­ing LGM-30 Min­ute­man with a new inter­con­ti­nen­tal bal­lis­tic mis­sile (also called a ground-based strate­gic deter­rent), devel­op­ing a con­tro­ver­sial nuclear-armed cruise mis­sile called the long-range stand­off weapon, or LRSO, to build­ing and deploy­ing an entire­ly new B‑21 stealth bomber.

    What are “sure­ty con­cerns?” Read that to mean how do you make sure that your fan­cy net­worked nuclear war­fare con­trol sys­tem can’t be hijacked or go off acci­den­tal­ly.

    Before the Unit­ed States can mod­ern­ize its nuclear weapons it must first make cer­tain it under­stands every­thing that can pos­si­bly go wrong. Think back to the clas­sic film (and book) Dr. Strangelove, a sto­ry very much about sure­ty fail­ure. A crazed Air Force gen­er­al sends his B‑52 wing to destroy their tar­gets in the Sovi­et Union. Of course, only the Pres­i­dent is sup­posed to be able to call for a nuclear strike, but an obscure con­tin­gency plan (Wing Attack Plan R) allows a low­er lev­el com­man­der to issue the order in the event that the nor­mal com­mand and con­trol has been dis­rupt­ed.

    The Pen­ta­gon can’t call back the wing because the B‑52s can no longer receive trans­mis­sions unless pre­ced­ed by spe­cif­ic three-let­ter code that only the gen­er­al knows, part of a poor­ly thought-out safe­ty scheme to pro­tect the air­men from false orders. Even after the recall code is issued and most of the plans abort their mis­sions, one con­tin­ues on to a new ter­tiary tar­get, as the plane’s radio has been dam­aged in com­bat. (Some­how, the drafters of Wing Attack Plan R for­got to insert a rule order­ing pilots back to base when their radios are dam­aged, rather than con­tin­ue to tar­get.) The lone B‑52 hits its tar­get and sets in motion the end of the world.

    Sure­ty fail­ure squared.

    Accord­ing to Defense Depart­ment Direc­tive 3150.02, which out­lines the Air Force’s Nuclear Sure­ty Pro­gram. The direc­tive assigns “respon­si­bil­i­ties for DoD Nuclear Weapons Sure­ty for the over­sight of safe­ty, secu­ri­ty, and con­trol of U.S. nuclear weapons and nuclear weapon sys­tems in DoD cus­tody.”

    “We have for­mal Air Force doc­u­ments that detail the for­mal cer­ti­fi­ca­tion process for nuclear weapons. To what extent do the cur­rent mod­els for cer­ti­fy­ing nuclear sys­tems car­ry over into these mod­ern, net­work enabled sys­tems and how would you re-con­cep­tu­al­ize cer­ti­fi­ca­tion for sys­tems that are like­ly to come out of these recap pro­grams?” asked Dahm. The 2017 Air Force Sci­en­tif­ic Advi­so­ry Board study will attempt to answer those ques­tions. The board con­sists of 50 mem­bers that are appoint­ed by the Sec­re­tary of Defense and are drawn from acad­e­mia, indus­try, and else­where. Mem­bers serve for four years.

    The fact that future nuclear weapons will be far more net­worked (though not nec­es­sar­i­ly to the open Inter­net) will cre­ate bet­ter safe­ty and over­sight, and allow for more coor­di­nat­ed oper­a­tions. But more con­nec­tiv­i­ty also intro­duces new poten­tial vul­ner­a­bil­i­ties and dan­gers.

    “You have to be able to cer­ti­fy that an adver­sary can’t take con­trol of that weapon, that the weapon will be able to do what it’s sup­posed to do when you call on it,” said Dahm. “It isn’t just cyber. That’s def­i­nite­ly the biggest piece, but … When was the last time we built a new nuclear sys­tem? Designed and built one? It’s been sev­er­al decades now. We, as an Air Force, haven’t done cer­ti­fi­ca­tion of new nuclear sys­tems in a long time. These sys­tems are dif­fer­ent … What are the sure­ty vul­ner­a­bil­i­ties for such a sys­tem, so to speak? How would you address them? How would you cer­ti­fy that the sys­tem will work when you need it to work and will do what it’s sup­posed to do?”

    ...

    ““You have to be able to cer­ti­fy that an adver­sary can’t take con­trol of that weapon, that the weapon will be able to do what it’s sup­posed to do when you call on it,” said Dahm. “It isn’t just cyber. That’s def­i­nite­ly the biggest piece, but … When was the last time we built a new nuclear sys­tem? Designed and built one? It’s been sev­er­al decades now. We, as an Air Force, haven’t done cer­ti­fi­ca­tion of new nuclear sys­tems in a long time. These sys­tems are dif­fer­ent … What are the sure­ty vul­ner­a­bil­i­ties for such a sys­tem, so to speak? How would you address them? How would you cer­ti­fy that the sys­tem will work when you need it to work and will do what it’s sup­posed to do?””

    Well, let’s hope Trump’s nuclear arms race does­n’t get ahead of the sure­ty stud­ies.

    But also keep in mind that this era of net­worked nuclear weapons is unlike­ly to be lim­it­ed to US nukes for very long. Every nuclear armed nation is going to have to mod­ern­ize their weapons sys­tems and they’re prob­a­bly all going to be going for some sort of net­worked nukes going for­ward for some­thing like a nuclear mis­sile. Maybe not soon, but even­tu­al­ly. And while those mis­sile are almost cer­tain­ly going to be net­worked on pro­tect­ed mil­i­tary net­works that, one hopes, won’t be exposed to the inter­net, it’s not like mil­i­tary net­works aren’t hack­ing tar­gets. Imag­ine a much scari­er ver­sion of Stuxnet.

    And that’s why Trump’s repeat­ed pro­mo­tion of nuclear pro­lif­er­a­tion is so extra dan­ger­ous: the world does­n’t just have to wor­ry about net­worked US nukes get­ting hacked and launched for­ward. Any coun­try with net­worked nukes is going to be a poten­tial hack­ing tar­get. And thanks to Trump, the num­ber of nations with net­worked nukes in the future is only going to grow.

    If you thought “who hacked the DNC?” was a fun mys­tery, get ready for “who hacked [insert nuclear armed coun­try here]‘s nukes?” It’ll be a blast.

    Posted by Pterrafractyl | January 5, 2017, 3:51 pm
  3. It sounds like Trumps has arrived at a like­ly pick for intel­li­gence chief: recent­ly retired GOP Sen­a­tor — and ambas­sador to Ger­many from 2001–2005 — Dan Coats:

    Politi­co

    Trump to tap ex-Sen. Dan Coats as intel­li­gence chief

    If the Sen­ate con­firms Coats, the recent­ly retired law­mak­er will be tasked with lead­ing an intel­li­gence com­mu­ni­ty the incom­ing pres­i­dent has crit­i­cized and vowed to reform.

    By Eric Geller and Cory Ben­nett

    01/05/17 04:59 PM EST Updat­ed

    Pres­i­dent-elect Don­ald Trump will pick for­mer Indi­ana Sen. Dan Coats to be his direc­tor of nation­al intel­li­gence, a Trump tran­si­tion source con­firmed on Thurs­day.

    If the Sen­ate con­firms Coats, the recent­ly retired law­mak­er will be tasked with lead­ing an intel­li­gence com­mu­ni­ty the incom­ing pres­i­dent has crit­i­cized and vowed to reform.

    Coats — who served on the Intel­li­gence and Armed Ser­vices com­mit­tees while in the upper cham­ber — reemerged in recent days as the lead­ing can­di­date to become Trump’s intel­li­gence chief, with sev­er­al news out­lets report­ing he was the expect­ed choice. He would enter the job at the cen­ter of a spat between Trump and the government’s intel­li­gence com­mu­ni­ty over Russia’s alleged hack­ing of the recent U.S. elec­tion.

    The next com­man­der in chief has repeat­ed­ly refused to accept intel­li­gence agen­cies’ con­clu­sion that senior Moscow offi­cials direct­ed the dig­i­tal cam­paign, poten­tial­ly in an attempt to boost Trump’s chances at the White House and under­mine the can­di­da­cy of Hillary Clin­ton. Trump believes intel­li­gence per­son­nel have become politi­cized and are push­ing a false nar­ra­tive to try and under­mine his future admin­is­tra­tion.

    Accord­ing to a recent Wall Street Jour­nal report, Trump and his top advis­ers are work­ing on a plan to scale down the Office of the Direc­tor of Nation­al Intel­li­gence. The sto­ry fol­lows a Novem­ber Inter­cept report that Trump’s team was dis­cussing whether to “dis­man­tle” the office alto­geth­er.

    Cur­rent Direc­tor of Nation­al Intel­li­gence James Clap­per on Thurs­day said his staff had not talked to Trump’s team about such a large-scale rearrange­ment — or all-out axing — of his office. ODNI over­sees intel­li­gence col­lec­tion and analy­sis activ­i­ties at the FBI, NSA, CIA and 13 oth­er agen­cies in the intel­li­gence com­mu­ni­ty.

    Sean Spicer, the incom­ing White House press sec­re­tary, has tried to down­play the reports, call­ing them “false.”

    “All tran­si­tion activ­i­ties are for infor­ma­tion-gath­er­ing pur­pos­es, and all dis­cus­sions are ten­ta­tive,” he said on Thurs­day.

    In addi­tion to his time on the Armed Ser­vices and Intel­li­gence com­mit­tees, Coats served as the U.S. ambas­sador to Ger­many from 2001 to 2005. The term came between two stints in the Sen­ate — from 1989 to 1999, and 2011 to 2017.

    For­mer col­leagues in the upper cham­ber cit­ed Coats’ time as an ambas­sador as one of sev­er­al rea­sons the retired sen­a­tor was qual­i­fied to head ODNI.

    Sen­ate Armed Ser­vices Chair­man John McCain (R‑Ariz.) called Coats a “great” choice, echo­ing remarks from oth­er nation­al secu­ri­ty-focused Repub­li­cans, includ­ing Sen­ate Intel­li­gence Com­mit­tee Chair­man Richard Burr of North Car­oli­na.

    “He’s one of my favorite peo­ple,” McCain told POLITICO on Thurs­day. “I think he’s so well-qual­i­fied.”

    McCain has been a staunch defend­er of the spy world amid Trump’s dis­parag­ing remarks. At an Armed Ser­vices Com­mit­tee hear­ing Thurs­day, McCain told Clap­per that he trust­ed the major intel­li­gence agen­cies to faith­ful­ly exe­cute a report on Russia’s elec­tion-sea­son hack­ing that will be made pub­lic ear­ly next week.

    After the hear­ing, McCain told POLITICO that Coats would “do what he believes is right” when it comes to ODNI reform.

    “He stood up to the Bush admin­is­tra­tion when he was ambas­sador to Ger­many,” McCain added. “He has a record.”

    ...

    Coats’ posi­tions on ODNI reform are not imme­di­ate­ly appar­ent from his time as a pub­lic ser­vant, although he has recent­ly sided with intel­li­gence advo­cates on a num­ber of con­tro­ver­sial items.

    In 2015, Coats sup­port­ed a land­mark cyber bill that expand­ed cyberthreat data-shar­ing between the gov­ern­ment and the pri­vate sec­tor. But civ­il lib­er­ties groups and pri­va­cy-mind­ed law­mak­ers loathed the mea­sure, argu­ing it would give the government’s spy­ing wing unfet­tered access to more of Amer­i­cans’ per­son­al data.

    That same year, Coats vot­ed against axing the NSA’s con­tro­ver­sial bulk-phone-records col­lec­tion pro­gram, a pro­vi­sion includ­ed in a sur­veil­lance reform bill — the USA Free­dom Act.

    Also in 2015, Coats spon­sored an amend­ment that would ele­vate the role of the government’s coun­ter­in­tel­li­gence office, which tries to fer­ret out insid­er threats — essen­tial­ly peo­ple like NSA leak­er Edward Snow­den. The office also tracks for­eign spies oper­at­ing in the U.S.

    “In the wake of the Snow­den leaks, it is more impor­tant than ever for the White House, the direc­tor of nation­al intel­li­gence and the Sen­ate Intel­li­gence Com­mit­tee to work togeth­er to strength­en our coun­ter­in­tel­li­gence prac­tices,” he said at the time. “With Rus­sia try­ing to res­ur­rect the Cold War and Chi­na grow­ing more brazen, a mis­take of this mag­ni­tude can­not be repeat­ed.”

    Coats has a tense rela­tion­ship with Rus­sia, whose ties with the U.S. have dete­ri­o­rat­ed over Moscow’s mil­i­tary aggres­sion in Ukraine, the Syr­i­an civ­il war and failed joint airstrikes against the Islam­ic State, not to men­tion the recent round of appar­ent cyber­at­tacks on the U.S. elec­tion.

    Coats is one of sev­er­al law­mak­ers banned from vis­it­ing Rus­sia as part of Moscow’s retal­i­a­tion for 2014 U.S. sanc­tions.

    “Accord­ing to a recent Wall Street Jour­nal report, Trump and his top advis­ers are work­ing on a plan to scale down the Office of the Direc­tor of Nation­al Intel­li­gence. The sto­ry fol­lows a Novem­ber Inter­cept report that Trump’s team was dis­cussing whether to “dis­man­tle” the office alto­geth­er.”

    So Coats, a strong backer of the intel­li­gence com­mu­ni­ty, just might head of the ODNI...or maybe dis­man­tle it. But if Coats does scale back or dis­man­tle the ODNI and this extends to a larg­er overhaul/scaling back of the US intel­li­gence com­mu­ni­ty, don’t assume that those intel­li­gence oper­a­tions are going to go away. After all, this is the age of hyper-pri­va­tized intel­li­gence. And as Jeff Sharlet — who has done more than any­one else in doc­u­ment­ing and expos­ing the pow­er of the cryp­to-fas­cist Chris­t­ian Domin­ion­ist net­work in DC known as “The Fam­i­ly” — remind­ed us on his Face­book page fol­low­ing the reports of Trump tap­ping Coats, if there’s one thing Coats loves to do, it’s pri­va­tize gov­ern­ment ser­vices. In par­tic­u­lar, pri­va­tize them and hand them over to reli­gious insti­tu­tions. Yep, he’s a mem­ber of “The Fam­i­ly” too.

    So if we do see a big new dri­ve to fur­ther pri­va­tize the US intel­li­gence com­mu­ni­ty, those pri­vate con­trac­tors bid­ding for those con­tracts should prob­a­bly find reli­gion soon. Very overt reli­gion:

    Face­book

    Jeff Sharlet

    Fri­day Jan­u­ary 6, 2017, at 1:01 PM

    I’d almost for­got­ten the time Dan Coats, Trump’s pick for Nation­al Intel­li­gence Direc­tor — the man to whom 16 intel­li­gence agen­cies report — called me an “ene­my of Jesus.”

    Well, I did­n’t hear him do it, but the source seemed sol­id. It was, I think, 2004, and I’d been invit­ed to speak at the Uni­ver­si­ty of Pots­dam, near Berlin, in a series spon­sored by the U.S. embassy. My sub­ject was “the Fam­i­ly,” the secre­tive fun­da­men­tal­ist orga­ni­za­tion of which Coats, unbe­knownst to me at the time, is a mem­ber. When I arrived, my Ger­man host told me there’d been a lit­tle prob­lem: the ambas­sador — Dan Coats — had blocked fund­ing for my talk. “He said,” my host said, in thick­ly accent­ed Eng­lish, “you are an ‘ene­my of Jesus.’ ”

    My host was one of those dead­pan Ger­mans. He did­n’t smile. I said, “You’re jok­ing.”

    “Yes,” he said, still unsmil­ing, “that is what I thought, too.” Appar­ent­ly, the Ger­mans had gone back and forth a cou­ple of times with the embassy, unable to believe this was seri­ous. And appar­ent­ly the embassy per­son­nel were plen­ty embar­rassed about it, too. But that was Coats’ rul­ing, so it stuck. For­tu­nate­ly for me, the uni­ver­si­ty picked up my tab.

    Lat­er I’d learn from the late David Kuo, a Bush offi­cial who’d also been a Fam­i­ly mem­ber, though ambiva­lent enough about it in his last years to be rel­a­tive­ly open with me, that one of Coats’ Fam­i­ly ini­tia­tives, in col­lab­o­ra­tion with then Sen­a­tor John Ashcroft — also a Fam­i­ly mem­ber, his entire career shaped by his affil­i­a­tion — had been to insert the idea of “char­i­ta­ble choice” into the 1996 Wel­fare Reform Act, as I wrote in my 2008 book THE FAMILY,

    “allow­ing reli­gious groups to win gov­ern­ment fund­ing with­out sep­a­rat­ing out their reli­gious agenda—into the 1996 wel­fare-reform bill. The the­o­ry behind faith-based ini­tia­tives grew out of the work of schol­ars and the­olo­gians schooled in tra­di­tions that could hard­ly be con­sid­ered fun­da­men­tal­ist, or even con­ser­v­a­tive. But its imple­men­ta­tion was in many sens­es the log­i­cal result of the Family’s decades of min­istry to Washington’s elite com­bined with the increas­ing­ly estab­lished pow­er of pop­ulist fun­da­men­tal­ism: a mix of sophis­ti­cat­ed pol­i­cy maneu­vers and the kind of sen­ti­men­tal­ism that blind­ed many sup­port­ers to the fact that faith-based ini­tia­tives, no mat­ter how well intend­ed, are noth­ing less than “the pri­va­ti­za­tion of wel­fare,” as the faith-based the­o­rist Mar­vin Olasky put it in a 1996 report com­mis­sioned by then-Gov­er­nor Bush. Such an out­come sat­is­fied elite fun­da­men­tal- ism’s long-stand­ing belief in the rela­tion­ship between lais­sez-faire eco­nom­ics and God’s invis­i­ble, inter­ven­tion­ist hand, and pop­ulist fundamentalism’s desire for pub­lic expres­sions of faith, prefer­ably heart­warm­ing ones. The goal, Sen­a­tor Coats declared, was the ‘trans­fer of resources and author­i­ty . . . to those pri­vate and reli­gious insti­tu­tions that shape, direct, and reclaim indi­vid­ual lives.’ ”

    That’s right — the man run­ning the entire U.S. intel­li­gence appa­ra­tus, work­ing in con­cert with the new fun­da­men­tal­ist direc­tor of the CIA, Mike Pom­peo, and the lunatic Islam­o­phobe Gen. Mike Fly­nn, believes in the “trans­fer of resources and author­i­ty” to pri­vate reli­gious insti­tu­tions.

    Like, for instance, the Fam­i­ly? Pre­sid­ing over the 1987 Nation­al Prayer Break­fast, the strange annu­al rit­u­al cre­at­ed by the Fam­i­ly to “con­se­crate” the nation to Jesus (and attend­ed by the pres­i­dent, much of con­gress, and numer­ous heads of state), Coats declared “This is just the vis­i­ble part of the prayer break­fast move­ment.” He seemed to think it a point of pride that an event of such civic impor­tance was most­ly, as the behind-the-scenes leader of the move­ment puts it, “invis­i­ble.”

    Of course, I’m sure Coats, a long­time extreme cul­ture war­rior, sup­ports many oth­er reli­gious orga­ni­za­tions, too. Don’t wor­ry — he’ll spread the “resources and author­i­ty” around.

    It’s impor­tant to note, when one con­sid­ers men such as Coats and orga­ni­za­tions such as the Fam­i­ly, that this is not a con­spir­a­cy. They’re not break­ing the law. They’re mak­ing the law. It is, as Coats says, “a move­ment.” One sec­u­lar­ists and lib­er­als have long ignored, mis­un­der­stood, or scoffed at. Now, under per­haps the most per­son­al­ly impi­ous pres­i­dent since Eisen­how­er, it’s com­ing ful­ly into its own.

    But here’s the bright side. Our new Nation­al Intel­li­gence Direc­tor may have big plans, but it’s very pos­si­ble that he won’t be ter­ri­bly effec­tive at exe­cut­ing them. This is, after all, a man who con­sid­ered Dan Quayle as his men­tor. I’ve been told that Quayle, in turn, thought of Coats as very promis­ing, but — how to say? — some­times a lit­tle slow on the uptake.

    “That’s right — the man run­ning the entire U.S. intel­li­gence appa­ra­tus, work­ing in con­cert with the new fun­da­men­tal­ist direc­tor of the CIA, Mike Pom­peo, and the lunatic Islam­o­phobe Gen. Mike Fly­nn, believes in the “trans­fer of resources and author­i­ty” to pri­vate reli­gious insti­tu­tions.”

    Well, that’s omi­nous. It might be a good time to start pray­ing. Hard.

    Posted by Pterrafractyl | January 6, 2017, 3:45 pm
  4. The joint CIA/FBI/NSA declas­si­fied ver­sion of the Intel­li­gence Report on Russ­ian hack­ing came out. Giv­en the vague­ness and lack of details in the report it’s hard to con­clude much from the declas­si­fied report except that that the evi­dence for Russ­ian hack­ing must be clas­si­fied:

    Slate

    The Declas­si­fied Intel­li­gence Report on Russ­ian Hack­ing Tells Us Very Lit­tle We Don’t Already Know

    By Ben Math­is-Lil­ley
    Jan. 6 2017 5:13 PM

    On Thurs­day, Direc­tor of Nation­al Intel­li­gence James Clap­per told the Sen­ate Armed Ser­vices Com­mit­tee that an unclas­si­fied ver­sion of a joint “intel­li­gence com­mu­ni­ty” report about Russ­ian hack­ing would be released next week. Said report was in fact post­ed online this after­noon, and after read­ing it, the “Fri­day news dump” tim­ing makes sense: The top-line take­aways in the doc­u­ment are most­ly con­clu­sions that have already been leaked or dis­cussed pub­licly by fig­ures such as Clap­per him­self. More­over, since the release is an unclas­si­fied ver­sion of a report that pre­sum­ably involves mate­r­i­al obtained through intel­li­gence-gath­er­ing oper­a­tions that are still active, no infor­ma­tion about the “sources and meth­ods” sup­port­ing its con­clu­sions is includ­ed.

    To sum­ma­rize, the report says that the CIA, FBI, and Nation­al Secu­ri­ty Agency believe that Russ­ian hackers—directed ulti­mate­ly by Vladimir Putin—hacked email accounts belong­ing to the Demo­c­ra­t­ic Nation­al Com­mit­tee and to Clin­ton cam­paign chair­man John Podes­ta and then passed the mate­r­i­al they obtained on to Wik­iLeaks through a third par­ty. This was done, the report asserts, because the Rus­sians believed that Don­ald Trump would be friend­lier to their coun­try’s inter­ests, as pres­i­dent, than Hillary Clin­ton. And ... that’s about it. Not count­ing intro pages or appen­dices, the report is five pages long and does not include any descrip­tion of the actu­al evi­dence that Russ­ian actors were respon­si­ble for the DNC/Podesta hacks (an asser­tion that’s sup­port­ed by pub­licly avail­able evi­dence ana­lyzed by third par­ties) or the asser­tion that Putin ulti­mate­ly direct­ed the release of hacked mate­r­i­al in order to help elect Don­ald Trump (an asser­tion that’s hard­er to ver­i­fy inde­pen­dent­ly).

    The report’s final para­graph does involve what I believe is a new, omi­nous tid­bit about ongo­ing hack attempts:

    Imme­di­ate­ly after Elec­tion Day, we assess Russ­ian intel­li­gence began a spearphish­ing cam­paign tar­get­ing US Gov­ern­ment employ­ees and indi­vid­u­als asso­ci­at­ed with US think tanks and NGOs in nation­al secu­ri­ty, defense, and for­eign pol­i­cy fields. This cam­paign could pro­vide mate­r­i­al for future influ­ence efforts as well as for­eign intel­li­gence col­lec­tion on the incom­ing administration’s goals and plans.

    In oth­er words: More fun times ahead!

    “To sum­ma­rize, the report says that the CIA, FBI, and Nation­al Secu­ri­ty Agency believe that Russ­ian hackers—directed ulti­mate­ly by Vladimir Putin—hacked email accounts belong­ing to the Demo­c­ra­t­ic Nation­al Com­mit­tee and to Clin­ton cam­paign chair­man John Podes­ta and then passed the mate­r­i­al they obtained on to Wik­iLeaks through a third par­ty. This was done, the report asserts, because the Rus­sians believed that Don­ald Trump would be friend­lier to their coun­try’s inter­ests, as pres­i­dent, than Hillary Clin­ton. And ... that’s about it. Not count­ing intro pages or appen­dices, the report is five pages long and does not include any descrip­tion of the actu­al evi­dence that Russ­ian actors were respon­si­ble for the DNC/Podesta hacks (an asser­tion that’s sup­port­ed by pub­licly avail­able evi­dence ana­lyzed by third par­ties) or the asser­tion that Putin ulti­mate­ly direct­ed the release of hacked mate­r­i­al in order to help elect Don­ald Trump (an asser­tion that’s hard­er to ver­i­fy inde­pen­dent­ly).”

    Five papers of no evi­dence. It’s not exact­ly a slam dunk case. And when you read that the charge that Russ­ian gov­ern­ment actors were respon­si­ble for the DNC/Podesta hacks is

    ...an asser­tion that’s sup­port­ed by pub­licly avail­able evi­dence ana­lyzed by third par­ties
    ...

    keep in mind that there real­ly is evi­dence that the Podes­ta spearphish­ing cam­paign was part of a much broad­er attack against the DNC. But that evi­dence is, like so much evi­dence in this case, based on the inex­plic­a­ble and mas­sive secu­ri­ty mis­take made by the hack­ers when they left their Bit­ly pro­file used to exe­cute their spearphis­ph­ing attack open to the pub­lic so every in the world could see that these hack­ers set up spe­cial spearphish­ing attacks against a large num­ber of Demo­c­ra­t­ic offi­cials. One of many inex­plic­a­ble and mas­sive secu­ri­ty mis­takes that these Russ­ian hack­ers made.

    It should also prob­a­bly be not­ed that while this report is signed off by the CIA, NSA, and FBI, the FBI nev­er actu­al­ly exam­ined the DNC’s hacked serv­er. Instead, accord­ing to the DNC, the FBI nev­er even asked for access to the DNC’s servers that and job was out­sourced to Crowd­strike:

    Buz­zFeed

    The FBI Nev­er Asked For Access To Hacked Com­put­er Servers

    The Demo­c­ra­t­ic Nation­al Com­mit­tee tells Buz­zFeed News that the bureau “nev­er request­ed access” to the servers the White House and intel­li­gence com­mu­ni­ty say were hacked by Rus­sia.

    Ali Watkins
    Buz­zFeed News Reporter
    post­ed on Jan. 4, 2017, at 5:13 p.m.

    WASHINGTON — The FBI did not exam­ine the servers of the Demo­c­ra­t­ic Nation­al Com­mit­tee before issu­ing a report attribut­ing the sweep­ing cyber­in­tru­sion to Rus­sia-backed hack­ers, Buz­zFeed News has learned.

    Six months after the FBI first said it was inves­ti­gat­ing the hack of the Demo­c­ra­t­ic Nation­al Committee’s com­put­er net­work, the bureau has still not request­ed access to the hacked servers, a DNC spokesman said. No US gov­ern­ment enti­ty has run an inde­pen­dent foren­sic analy­sis on the sys­tem, one US intel­li­gence offi­cial told Buz­zFeed News.

    “The DNC had sev­er­al meet­ings with rep­re­sen­ta­tives of the FBI’s Cyber Divi­sion and its Wash­ing­ton (DC) Field Office, the Depart­ment of Justice’s Nation­al Secu­ri­ty Divi­sion, and U.S. Attorney’s Offices, and it respond­ed to a vari­ety of requests for coop­er­a­tion, but the FBI nev­er request­ed access to the DNC’s com­put­er servers,” Eric Walk­er, the DNC’s deputy com­mu­ni­ca­tions direc­tor, told Buz­zFeed News in an email.

    The FBI has instead relied on com­put­er foren­sics from a third-par­ty tech secu­ri­ty com­pa­ny, Crowd­Strike, which first deter­mined in May of last year that the DNC’s servers had been infil­trat­ed by Rus­sia-linked hack­ers, the U.S. intel­li­gence offi­cial told Buz­zFeed News.

    “Crowd­Strike is pret­ty good. There’s no rea­son to believe that any­thing that they have con­clud­ed is not accu­rate,” the intel­li­gence offi­cial said, adding they were con­fi­dent Rus­sia was behind the wide­spread hacks.

    The FBI declined to com­ment.

    “Begin­ning at the time the intru­sion was dis­cov­ered by the DNC, the DNC coop­er­at­ed ful­ly with the FBI and its inves­ti­ga­tion, pro­vid­ing access to all of the infor­ma­tion uncov­ered by Crowd­Strike — with­out any lim­its,” said Walk­er, whose emails were stolen and sub­se­quent­ly dis­trib­uted through­out the cyber­at­tack.

    It’s unclear why the FBI didn’t request access to the DNC servers, and whether it’s com­mon prac­tice when the bureau inves­ti­gates the cyber­at­tacks against pri­vate enti­ties by state actors, like when the Sony Cor­po­ra­tion was hacked by North Korea in 2014.

    Buz­zFeed News spoke to three cyber­se­cu­ri­ty com­pa­nies who have worked on major breach­es in the last 15 months, who said that it was “par for the course” for the FBI to do their own foren­sic research into the hacks. None want­ed to com­ment on the record on anoth­er cyber­se­cu­ri­ty company’s work, or the work being done by a nation­al secu­ri­ty agency.

    ...

    In a 13-page report made pub­lic the last week of Decem­ber, the FBI and the Depart­ment of Home­land Secu­ri­ty con­firmed in a joint analy­sis that Rus­sia was behind the wide­spread hacks, which tar­get­ed Democ­rats with the inten­tion to manip­u­late the US elec­tion. But the analy­sis was attrib­uted to broad intel­li­gence across both pub­lic and pri­vate sec­tors. Nowhere in the report does it say that the gov­ern­ment con­duct­ed its own com­put­er foren­sics on the DNC servers.

    “Pub­lic attri­bu­tion of these activ­i­ties to [Russ­ian Intel­li­gence Ser­vices] is sup­port­ed by tech­ni­cal indi­ca­tors from the U.S. Intel­li­gence Com­mu­ni­ty, DHS, FBI, the pri­vate sec­tor, and oth­er enti­ties,” the report says.

    ...

    “Six months after the FBI first said it was inves­ti­gat­ing the hack of the Demo­c­ra­t­ic Nation­al Committee’s com­put­er net­work, the bureau has still not request­ed access to the hacked servers, a DNC spokesman said. No US gov­ern­ment enti­ty has run an inde­pen­dent foren­sic analy­sis on the sys­tem, one US intel­li­gence offi­cial told Buz­zFeed News.

    Keep in mind that, since the NSA signed off on the joint report just released, it’s pos­si­ble that access to the DNC serv­er effec­tive­ly was­n’t nec­es­sary to trace when the attack hap­pened and who did it (“who” as in which com­put­er the attack orig­i­nat­ed from). Still, since the pub­lic state­ments about the evi­dence have always fol­lowed the log­ic of ‘the meth­ods used by the hack­ers are sim­i­lar to those meth­ods the Russ­ian gov­ern­men­t’s hack­ers are known to use’, exam­in­ing the serv­er itself seems like the pri­ma­ry way to col­lect that evi­dence of the meth­ods used. And note the state­ment from the US intel­li­gence offi­cial that it’s not just the FBI who has­n’t exam­ined the servers: no US gov­ern­ment enti­ty has run an inde­pen­dent foren­sic analy­sis on the sys­tem.

    So, yeah, it’s all rather odd. And then it got odd­er:

    Buz­zFeed

    The FBI Now Says Democ­rats Were Behind Hack Inves­ti­ga­tion Delay

    The Demo­c­ra­t­ic Nation­al Com­mit­tee refused to give FBI inves­ti­ga­tors access to their hacked servers, accord­ing to an FBI state­ment, a con­clu­sion the pres­i­dent-elect was quick to embrace.

    Ali Watkins
    Buz­zFeed News Reporter
    post­ed on Jan. 5, 2017, at 7:11 p.m.

    WASHINGTON — The FBI struck back at the Demo­c­ra­t­ic Nation­al Com­mit­tee on Thurs­day, accus­ing it of deny­ing fed­er­al inves­ti­ga­tors access to its com­put­er sys­tems and ham­string­ing its inves­ti­ga­tion into the infil­tra­tion of DNC servers by Rus­sia-backed hack­ers.

    “The FBI repeat­ed­ly stressed to DNC offi­cials the neces­si­ty of obtain­ing direct access to servers and data, only to be rebuffed until well after the ini­tial com­pro­mise had been mit­i­gat­ed. This left the FBI no choice but to rely upon a third par­ty for infor­ma­tion,” a senior law enforce­ment offi­cial told Buz­zFeed News in a state­ment. “These actions caused sig­nif­i­cant delays and inhib­it­ed the FBI from address­ing the intru­sion ear­li­er.”

    The DNC said the FBI had nev­er asked for access to their hacked servers, Buz­zFeed News report­ed on Wednes­day.

    A DNC source famil­iar with the inves­ti­ga­tion tried to down­play that report on Thurs­day, hours before the FBI state­ment was issued. The fact that the FBI didn’t have direct access to the servers was not “sig­nif­i­cant,” the source said.

    “I just don’t think that that’s real­ly mate­r­i­al or an impor­tant thing,” the source con­tin­ued. “They had what they need­ed. There are always haters out here.”

    The DNC source also brushed off the idea that it was the DNC that refused to let FBI access the serv­er. When Buz­zFeed News attempt­ed to reach the offi­cial after the FBI state­ment came out, he declined to com­ment.

    The war­ring state­ments are the lat­est twists in an extra­or­di­nary stand­off between the Democ­rats and fed­er­al inves­ti­ga­tors that reached a fever pitch over the bureau’s probe into Demo­c­ra­t­ic nom­i­nee Hillary Clinton’s pri­vate email serv­er. That inves­ti­ga­tion saw FBI Direc­tor James Comey break long-stand­ing tra­di­tion against poten­tial­ly influ­enc­ing elec­tions, issu­ing a pub­lic let­ter to Con­gress 10 days before the elec­tion announc­ing poten­tial new evi­dence in the case. The review end­ed with the FBI main­tain­ing its v Julyonclu­sion that Clin­ton should not face crim­i­nal charges, a fact that was declared only two days before polls opened. The tim­ing fueled spec­u­la­tion over Clinton’s poten­tial wrong­do­ing and tipped the scales in Trump’s favor, Democ­rats say.

    The FBI announced it was inves­ti­gat­ing the hack of the DNC’s servers in July, after a third-par­ty com­put­er secu­ri­ty firm, Crowd­strike, said it had evi­dence of Krem­lin-backed hack­ers infil­trat­ing its sys­tem. That hack — which fed­er­al offi­cials have for­mal­ly attrib­uted to Russ­ian hack­ers cleared by senior Russ­ian offi­cials — and sub­se­quent release of stolen emails was part of a broad­er effort by Rus­sia to influ­ence the US elec­tion and push Don­ald Trump into the White House, accord­ing to FBI and CIA analy­sis.

    ...

    A US intel­li­gence offi­cial, request­ing anonymi­ty to dis­cuss the inves­ti­ga­tion, said that because the FBI did not have access to the DNC servers, inves­ti­ga­tors had been forced to rely on com­put­er foren­sics from the Crowd­strike analy­sis. Crowd­strike was orig­i­nal­ly hired by the DNC to inves­ti­gate the hacks in the spring of 2016.

    In a state­ment sent to Buz­zFeed News Wednes­day, the DNC said it coop­er­at­ed ful­ly with the FBI inves­ti­ga­tion and shared all of the Crowd­strike infor­ma­tion with the FBI.

    The DNC declined to com­ment on the FBI’s state­ment.

    The FBI and the Depart­ment of Home­land Secu­ri­ty, in a report released in the last week of Decem­ber, pub­licly accused Rus­sia of being behind the sweep­ing cyber­at­tacks. The White House sub­se­quent­ly expelled 35 Russ­ian diplo­mats from the US, issued sanc­tions against Russ­ian intel­li­gence offi­cials, and cut off access to two Russ­ian diplo­mat­ic facil­i­ties in the US.

    A sep­a­rate report on the wide­spread Russ­ian influ­ence oper­a­tion, com­piled by the Direc­tor of Nation­al Intel­li­gence, was briefed to the White House on Thurs­day. A declas­si­fied ver­sion is expect­ed to be pub­licly released on Mon­day.

    ““The FBI repeat­ed­ly stressed to DNC offi­cials the neces­si­ty of obtain­ing direct access to servers and data, only to be rebuffed until well after the ini­tial com­pro­mise had been mit­i­gat­ed. This left the FBI no choice but to rely upon a third par­ty for infor­ma­tion,” a senior law enforce­ment offi­cial told Buz­zFeed News in a state­ment. “These actions caused sig­nif­i­cant delays and inhib­it­ed the FBI from address­ing the intru­sion ear­li­er.””

    Yeah, that’s odd­er. But note the ambi­gu­i­ty in the FBI’s state­ment. It’s not say­ing that the DNC rebuffed the FBI for­ev­er. It said the DNC rebuffed the FBI “until well after the ini­tial com­pro­mise had been mit­i­gat­ed”. And the ini­tial com­pro­mised was pre­sum­ably “mit­i­gat­ed” by May of 2016 since that’s as far as the leaked emails go up to. So has the FBI, or any oth­er gov­ern­ment agency, request­ed access to the DNC servers after that point? How about since the elec­tion? If that request has­n’t even been made that will only add to the odd­ness of it all. Espe­cial­ly since the DNC respond­ed to the FBI’s counter-asser­tion by reassert­ing that it’s giv­ing the FBI full access to what­ev­er it request­ed, and if there’s a prob­lem with the FBI get­ting access to that serv­er, it’s a prob­lem between the FBI and Crowd­strike:

    Buz­zFeed

    DNC: That Fight With FBI Over Hacked Servers Was All A Mis­un­der­stand­ing

    Demo­c­ra­t­ic Par­ty offi­cials say the pub­lic spat over their hacked servers was a mis­com­mu­ni­ca­tion.
    post­ed on Jan. 6, 2017, at 6:39 p.m.

    Ali Watkins
    Buz­zFeed News Reporter

    WASHINGTON — The Demo­c­ra­t­ic Nation­al Com­mit­tee down­played its pub­lic spat with the FBI on Fri­day over why fed­er­al inves­ti­ga­tors did not inde­pen­dent­ly exam­ine their servers breached by Russ­ian cyber­spies, say­ing it was a mis­un­der­stand­ing that didn’t have any­thing to do with lin­ger­ing polit­i­cal ten­sions between the two.

    “There’s no fight between the Bureau and the DNC,” a high-lev­el DNC offi­cial told Buz­zFeed News, request­ing anonymi­ty to dis­cuss the inves­ti­ga­tion. “I don’t know how this has hap­pened, I don’t know where this is com­ing from.”

    The FBI announced in July it was inves­ti­gat­ing a sweep­ing cyber­at­tack against the DNC, lat­er attrib­uted to Rus­sia-backed hack­ers. That intru­sion, and sub­se­quent release of stolen DNC emails, was part of a broad­er Krem­lin-direct­ed effort to under­mine the US elec­tion, smear­ing Democ­rats and bol­ster­ing Don­ald Trump, accord­ing to an intel­li­gence assess­ment released Fri­day.

    The FBI’s inves­ti­ga­tion of the hack, launched in July, came under sharp scruti­ny Wednes­day after Buz­zFeed News revealed that the FBI had nev­er had direct access to the committee’s hacked servers, and that no US Gov­ern­ment enti­ty had yet run an inde­pen­dent foren­sic analy­sis on the sys­tem. Instead, fed­er­al inves­ti­ga­tors had relied on com­put­er foren­sics from a third-par­ty DNC con­trac­tor, Crowd­strike.

    “How and why are they so sure about hack­ing if they nev­er even request­ed an exam­i­na­tion of the com­put­er servers?” Pres­i­dent-elect Don­ald Trump tweet­ed on Thurs­day about the scan­dal. “What is going on?”

    A spokesman for the DNC did not respond when asked what had led to the com­mu­ni­ca­tions break­down between their orga­ni­za­tion and the FBI by Fri­day night. The FBI did not respond to a request for com­ment.

    The DNC said Wednes­day that the FBI had nev­er asked for access to the servers. On Thurs­day, in a stun­ning coun­ter­punch, the FBI said it had not only asked, but had con­sis­tent­ly and repeat­ed­ly been denied access by DNC offi­cials, who the bureau said had “inhib­it­ed” the inves­ti­ga­tion.

    It was a star­tling twist in a tense sto­ry­line that’s emerged between the DNC and the FBI, who top Democ­rats say tor­pe­doed Hillary Clinton’s pres­i­den­tial prospects by mis­han­dling its whol­ly sep­a­rate inves­ti­ga­tion into the Demo­c­ra­t­ic pres­i­den­tial nominee’s use of a pri­vate email serv­er while she was Sec­re­tary of State.

    The FBI had pre­vi­ous­ly told law­mak­ers on the Hill that the DNC had not allowed fed­er­al inves­ti­ga­tors to access their servers. After Buz­zFeed News report­ed on Wednes­day that the DNC claimed FBI agents had nev­er asked for the servers, con­gres­sion­al offi­cials pres­sured the FBI for answers. A senior law enforce­ment offi­cial issued a pub­lic state­ment on the mat­ter Thurs­day night.

    “Some­one is lying their ass off,” a US intel­li­gence offi­cial said of the war­ring state­ments.

    But offi­cials with the DNC still assert they’ve “coop­er­at­ed with the FBI 150%.”

    “They’ve had access to any­thing they want. Any­thing that they desire. Any­thing they’ve asked, we’ve coop­er­at­ed,” the DNC offi­cial said. “If any­body con­tra­dicts that it’s between Crowd­strike and the FBI.”

    DNC offi­cials planned to reach out to the FBI Fri­day to try and clar­i­fy both insti­tu­tions’ posi­tions, the offi­cial said.

    With­out direct access to the com­put­er net­work, anoth­er US intel­li­gence offi­cial told Buz­zFeed, fed­er­al inves­ti­ga­tors had been forced to rely on the find­ings of the pri­vate cyber­se­cu­ri­ty firm Crowd­strike for com­put­er foren­sics. From May through August of 2016, the Demo­c­ra­t­ic Nation­al Com­mit­tee paid Crowd­strike $267,807 dol­lars for main­te­nance, data ser­vices and con­sult­ing, among oth­er things, accord­ing to fed­er­al records.

    Trump received a brief­ing from the heads of the US intel­li­gence com­mu­ni­ty on the new intel­li­gence com­mu­ni­ty report on Fri­day, the full, still-clas­si­fied ver­sion of which report­ed­ly offers evi­dence link­ing the Krem­lin to the wide­spread elec­tion sub­terfuge, includ­ing the DNC hack. Trump called the meet­ing “con­struc­tive,” but stopped short of say­ing Rus­sia was to blame.

    ...

    ““They’ve had access to any­thing they want. Any­thing that they desire. Any­thing they’ve asked, we’ve coop­er­at­ed,” the DNC offi­cial said. “If any­body con­tra­dicts that it’s between Crowd­strike and the FBI.””

    That’s quite a twist! While it’s unclear what to con­clude at this point, one way to inter­pret the DNC’s state­ment is that if there’s a bar­ri­er between that DNC serv­er and the gov­ern­ment agen­cies, it’s a bar­ri­er put up by Crowd­strike.

    Also keep in mind in all this that the DNC and Demo­c­ra­t­ic Par­ty in gen­er­al real­ly does have a pro­found rea­son to not trust the FBI at this point in time giv­en the way the agency did every­thing it could to throw the elec­tion towards Don­ald Trump. So if there’s some hes­i­tan­cy on the part of the DNC to have the FBI exam­ine its servers that’s not an entire­ly out­landish sen­ti­ment, although that would­n’t explain why no gov­ern­ment agency at all has direct­ly exam­ined the servers.
    So now that it’s report­ed that Crowd­strike appar­ent­ly had exclu­sive access to the DNC’s servers, and giv­en the extreme­ly vague nature of the declas­si­fied evi­dence pre­sent­ed thus far, it’s inevitable that ques­tions are going to be asked about Crowd­strike’s objec­tiv­i­ty in deter­min­ing who did the hacks. So it’s prob­a­bly worth not­ing that when those ques­tions get asked, the answers are going to be com­pli­cat­ed:

    The Nation

    Is Skep­ti­cism Trea­son?
    Despite the scores of media pieces which assert that Russia’s inter­fer­ence in the elec­tion is “case closed,” some cyber experts say skep­ti­cism is still in order.
    By James Car­den
    Jan­u­ary 3, 2017

    ? The final days of 2016 were filled with more developments—some real, some not—in the ongo­ing sto­ry of Russia’s alleged inter­fer­ence in the US pres­i­den­tial elec­tion. On Decem­ber 29, the FBI and the Depart­ment of Home­land Secu­ri­ty released a joint report that pro­vid­ed “tech­ni­cal details regard­ing the tools and infra­struc­ture used by the Russ­ian civil­ian and mil­i­tary intel­li­gence Ser­vices (RIS) to com­pro­mise and exploit net­works and end­points asso­ci­at­ed with the U.S. elec­tion.”

    In retal­i­a­tion, the Oba­ma admin­is­tra­tion announced that it was expelling 35 Russ­ian diplo­mats, clos­ing 2 diplo­mat­ic com­pounds in Mary­land and New York, and apply­ing sanc­tions on Russia’s intel­li­gence ser­vice. A day lat­er, Decem­ber 30, The Wash­ing­ton Post report­ed that an elec­tri­cal util­i­ty in Ver­mont had been infil­trat­ed by the same Russ­ian mal­ware that used to hack the DNC.

    Tak­en togeth­er, these events set off a wave of media con­dem­na­tion not just of the Russ­ian gov­ern­ment, but of Pres­i­dent-elect Don­ald J. Trump for what is wide­ly believed to be his over­ly accom­moda­tive pos­ture toward Russ­ian Pres­i­dent Vladimir Putin.

    Yet despite the scores of breath­less media pieces that assert that Russia’s inter­fer­ence in the elec­tion is “case closed,” might some skep­ti­cism be in order? Some cyber experts say “yes.”

    As was quick­ly point­ed out by the Burling­ton Free Press, The Wash­ing­ton Post’s sto­ry on the Ver­mont pow­er grid was inac­cu­rate. The mal­ware was detect­ed on a lap­top that belonged to the util­i­ty but was not con­nect­ed to the pow­er plant. “The grid is not in dan­ger,” said a spokesman for the Burling­ton util­i­ty. The Post has since amend­ed its sto­ry with an editor’s note (as it did when its Novem­ber 24 sto­ry on Russ­ian “fake news” by reporter Craig Tim­berg was wide­ly refut­ed) dial­ing back its orig­i­nal claims of Russ­ian infil­tra­tion.

    ...

    Cyber-secu­ri­ty experts have also weighed in. The secu­ri­ty edi­tor at Ars Tech­ni­ca observed that “Instead of pro­vid­ing smok­ing guns that the Russ­ian gov­ern­ment was behind spe­cif­ic hacks,” the gov­ern­ment report “large­ly restates pre­vi­ous pri­vate sec­tor claims with­out pro­vid­ing any sup­port for their valid­i­ty.” Robert M. Lee of the cyber-secu­ri­ty com­pa­ny Dra­gos not­ed that the report “reads like a poor­ly done ven­dor intel­li­gence report string­ing togeth­er var­i­ous aspects of attri­bu­tion with­out evi­dence.” Cyber­se­cu­ri­ty con­sul­tant Jef­frey Carr not­ed that the report “mere­ly list­ed every threat group ever report­ed on by a com­mer­cial cyber­se­cu­ri­ty com­pa­ny that is sus­pect­ed of being Russ­ian-made and lumped them under the head­ing of Russ­ian Intel­li­gence Ser­vices (RIS) with­out pro­vid­ing any sup­port­ing evi­dence that such a con­nec­tion exists.”

    In this respect, it is worth not­ing that one of the com­mer­cial cyber­se­cu­ri­ty com­pa­nies the gov­ern­ment has relied on is Crowd­strike, which was one of the com­pa­nies ini­tial­ly brought in by the DNC to inves­ti­gate the alleged hacks.

    In late Decem­ber, Crowd­strike released a large­ly debunked report claim­ing that the same Russ­ian mal­ware that was used to hack the DNC has been used by Russ­ian intel­li­gence to tar­get Ukrain­ian artillery posi­tions. Crowdstrike’s co-founder and chief tech­nol­o­gy offi­cer, Dmitri Alper­ovitch, told PBS, “Ukraine’s artillery men were tar­get­ed by the same hackers…that tar­get­ed DNC, but this time they were tar­get­ing cell­phones [belong­ing to the Ukrain­ian artillery men] to try to under­stand their loca­tion so that the Russ­ian artillery forces can actu­al­ly tar­get them in the open bat­tle.”

    Dmitri Alper­ovitch is also a senior fel­low at the Atlantic Coun­cil.

    The con­nec­tion between Alper­ovitch and the Atlantic Coun­cil has gone large­ly unre­marked upon, but it is rel­e­vant giv­en that the Atlantic Council—which is is fund­ed in part by the US State Depart­ment, NATO, the gov­ern­ments of Latvia and Lithua­nia, the Ukrain­ian World Con­gress, and the Ukrain­ian oli­garch Vic­tor Pinchuk—has been among the loud­est voic­es call­ing for a new Cold War with Rus­sia. As I point­ed out in the pages of The Nation in Novem­ber, the Atlantic Coun­cil has spent the past sev­er­al years pro­duc­ing some of the most vir­u­lent spec­i­mens of the new Cold War pro­pa­gan­da.

    It would seem then that a healthy amount of skep­ti­cism toward a gov­ern­ment report that relied, in part, on the find­ings of pri­vate-sec­tor cyber secu­ri­ty com­pa­nies like Crowd­strike might be in order. And yet skep­tics have found them­selves in the unen­vi­able posi­tion of being accused of being Krem­lin apol­o­gists, or worse.
    ...

    “The con­nec­tion between Alper­ovitch and the Atlantic Coun­cil has gone large­ly unre­marked upon, but it is rel­e­vant giv­en that the Atlantic Council—which is is fund­ed in part by the US State Depart­ment, NATO, the gov­ern­ments of Latvia and Lithua­nia, the Ukrain­ian World Con­gress, and the Ukrain­ian oli­garch Vic­tor Pinchuk—has been among the loud­est voic­es call­ing for a new Cold War with Rus­sia. As I point­ed out in the pages of The Nation in Novem­ber, the Atlantic Coun­cil has spent the past sev­er­al years pro­duc­ing some of the most vir­u­lent spec­i­mens of the new Cold War pro­pa­gan­da.

    Ok, so let’s review:
    1. Just days before the declas­si­fied joint CIA/FBI/NSA report on the alleged Russ­ian hack­ing of the DNC, we get a report from Buz­zFeed about how a DNC offi­cial asserts that the FBI nev­er actu­al­ly asked to exam­ine the DNC’s serv­er and instead relied on Crowd­Strike’s analy­sis.

    2. The FBI replied the next day that, no, it was the DNC that refused access to its serv­er, forc­ing the FBI to rely on Crowd­strike. Although the FBI’s state­ment also includ­ed the curi­ous addi­tion that the DNC refused access until the hack with “mit­i­gat­ed”, ans that hap­pened a while ago (the hacked emails end­ed in May).

    3. The DNC then replies that this was all a mis­com­mu­ni­ca­tion and reasserts tha the DNC has offered the FBI what­ev­er is asked for, sug­gest­ing that if there’s a prob­lem with the FBI gain­ing access to that serv­er it’s a prob­lem between the FBI and Crowd­Strike.

    4. It turns out Crowdstrike’s co-founder and chief tech­nol­o­gy offi­cer, Dmitri Alper­ovitch, is also a senior fel­low at the Atlantic Coun­cil, an orga­ni­za­tion that’s been push­ing for a new Cold War in recent years.

    Wow. And yuck.

    Still, it’s not impos­si­ble that there real­ly is evi­dence strong­ly indi­cat­ing that the Russ­ian gov­ern­ment was behind the hacks. After all, if the NSA is the agency pro­vid­ing that evi­dence it’s not like that’s going to be in the declas­si­fied doc­u­ment.

    But if that’s the case and the Rus­sia gov­ern­ment real­ly did direct this hack­ing cam­paign it should be rec­og­nized that the sit­u­a­tion is far more per­ilous than is cur­rent­ly rec­og­nized by the peo­ple freak­ing out about Russ­ian hack­ing. Because the actions by the hack­ers sug­gest­ing they intend­ed to be iden­ti­fied as Russ­ian hack­ers also sug­gest that the Rus­sians did­n’t sim­ply plan on a series of high­ly provoca­tive high-pro­file hacks but also planned on get­ting blamed for it by mak­ing a string in inex­plic­a­ble new­bie mis­takes. And that would all sug­gest it a was a series of hacks intend­ed to be an open­ing sal­vo in a ‘tit for tat’ cyber-esca­la­tion of US/Russian ten­sions. If that’s what real­ly hap­pened, that’s beyond awful. Because it’s not like a Trump admin­is­tra­tion is going to mag­i­cal­ly heal that grow­ing US/Russian divide. If any­thing it’s about to become a deep­er divide than at any point since the Cold War as this issue becomes a fes­ter­ing psy­chic wound tied to all of the atroc­i­ties the Trump admin­is­tra­tion is about to unleash on the US and the world. The loom­ing Trump cat­a­stro­phe is poised to become inter­twined with a new Red Men­ace hys­te­ria. And any “offi­cial” attempts to make nice between the Trump admin­is­tra­tion and Russ­ian gov­ern­ment are just going to add to that fes­ter­ing psy­chic wound. If this real­ly was a Russ­ian gov­ern­ment hack, it was basi­cal­ly a pre­emp­tive cyber-arson attack on the bridge between US/Russian rela­tions and that’s a hor­rif­i­cal­ly trag­ic sce­nario. Unless you’re a New Cold War­rior in which case this is prob­a­bly a nice turn of events.

    Of course, we can’t rule out the obvi­ous pos­si­bil­i­ty that this was a set up by some sort of third par­ty actor giv­en the extreme­ly vague and dubi­ous nature of the hack­ing inves­ti­ga­tion thus far, and that’s part of why it’s going to be very inter­est­ing to see if the Trump admin­is­tra­tion con­tin­ues with this inves­ti­ga­tion and comes up with its own con­clu­sion about who was behind it.

    And here’s the thing to also keep in mind in this whole sit­u­a­tion that makes it extra dan­ger­ous: If this real­ly was a third par­ty fram­ing Rus­sia, and the Trump admin­is­tra­tion is able to per­sua­sive­ly make that case that it was­n’t Rus­sia, that does­n’t mean the Trump team has to accu­rate­ly report who they think real­ly did the hack­ing. They could poten­tial­ly make up any­one. Maybe it was Chi­na. Maybe Iran. If you’re a 400 pound hack­er, watch out. It could be you. And that’s the nature of the sit­u­a­tion since there’s no rea­son to believe the Trump Team, which ran one of the most decep­tive cam­paigns in US his­to­ry, is going to tell the truth on this mat­ter. Espe­cial­ly after he over­hauls US intel­li­gence ser­vices and fills them with far-right Trump cronies. Remem­ber, if it turns out that the US gov­ern­ment is cur­rent­ly rig­ging the analy­sis to force a con­clu­sion that Rus­sia did it, it’s not as if that would make the Trump team less inclined to do so. If any­thing, it’s the oppo­site.

    In oth­er words, thanks, in part, to the uncon­vinc­ing nature of the hack­ing reports so far, if the Rus­sians real­ly did­n’t do the hacks, this ‘Russ­ian hack­ing’ sit­u­a­tion could morph into a ‘Trump gets to blame who­ev­er he wants for the hack­ing’ sit­u­a­tion. And then car­ry out ret­ri­bu­tion. Or maybe giv­en them an award. It’s unclear what Trump would do. But he’ll be able to do it. In a cou­ple of weeks.

    Wow. And yuck.

    Posted by Pterrafractyl | January 7, 2017, 4:08 pm
  5. Here’s a note­wor­thy take by Russ­ian inves­tiga­tive jour­nal­ist and spe­cial­ist in Russ­ian secu­ri­ty ser­vices Andrei Solda­tov on the now noto­ri­ous ‘gold­en show­ers’ dossier cre­at­ed an ex-MI6 spy Christo­pher Steele — first hired by one or more of Trump’s GOP pri­ma­ry and lat­er work­ing for the Clin­ton cam­paign — alleg­ing to describe Vladimir Putin’s direct orches­tra­tion of the DNC hacks/leaks and how Russ­ian secu­ri­ty ser­vices alleged­ly gath­ered com­pro­mis­ing infor­ma­tion on Don­ald Trump involv­ing videos of pros­ti­tutes in a Moscow hotel.

    As Solda­tov sees it, the doc­u­ment does indeed ring true in terms of the way it describes how a Russ­ian intel­li­gence oper­a­tion of this nature would be exe­cut­ed. But it does­n’t ring very true in terms of the fac­tu­al mis­takes. So, like so much of the intel­li­gence swirling around the Russ­ian hack, it rings true when you zoom out but rings ques­tion­able when you zoom in:

    The Guardian

    The leaked Trump-Rus­sia dossier rings fright­en­ing­ly true

    There is fac­tu­al con­fu­sion in this doc­u­ment but its depic­tion of the Kremlin’s tac­tics is sound

    Andrei Solda­tov

    Thurs­day 12 Jan­u­ary 2017 14.56 EST

    The Krem­lin has dis­missed the sto­ries about Don­ald Trump’s alleged deal­ings with Rus­sia as “pulp fic­tion”. Even a super­fi­cial glance at the dossier on his rela­tion­ship with Moscow sup­pos­ed­ly com­piled by a for­mer M16 counter-intel­li­gence offi­cer and pub­lished by Buz­zFeed reveals a con­fu­sion that rais­es ques­tions about its cred­i­bil­i­ty at the very least.

    For exam­ple, the FSB unit named as respon­si­ble for gath­er­ing mate­r­i­al on Hillary Clin­ton – Depart­ment K – has noth­ing to do with eaves­drop­ping or cyber inves­ti­ga­tions. It was, how­ev­er, much in the Russ­ian news recent­ly because it was tasked with “super­vis­ing” the bank­ing and financ­ing sys­tem and its offi­cers were involved in a major scan­dal that end­ed with an Inte­ri­or Min­istry offi­cial jump­ing out of a win­dow dur­ing inter­ro­ga­tion. There is anoth­er Depart­ment K in the Inte­ri­or Min­istry and it is this that is in charge of cyber inves­ti­ga­tions. The dossier names Igor Diveikin, a senior offi­cial in the polit­i­cal depart­ment of Putin’s office, as tasked to deal with the US elec­tion. He was indeed in charge of elec­tions, but in Rus­sia, not the US. Last Octo­ber, a month before the US elec­tions, he was moved to the appa­ra­tus of the state Duma.

    Beyond the fac­tu­al detail, there are prob­lems too with the document’s analy­sis: as in a clas­sic con­spir­a­cy, Putin’s deci­sions in 2016 to fire promi­nent offi­cials, includ­ing the all-pow­er­ful Sergei Ivanov, a head of the pres­i­den­tial admin­is­tra­tion, are explained via the ups and downs of Russia’s inter­fer­ence in the Amer­i­can elec­tion.

    But Putin had plen­ty of oth­er rea­sons to start selec­tive repres­sive acts against his elites – 2016 was also a year of the Duma elec­tions and there is pal­pa­ble anx­i­ety in Moscow about the pres­i­den­tial elec­tions in 2018. There are big ques­tions too about the sources: high-placed Krem­lin offi­cials seem a lit­tle too keen to talk to a for­mer British spy, and feed him dam­ag­ing infor­ma­tion about the most sen­si­tive Krem­lin oper­a­tion in the 21st cen­tu­ry – right in the mid­dle of the oper­a­tion.

    Though many of the report’s ele­ments appear hasti­ly com­piled, over­all it reflects accu­rate­ly the way deci­sion-mak­ing in the Krem­lin looks to close observers. There’s been much focus on the shaki­er ele­ments but what is plau­si­ble about this episode? The leaked doc­u­ment paints a pic­ture of groups of hack­ers all over the world hired to attack west­ern tar­gets. And that sounds about right. I have been cov­er­ing the Russ­ian secret ser­vices since 1999 and have spent the last five years research­ing Russ­ian cyber activ­i­ties. Out­sourc­ing sen­si­tive offen­sive oper­a­tions is the Kremlin’s way to low­er risk and cre­ate deni­able respon­si­bil­i­ty. It was used in Crimea, Ukraine and Syr­ia with Russ­ian “vol­un­teers” and pri­vate mil­i­tary com­pa­nies, while in cyber­space it has been the Krem­lin tac­tic since the mid-2000s.

    The dossier sug­gests that Putin per­son­al­ly super­vised the oper­a­tion, with the For­eign Min­istry play­ing only a minor role. This is exact­ly what has been observed since the annex­a­tion of Crimea – that the For­eign Min­istry is no longer in charge of defin­ing pol­i­cy for Ukraine or Syr­ia, so deci­sion-mak­ing is like­ly to be more capri­cious. It also fits with the assess­ment of many experts that the hack of the US Democ­rats was prompt­ed by the Pana­ma Papers exposé, which was seen in the Krem­lin as a per­son­al attack on Putin.

    Final­ly, the dossier states that the Krem­lin exten­sive­ly bor­rowed its meth­ods for deal­ing with Trump from the KGB play­book. For instance, it claims the Russ­ian secret ser­vices were eager to col­lect dirt on Trump dur­ing his trips to Rus­sia to explore whether a recruit­ment was fea­si­ble. The evi­dence is ques­tion­able, but the idea looks entire­ly plau­si­ble – after all, the KGB even had a spe­cial ter­mi­nol­o­gy for this kind of oper­a­tion: it was called razved­ka s ter­ri­torii or “gath­er­ing intel­li­gence from the ter­ri­to­ry”, mean­ing recruit­ing for­eign­ers once they come to Rus­sia. For that pur­pose every region­al depart­ment of the KGB had a “first sec­tion” tasked to deal with for­eign­ers once they get to the “ter­ri­to­ry” of the region, and Putin him­self spent a few years in this sec­tion in St Peters­burgPana­ma Papers.

    ...

    Unver­i­fi­able sen­sa­tion­al details aside, the Trump dossier is a good reflec­tion of how things are run in the Krem­lin – the mess at the lev­el of deci­sion-mak­ing and increas­ing­ly the out­sourc­ing of oper­a­tions, com­bined with meth­ods bor­rowed from the KGB and the secret ser­vices of the law­less 1990s. That is not the pic­ture pro­ject­ed by the Krem­lin exter­nal­ly – name­ly, that the Russ­ian gov­ern­ment is an effec­tive bureau­cra­cy, strate­gic in for­eign pol­i­cy plan­ning and ruth­less in exe­cu­tion. And that, what­ev­er the truth of Putin’s con­nec­tions with Trump, makes it all pret­ty scary.

    Unver­i­fi­able sen­sa­tion­al details aside, the Trump dossier is a good reflec­tion of how things are run in the Krem­lin – the mess at the lev­el of deci­sion-mak­ing and increas­ing­ly the out­sourc­ing of oper­a­tions, com­bined with meth­ods bor­rowed from the KGB and the secret ser­vices of the law­less 1990s. That is not the pic­ture pro­ject­ed by the Krem­lin exter­nal­ly – name­ly, that the Russ­ian gov­ern­ment is an effec­tive bureau­cra­cy, strate­gic in for­eign pol­i­cy plan­ning and ruth­less in exe­cu­tion. And that, what­ev­er the truth of Putin’s con­nec­tions with Trump, makes it all pret­ty scary.”

    So they way Solda­tov sees it, if the hack attacks against the Democ­rats real­ly was a Krem­lin run psy­op run by Putin to direct­ly inter­vene in the US elec­tions, the way that dossier describes that oper­a­tion is at least in keep­ing with how the Russ­ian secu­ri­ty ser­vices would actu­al­ly do it. So if it’s a fake doc­u­ment it was writ­ten by some­one with a rea­son­ably real­is­tic view of how the Krem­lin would oper­ate. And yet it also con­tains no short­age of fac­tu­al errors about how the Krem­lin is cur­rent­ly oper­at­ing.

    So it’s an unver­i­fi­able nar­ra­tive of what is going on but plau­si­ble. Except for the errors, which could just be human error but could also be red flags about the Mr. Steele’s sources. And con­sid­er­ing that Steele was report­ed­ly Alexan­der Litvi­nenko’s MI6 case offi­cer it would be inter­est­ing to learn more about his sources which, of course, prob­a­bly can’t hap­pen for sources of this nature, assum­ing they exist.

    But it also does­n’t explain why the Krem­lin would be out­sourc­ing its hacks to out­side hack­ers to main­tain plau­si­ble deni­a­bil­i­ty but still choose to out­source it to Russ­ian hack­ers using Russ­ian servers and who plant the name of the founder of Russ­ian intel­li­gence in the meta data of the hacked doc­u­ments. If there was an attempt to main­tain plau­si­ble deni­a­bil­i­ty by the Krem­lin by out­sourc­ing the hacks, that deni­a­bil­i­ty was­n’t pred­i­cat­ed on hid­ing Russ­ian hack­er involve­ment. It was pred­i­cat­ed on direct­ly point­ing at Russ­ian hack­er involve­ment and then hop­ing some sort of reverse psy­chol­o­gy defense would work (a sort of “why would be impli­cate our­selves?” defense). And, of course, if reverse psy­chol­o­gy real­ly was part of some sort of planned plau­si­ble deni­a­bil­i­ty, that has­n’t worked since almost no one is pay­ing atten­tion to all the inex­plic­a­ble acts by the hack­ers to point towards them being Russ­ian and Russ­ian isn’t actu­al­ly mak­ing that “why would be impli­cate our­selves?” defense.

    So how to we pro­ceed with assess­ing the verac­i­ty of this dossier? Well, there is one inter­est­ing option: ask the FBI what they thought about it. More specif­i­cal­ly, ask the FBI why they ignored it despite Mr. Steele repeat­ed­ly inform­ing the FBI of his find­ings. Mr. Steele report­ed­ly got so con­cerned about the lack of an FBI response to his infor­ma­tion that he became con­vinced that there was an FBI cabal dead set on doing noth­ing about it. Giv­en that, per­haps we should ask the FBI why exact­ly they did­n’t pur­sue it. Maybe they’ll pro­vide a series of valid points chal­leng­ing the cred­i­bil­i­ty of the doc­u­ment. Or maybe they don’t have a good excuse and it real­ly was just the pro-Trump cabal at work. Either way, ask­ing the FBI about its take on the dossier seems worth­while:

    The Inde­pen­dent

    For­mer MI6 agent Christo­pher Steele’s frus­tra­tion as FBI sat on Don­ald Trump Rus­sia file for months

    Exclu­sive: Steele was so con­cerned by rev­e­la­tions he worked with­out pay­ment after Trump’s elec­tion vic­to­ry in Novem­ber

    Kim Sen­gup­ta Defence Edi­tor
    Sat­ur­day 14 Jan­u­ary 2017 12:04 BS

    Christo­pher Steele, the for­mer MI6 agent who inves­ti­gat­ed Don­ald Trump’s alleged Krem­lin links, was so wor­ried by what he was dis­cov­er­ing that at the end he was work­ing with­out pay, The Inde­pen­dent has learned.

    Mr Steele also decid­ed to pass on infor­ma­tion to both British and Amer­i­can intel­li­gence offi­cials after con­clud­ing that such mate­r­i­al should not just be in the hands of polit­i­cal oppo­nents of Mr Trump, who had hired his ser­vices, but was a mat­ter of nation­al secu­ri­ty for both coun­tries.

    How­ev­er, say secu­ri­ty sources, Mr Steele became increas­ing­ly frus­trat­ed that the FBI was fail­ing to take action on the intel­li­gence from oth­ers as well as him. He came to believe there was a cov­er-up, that a cabal with­in the Bureau blocked a thor­ough inquiry into Mr Trump, focus­ing instead on the inves­ti­ga­tion into Hillary Clinton’s emails.

    It is believed that a col­league of Mr Steele in Wash­ing­ton, Glenn Simp­son, a for­mer Wall Street Jour­nal reporter who runs the firm Fusion GPS, felt the same way and, at the end also con­tin­ued with the Trump case with­out being paid.

    Fusion GPS had been hired by Repub­li­can oppo­nents of Mr Trump in Sep­tem­ber 2015. In June 2016 Mr Steele came on the team. He was, and con­tin­ues to be, high­ly regard­ed in the intel­li­gence world. In July, Mr Trump won the Repub­li­can nom­i­na­tion and the Democ­rats became new employ­ers of Mr Steele and Fusion GPS.

    In the same month Mr Steele pro­duced a memo, which went to the FBI, stat­ing that Mr Trump’s cam­paign team had agreed to a Russ­ian request to dilute atten­tion on Moscow’s inter­ven­tion in Ukraine. Four days lat­er Mr Trump stat­ed that he would recog­nise Moscow’s annex­a­tion of Crimea. A month lat­er offi­cials involved in his cam­paign asked the Repub­li­can party’s elec­tion plat­form to remove a pledge for mil­i­tary assis­tance to the Ukrain­ian gov­ern­ment against sep­a­ratist rebels in the east of the coun­try.

    Mr Steele claimed that the Trump cam­paign was tak­ing this path because it was aware that the Rus­sians were hack­ing Demo­c­ra­t­ic Par­ty emails. No evi­dence of this has been made pub­lic, but the same day that Mr Trump spoke about Crimea he called on the Krem­lin to hack Hillary Clinton’s emails.

    By late July and ear­ly August MI6 was also receiv­ing infor­ma­tion about Mr Trump. By Sep­tem­ber, infor­ma­tion to the FBI began to grow in vol­ume: Mr Steele com­piled a set of his mem­os into one doc­u­ment and passed it to his con­tacts at the FBI. But there seemed to be lit­tle progress in a prop­er inquiry into Mr Trump. The Bureau, instead, seemed to be devot­ing their resources in the pur­suit of Hillary Clinton’s email trans­gres­sions.

    The New York office, in par­tic­u­lar, appeared to be on a cru­sade against Ms Clin­ton. Some of its agents had a long work­ing rela­tion­ship with Rudy Giu­liani, by then a mem­ber of the Trump cam­paign, since his days as pub­lic pros­e­cu­tor and then May­or of the city.

    As the elec­tion approached, FBI direc­tor James Comey made pub­lic his bomb­shell let­ter say­ing that Ms Clin­ton would face anoth­er email inves­ti­ga­tion. Two days before that Mr Giu­liani, then a part of the Trump team, talked about “a sur­prise or two you’re going to hear about in the next few days. We’ve got a cou­ple of things up our sleeve that should turn things around”.

    After the let­ter was pub­lished Mr Giu­liani claimed he had heard from cur­rent and for­mer agents that “there’s a kind of rev­o­lu­tion going on inside the FBI” over the orig­i­nal deci­sion not to charge Ms Clin­ton and that Mr Comey had been forced by some of his agents to announce the rein­ves­ti­ga­tion. Democ­rats demand­ed an inves­ti­ga­tion into how Mr Giu­liani acquired this knowl­edge with­out get­ting an answer.

    In Octo­ber a frus­trat­ed and demor­alised Mr Steele, while on a trip to New York, spoke about what he has dis­cov­ered to David Corn, the Wash­ing­ton edi­tor of the mag­a­zine Moth­er Jones. There was a lit­tle flur­ry of inter­est that quick­ly died down.

    Mr Trump’s sur­prise elec­tion vic­to­ry came and the Demo­c­rat employ­ers of Mr Steele and Mr John­son no longer need­ed them. But the pair con­tin­ued with their work, hope­ful that the wider inves­ti­ga­tion into Russ­ian hack­ing in the US would allow the Trump mate­r­i­al to be prop­er­ly exam­ined.

    It was against this back­ground that Sen­a­tor John McCain, who had been hear­ing with grow­ing alarm reports about Mr Trump and the Krem­lin, met Sir Andrew Wood, a for­mer British ambas­sador to Moscow, who had spent 10 years in Rus­sia and is high­ly respect­ed for his knowl­edge of Russ­ian affairs, at a secu­ri­ty con­fer­ence in Hal­i­fax, Cana­da.

    Sir Andrew stressed to Sen­a­tor McCain that he had not read the dossier, but vouched for Mr Steele’s pro­fes­sion­al­ism and integri­ty. The chair of the Sen­ate Armed Forces Com­mit­tee then sent an emis­sary to Lon­don who picked up the dossier from an inter­me­di­ary act­ing on behalf of Mr Steele. The Sen­a­tor per­son­al­ly took the mate­r­i­al to Mr Comey.

    ...

    Mr Steele is now in hid­ing, under attack from some Tory MPs for sup­pos­ed­ly try­ing to ruin the chances of There­sa May’s Gov­ern­ment build­ing a fruit­ful rela­tion­ship with the Trump admin­is­tra­tion. Some of them accuse him of being part of an anti-Brex­it con­spir­a­cy. A right-wing tabloid has “out­ed” him as being a “con­firmed social­ist” while at uni­ver­si­ty.

    “How­ev­er, say secu­ri­ty sources, Mr Steele became increas­ing­ly frus­trat­ed that the FBI was fail­ing to take action on the intel­li­gence from oth­ers as well as him. He came to believe there was a cov­er-up, that a cabal with­in the Bureau blocked a thor­ough inquiry into Mr Trump, focus­ing instead on the inves­ti­ga­tion into Hillary Clinton’s emails.”

    Well, it sure would be inter­est­ing to hear the FBI’s take on this dossier. If it does­n’t think its real, why not? And if it does agree its real, what’s the expla­na­tion for not inves­ti­gat­ing it? For­tu­nate­ly, there’s an Inspec­tor Gen­er­al inves­ti­ga­tion of the FBI’s behav­ior dur­ing the 2016 cam­paign get­ting under­way so hope­ful­ly the FBI will have a chance to clar­i­fy its own take on dossier. And also clar­i­fy what the hell it was doing in gen­er­al in 2016.

    It’s also unfor­tu­nate­ly worth not­ing that regard­less of whether or the dossier is real or not, it’s kar­ma for Trump:

    Yahoo News

    Trump didn’t real­ly believe the birther con­spir­a­cy he was push­ing, son-in-law report­ed­ly says

    Dylan Sta­ble­ford
    Senior edi­tor
    Jan­u­ary 9, 2017

    Pres­i­dent-elect Don­ald Trump is expect­ed to name Jared Kush­n­er, his son-in-law, as a senior advis­er, mul­ti­ple media out­lets report­ed Mon­day after­noon.

    Kush­n­er, who is mar­ried to Trump’s daugh­ter, Ivan­ka, has been a long­time con­fi­dante of the pres­i­dent-elect. In a a New York mag­a­zine cov­er pro­file of Kush­n­er, “The Young Trump,” Andrew Rice reports that “back when Trump was spin­ning birther con­spir­a­cy the­o­ries, which were lapped up by gullible Repub­li­cans, one per­son who talked to Kush­n­er says he offered assur­ances his father-in-law didn’t real­ly believe that stuff.”

    The 35-year-old entre­pre­neur — who served as a key advis­er to the Trump cam­paign, par­tic­u­lar­ly in the weeks lead­ing up to the elec­tion — has long tried to con­vince his friends and busi­ness asso­ciates that there’s a dif­fer­ent, more prag­mat­ic Trump than the one Amer­i­ca saw on the cam­paign trail.

    Arthur Mirante, a real estate bro­ker, told the mag­a­zine that he “occa­sion­al­ly sent quizzi­cal emails” to Kush­n­er, who served as an unof­fi­cial advis­er to Trump, after some of the candidate’s more out­landish state­ments.

    “And I would always get a typ­i­cal Jared response,” Mirante said. “That was, ‘Look, there’s a big­ger pic­ture here, you know. I know what he said maybe didn’t look good, but he real­ly didn’t mean it that way.’ There was always the typ­i­cal Jared expla­na­tion, total­ly devoid of pol­i­tics. Just that, ‘There are things hap­pen­ing here that you don’t under­stand, and this is going to work out, trust me.’”

    “Peo­ple say he’s unhinged,” Kush­n­er report­ed­ly said of Trump to anoth­er asso­ciate. “I think he unhinged every­one else.”

    ...

    “Kush­n­er, who is mar­ried to Trump’s daugh­ter, Ivan­ka, has been a long­time con­fi­dante of the pres­i­dent-elect. In a a New York mag­a­zine cov­er pro­file of Kush­n­er, “The Young Trump,” Andrew Rice reports that “back when Trump was spin­ning birther con­spir­a­cy the­o­ries, which were lapped up by gullible Repub­li­cans, one per­son who talked to Kush­n­er says he offered assur­ances his father-in-law didn’t real­ly believe that stuff.”

    And that’s prob­a­bly one of more dis­turb­ing aspects of this whole sit­u­a­tion: if this dossier is fake, the incom­ing pres­i­dent lacks the moral high ground required to decry it. Or cred­i­bil­i­ty.

    And in relat­ed news, Don­ald Trump once again praised the DNC hacks at his Jan­u­ary 11th press con­fer­ence, say­ing, Hack­ing is bad and it shouldn’t be done. But look at the things that were hacked. Look at what was learned from that hack­ing”...

    Posted by Pterrafractyl | January 14, 2017, 4:02 pm
  6. You know how Don­ald Trump recent­ly reit­er­at­ing his long-stand­ing qua­si-approv­ing stance on hack­ing dur­ing his recent press con­fer­ence, sug­gest­ing that the DNC hacks were ok, recent­ly say­ing “hack­ing is bad and it shouldn’t be done. But look at the things that were hacked. Look at what was learned from that hack­ing”? Well, as some­one from Anony­mous remind­ed us on Twit­ter recent­ly, that atti­tude — that polit­i­cal hacks are ok if it reveals some­thing the pub­lic might find inter­est­ing — is prob­a­bly going to be get­ting a bit of a stress test over the next four years:

    CNBC

    Anony­mous to Trump: You Will ‘Regret’ the Next 4 Years

    Alyssa New­comb
    1/18/2017

    Anony­mous, the loose col­lec­tive of online hack­ers, issued an omi­nous warn­ing to Pres­i­dent-elect Don­ald Trump ahead of his inau­gu­ra­tion, telling the bil­lion­aire he’s going to “regret” the next four years.

    On Twit­ter, the group put out a call to action to its fol­low­ers, urg­ing them to expose any poten­tial com­pro­mis­ing infor­ma­tion they can find about the soon-to-be new leader of the free world.

    The group tweet­ed at Trump, repeat­ing unsub­stan­ti­at­ed alle­ga­tions that he has “finan­cial and per­son­al ties with Russ­ian mob­sters, child traf­fick­ers, and mon­ey laun­der­ers.”

    “This isn’t the 80’s any longer, infor­ma­tion does­n’t van­ish, it is all out there. You are going to regret the next 4 years. @realDonaldTrump,” reads a tweet from @YourAnonCentral, an account used to dis­sem­i­nate infor­ma­tion among the hack­er group.

    Trump, a usu­al­ly trig­ger-hap­py tweet­er, seems to be ignor­ing the threats for now.

    Trump has long been in Anony­mous’ crosshairs, with the group declar­ing war on him last year when he was a can­di­date for Pres­i­dent of the Unit­ed States.

    In March, pri­vate infor­ma­tion about Trump was “leaked” by hack­ers claim­ing to be a part of Anony­mous, includ­ing a cell phone and social secu­ri­ty num­ber. How­ev­er, it was lat­er proven that infor­ma­tion was­n’t new and had been float­ing around online for some time.

    ...

    ““This isn’t the 80’s any longer, infor­ma­tion does­n’t van­ish, it is all out there. You are going to regret the next 4 years. @realDonaldTrump,” reads a tweet from @YourAnonCentral, an account used to dis­sem­i­nate infor­ma­tion among the hack­er group.”

    That sure sounds like at least some­one in Anony­mous either already has some hacked info on Trump ready to go or is intent on get­ting it. But with Anony­mous being, well, anony­mous, it’s hard to say how much this tweet from the ‘YourA­non­Cen­tral’ Twit­ter account rep­re­sents a larg­er seg­ment of the group.

    Still, it’s worth not­ing that this was­n’t the first Anony­mous oper­a­tion declared against Trump. And that last oper­a­tion was declared March of last year it split Anony­mous between those that want­ed to go after Trump, those who were pro-Trump, and those who felt that Anony­mous should­n’t be pick­ing spe­cif­ic sides in par­tic­u­lar races, which at the time was the YourA­non­Cen­tral posi­tion. So if this recent YourA­non­Cen­tral tweet came from the same indi­vid­ual tweet­ing about the anti-Trump oper­a­tions back in March, it would appear that the con­clu­sion of the 2016 elec­tions has end­ed their hes­i­tan­cy and now that Trump is in office YourA­non­Cen­tral is ready for some anti-Trump oper­a­tions:

    The Guardian

    Anti-Trump cam­paign sparks civ­il war among Anony­mous hack­ers

    Crit­ics say tar­get­ing Repub­li­can coun­ters hack­ing collective’s tra­di­tion of not tak­ing sides in polit­i­cal con­tests and oth­ers allege move­ment is being hijacked

    Nicky Woolf in Los Ange­les

    Thurs­day 24 March 2016 09.00 EDT

    The rip­ple effects of Don­ald Trump’s pres­i­den­tial can­di­da­cy have led to a civ­il war in the Repub­li­can par­ty. But they have also had the unex­pect­ed con­se­quence of lead­ing to a sub­ter­ranean civ­il war with­in Anony­mous, the mys­te­ri­ous hack­ing col­lec­tive.

    Most of the polit­i­cal oper­a­tions tar­get­ed by Anony­mous – includ­ing the Church of Sci­en­tol­ogy, Isis and the KKK – have insti­gat­ed some lev­el of inter­nal dis­pute among peo­ple claim­ing to be part of Anony­mous. But when the group announced their next tar­get would be the Trump cam­paign, it set off the most heat­ed debate yet with­in the move­ment – which has no leader and no spe­cif­ic set of aims.

    Many dis­avowed the anti-Trump oper­a­tion as being counter to Anonymous’s tra­di­tion of not tak­ing sides in polit­i­cal con­tests. (A pre­vi­ous oper­a­tion against Trump was sim­i­lar­ly derailed, albeit on a small­er scale, when anoth­er hack­er call­ing him­self Black Mafia wrest­ed con­trol of the Twit­ter account.)

    Oth­ers have even alleged the move­ment is being hijacked by either cam­paign oper­a­tives or activists try­ing to co-opt Anony­mous for their own polit­i­cal ends. On 15 March, a video was released.

    “We are feel­ing deeply con­cerned about an oper­a­tion that was launched in our name – the so-called Oper­a­tion Trump,” says the video, which, in clas­sic Anony­mous style, is nar­rat­ed by a dis­em­bod­ied com­put­erised voice.

    “We – Anony­mous – are warn­ing you about the lies and deceits pushed under our ban­ner,” the voice con­tin­ues.

    But a user named Beem­see post­ed a mes­sage to a site called Ghost­bin to defend the oper­a­tion.

    “There has been large amounts of oppo­si­tion to this oper­a­tion as many think that OpTrump aims to cen­sor Don­ald Trump’s free speech,” said Beem­see, who is linked to the Twit­ter account OpTrumpHQ. “This is not the case. We do NOT stand for a spe­cif­ic polit­i­cal ide­ol­o­gy,” Beem­see con­tin­ued.

    The Twit­ter account YourA­non­Cen­tral is one of the longest-stand­ing nodes for Anony­mous com­mu­ni­ca­tions. Its admin­is­tra­tor, who has been involved in the move­ment since its incep­tion around 2006 on the anar­chic image-board 4chan, said that the Trump and Sanders cam­paigns had been seen “active­ly attempt­ing to sub­vert and mis­use Anony­mous for their own gains”.

    “They are both using Anony­mous as a prop in their ‘war’ and it is a lie,” the admin­is­tra­tor said over Twit­ter direct mes­sage. “Anony­mous comes from every part of the polit­i­cal spec­trum, the only things we could be all (most­ly) aligned on are against the cen­sor­ship of can­di­dates by the media or against human rights vio­la­tions or sim­i­lar,” adding that mim­ic­k­ing the style of Anony­mous would be “real­ly easy” for any­one moti­vat­ed to do so.

    Some per­son­al infor­ma­tion on Trump has been released as part of the oper­a­tion, but many in the move­ment have derid­ed it as includ­ing only infor­ma­tion that was already in the pub­lic domain.

    OpTrumpTruth was one of the ear­ly Twit­ter accounts asso­ci­at­ed with the pur­port­ed action against Trump. The oper­a­tor of the account said that she had joined Anony­mous nine months ago, and had been part of pre­vi­ous oper­a­tions against Sea­World and cam­paigns in sup­port of Chelsea Man­ning.

    She described her­self as polit­i­cal­ly inde­pen­dent but said, also over Twit­ter direct mes­sage, that “we believe Mr Trump is a bla­tant hate­ful racist with enough mon­ey to buy his way to pow­er that’s some­thing that we in good con­science can’t allow”.

    Asked about the schism in the move­ment, she said that many of the major Anony­mous accounts – includ­ing YourA­non­Cen­tral – were opposed to the anti-Trump oper­a­tion because “they say Anony­mous is against the whole sys­tem not just one man.”

    She also said that there were many Trump sup­port­ers with­in Anony­mous and “those peo­ple will not want to see any­thing that brings him down.”

    On the mes­sage-board for OpTrump – which is open and, of course, anony­mous – users have been engag­ing in fiery debate as to the verac­i­ty, and the advis­abil­i­ty, of tak­ing sides in the pres­i­den­tial elec­tion. “So what deci­sion should we make, not choos­ing doesn’t help any­thing,” said a user who had tak­en the nick­name Every­thing­Berns. “Well, you’ve got to pick some­one,” one user replied. “DON’T CHOSE [sic]” said anoth­er.

    Anoth­er account using the visu­al lin­gua fran­ca of Anony­mous, called OpWhiteRose, also agi­tates against Trump. After sev­er­al mes­sages, the oper­a­tor of that account admit­ted that they had no involve­ment or affil­i­a­tion with Anony­mous. Instead, the oper­a­tor said they were “a small group of like-mind­ed peo­ple who want to stop Trump’s pol­i­tics from destroy­ing the US.”

    ...

    “Asked about the schism in the move­ment, she said that many of the major Anony­mous accounts – includ­ing YourA­non­Cen­tral – were opposed to the anti-Trump oper­a­tion because “they say Anony­mous is against the whole sys­tem not just one man.””

    Well, it sounds like Don­ald Trump’s elec­tion just cost him the one thing that was stop­ping at least part of Anony­mous from attack­ing him dur­ing his cam­paign: he was­n’t actu­al­ly impor­tant enough at the time. But he is now! And giv­en the hyper-ego­cen­tric pro­to-fas­cist nature of Trump’s pol­i­tics, he’s not just one man oper­at­ing in a larg­er polit­i­cal sys­tem Anony­mous oppos­es. He is increas­ing­ly the sys­tem. That’s how author­i­tar­i­an cults of per­son­al­i­ty sys­tems work.

    So we’ll see what hap­pens, but don’t for­get: as long as any future Trump hacks reveal any­thing the pub­lic might find inter­est­ing, Trump pre­emp­tive­ly approves of them.

    Posted by Pterrafractyl | January 18, 2017, 4:12 pm
  7. Here’s a fun-fact that should def­i­nite­ly be kept in mind when assess­ing the pub­licly avail­able evi­dence that “Fan­cy Bear” and “Cozy Bear” hacked the DNC and were in fact part of a larg­er Krem­lin oper­a­tion: Back before these two hack­ing enti­ties were labeled “Fan­cy Bear” and “Cozy Bear” they were already known by the labels “APT28” and “APT29” (Advanced Per­sis­tent Threat 28 and 29). And after the May 2015 Bun­destag hack of the com­mit­tee invest­ing NSA hack­ing on Ger­man soil that result­ed in the release by Wik­ileaks of 2,420 doc­u­ments Ger­many’s domes­tic intel­li­gence agency with attrib­uted the hack to APT28:

    BBC News

    Rus­sia ‘was behind Ger­man par­lia­ment hack’

    13 May 2016

    Ger­many’s domes­tic intel­li­gence agency has accused Rus­sia of being behind a series of cyber attacks on Ger­man state com­put­er sys­tems.

    The BfV said a hack­er group thought to work for the Russ­ian state had attacked Ger­many’s par­lia­ment in 2015.

    This week it emerged that hack­ers linked to the same group had also tar­get­ed the Chris­t­ian Demo­c­ra­t­ic Union par­ty of Chan­cel­lor Angela Merkel.

    Rus­sia has yet to respond pub­licly to the accu­sa­tions made by the BfV.

    Sab­o­tage threat

    BfV head Hans-Georg Maassen said Ger­many was a peren­ni­al tar­get of a hack­er gang known as Sofacy/APT 28 that some oth­er experts also believe has close links with the Russ­ian state. This group is believed by secu­ri­ty experts to be affil­i­at­ed with the Pawn Storm group that has been accused of tar­get­ing the CDU par­ty.

    Sofacy/APT 28 is believed to have been formed in 2004 and has been blamed for a wide range of attacks on both gov­ern­ments and finan­cial insti­tu­tions.

    The attacks on Ger­man state organ­i­sa­tions and insti­tu­tions were car­ried out to gath­er intel­li­gence data, Mr Maassen said.

    He added that his agency had been mon­i­tor­ing the group for years. He said some of its hack attacks on Ger­many had been ongo­ing for more than a decade.

    The attack on the Ger­man par­lia­ment sought to install soft­ware that would have giv­en the attack­ers per­ma­nent access to com­put­ers used by staff and MPs. Oth­er attacks involved gath­er­ing data about crit­i­cal infra­struc­ture such as pow­er plants and oth­er util­i­ties, Mr Maassen said.

    ...

    “BfV head Hans-Georg Maassen said Ger­many was a peren­ni­al tar­get of a hack­er gang known as Sofacy/APT 28 that some oth­er experts also believe has close links with the Russ­ian state. This group is believed by secu­ri­ty experts to be affil­i­at­ed with the Pawn Storm group that has been accused of tar­get­ing the CDU par­ty.”

    Note that the “oth­er experts” who also believe APT28 has close links with the Russ­ian state the arti­cle links to is the pri­va­cy secu­ri­ty firm Fire­Eye, which also played a role ana­lyz­ing the DNC hacks.

    Also note that APT28 was believed to have formed in 2004 and had been attack­ing Ger­many insti­tu­tions for more than a decade accord­ing to the BfV:

    ...

    Sofacy/APT 28 is believed to have been formed in 2004 and has been blamed for a wide range of attacks on both gov­ern­ments and finan­cial insti­tu­tions.

    The attacks on Ger­man state organ­i­sa­tions and insti­tu­tions were car­ried out to gath­er intel­li­gence data, Mr Maassen said.

    He added that his agency had been mon­i­tor­ing the group for years. He said some of its hack attacks on Ger­many had been ongo­ing for more than a decade.
    ...

    So when we’re assess­ing the sources of infor­ma­tion that are cur­rent­ly point­ing in the direc­tion of “Fan­cy Bear” and “Cozy Bear” being part of a Krem­lin-backed hack­ing group, keep in mind that the BvF has appar­ent­ly been mon­i­tor­ing them for years.

    Oh, and also note that there was an update back in Decem­ber from the Ger­man gov­ern­ment regard­ing its assess­ment of the 2015 Bundgestag hacks that it attrib­uted to APT28 and Rus­sia: while it asserts the hacks did indeed take place, the leaked doc­u­ments were lat­er deter­mined to be an insid­er leak (via Google trans­late):

    Frank­furter All­ge­meine Poli­tik

    Wik­ileaks source for rev­e­la­tions in the Bun­destag sus­pects

    After the pub­li­ca­tion of thou­sands of doc­u­ments from the NSA inves­ti­ga­tion com­mit­tee, Russ­ian hack­ers had recent­ly been sus­pect­ed. Now the author­i­ties are leav­ing a leak in the Bun­destag itself.
    17.12.2016

    After the pub­li­ca­tion of con­fi­den­tial files from the NSA inves­ti­ga­tion com­mit­tee the Bun­destagspolizei is look­ing for the per­pe­tra­tors in par­lia­ment, as the news mag­a­zine “Spiegel” reports. “A vio­la­tion of secre­cy and a spe­cial duty of secre­cy” is con­firmed, a Bun­destag spokesman con­firmed to the mag­a­zine. Bun­destag Pres­i­dent Nor­bert Lam­mert (CDU) had approved the inves­ti­ga­tion against unknown. The Ger­man Bun­destag is a sep­a­rate police zone.

    Accord­ing to the report, fed­er­al secu­ri­ty author­i­ties are con­vinced that not hack­ers had stolen the 2420 doc­u­ments pub­lished by the Inter­net plat­form Wik­ileaks in ear­ly Decem­ber. There was cer­tain­ly no evi­dence that the mate­r­i­al had been stolen in the cyber attack on the Bun­destag in 2015, it was called into secu­ri­ty crises.

    The “mir­ror” point­ed out that the Wik­ileaks mate­r­i­al cov­ered 90 giga­bytes, but the infil­trat­ed Bun­destagsrech­n­ern only 16 giga­bytes of data were stolen. The Cyber­at­tacke appar­ent­ly also had no mem­bers of the Bun­destag or employ­ees from the envi­ron­ment of the NSA inves­ti­ga­tion com­mit­tee affect­ed.

    The “Frank­furter All­ge­meine Son­ntagszeitung” had cit­ed a high secu­ri­ty offi­cer a week ago with the words that there was “high plau­si­bil­i­ty” for the fact that the secrets pub­lished by Wik­ileaks were cap­tured in the cyber attack on the Bun­destag. Russ­ian hack­ers are respon­si­ble for the attack. Also the com­mit­tee chair­man Patrick Sens­burg (CDU) had not exclud­ed a for­eign hack­er attack imme­di­ate­ly after the pub­li­ca­tion of the doc­u­ments.

    Accord­ing to Wik­iLeaks, the approx­i­mate­ly 2400 doc­u­ments come from var­i­ous fed­er­al agen­cies such as the Bun­desnachrich­t­en­di­enst and the fed­er­al offices for con­sti­tu­tion­al pro­tec­tion and secu­ri­ty in infor­ma­tion tech­nol­o­gy. The doc­u­ments are intend­ed to pro­vide evi­dence of coop­er­a­tion between the US Nation­al Secu­ri­ty Agency (NSA) and the BND.

    ...

    “Accord­ing to the report, fed­er­al secu­ri­ty author­i­ties are con­vinced that not hack­ers had stolen the 2420 doc­u­ments pub­lished by the Inter­net plat­form Wik­ileaks in ear­ly Decem­ber. There was cer­tain­ly no evi­dence that the mate­r­i­al had been stolen in the cyber attack on the Bun­destag in 2015, it was called into secu­ri­ty crises.”

    Yes, we get auto-trans­lat­ed argle-bar­gle thanks to the dearth of Eng­lish lan­guage report­ing on this Decem­ber update. But that sure sounds like the released Bun­destag NSA doc­u­ments were deter­mined to NOT be part of the 2015 hack but instead was done by a leak­er. A leak­er that the Bun­destagspolizei is still look­ing for:

    ...

    After the pub­li­ca­tion of con­fi­den­tial files from the NSA inves­ti­ga­tion com­mit­tee the Bun­destagspolizei is look­ing for the per­pe­tra­tors in par­lia­ment, as the news mag­a­zine “Spiegel” reports. “A vio­la­tion of secre­cy and a spe­cial duty of secre­cy” is con­firmed, a Bun­destag spokesman con­firmed to the mag­a­zine. Bun­destag Pres­i­dent Nor­bert Lam­mert (CDU) had approved the inves­ti­ga­tion against unknown. The Ger­man Bun­destag is a sep­a­rate police zone.

    ...

    So that hap­pened, and it might con­tain a rather impor­tant les­son regard­ing the DNC. How so? Well, as the arti­cle below high­lights, when it comes to the DNC’s serv­er and the rel­a­tive­ly weak IT secu­ri­ty that was being employed, it’s entire­ly pos­si­ble that the DNC serv­er was indeed hacked, but that the release of doc­u­ments was due to an inde­pen­dent insid­er leak. And giv­en that both APT28 and APT29 were deter­mined to have hacked that serv­er, but seem­ing­ly behaved as if they did­n’t real­ize the oth­er group was there too, it’s entire­ly pos­si­ble that the DNC was inde­pen­dent­ly hacked mul­ti­ple enti­ties in addi­tion to a pos­si­ble insid­er leak.

    But as the arti­cle below also points out, it’s entire­ly pos­si­ble that “APT28” and “APT29” aren’t even dis­tinct enti­ties at all. Why? Because the con­clu­sion by firms like Fire­Eye and Crowd­strike that there are these two groups, “APT28” and “APT29”, that were leav­ing years of elec­tron­ic trails from all their hack­ing activ­i­ties isn’t based on any dis­tinct “APT28” or “APT29” call­ing card. It’s based on the tool sets of hack­ing tools and infra­struc­ture (like servers) used by these groups. And those tool sets used by APT28 and APT29 are read­i­ly avail­able on the Dark Web and cir­cu­lat­ing among hack­er com­mu­ni­ties as was the infra­struc­ture. In oth­er words, it’s entire­ly pos­si­ble that that a wide vari­ety of skilled hack­ers have access to the exact same hack­ing tools that were used by groups like Fire­Eye and Crowd­strike to unique­ly iden­ti­fy APT28/29 and the same sets of cor­rupt­ed servers. And since so much of the rest of the evi­dence that was used to attribute the hack­ing evi­dence to Russ­ian hack­ers is based on read­i­ly spoofa­ble infor­ma­tion — like the cyril­lic char­ac­ters in a hacked doc­u­ment or that the hack­ing tool set code appeared to be com­piled dur­ing Moscow work­ing hours...all spoofa­ble evi­dence — it very pos­si­ble that the evi­dence used to attribute these hacks to Krem­lin-backed hack­ers could have been spoofed by a wide vari­ety of pos­si­ble cul­prits:

    Counter Punch

    Did the Rus­sians Real­ly Hack the DNC?

    by Gre­go­ry Elich
    Jan­u­ary 13, 2017

    Rus­sia, we are told, breached the servers of the Demo­c­ra­t­ic Nation­al Com­mit­tee (DNC), swiped emails and oth­er doc­u­ments, and released them to the pub­lic, to alter the out­come of the U.S. pres­i­den­tial elec­tion.

    How sub­stan­tial is the evi­dence back­ing these asser­tions?

    Hired by the Demo­c­ra­t­ic Nation­al Com­mit­tee to inves­ti­gate unusu­al net­work activ­i­ty, the secu­ri­ty firm Crowd­strike dis­cov­ered two sep­a­rate intru­sions on DNC servers. Crowd­strike named the two intrud­ers Cozy Bear and Fan­cy Bear, in an allu­sion to what it felt were Russ­ian sources. Accord­ing to Crowd­strike, “Their trade­craft is superb, oper­a­tional secu­ri­ty sec­ond to none,” and “both groups were con­stant­ly going back into the envi­ron­ment” to change code and meth­ods and switch com­mand and con­trol chan­nels.

    On what basis did Crowd­strike attribute these breach­es to Russ­ian intel­li­gence ser­vices? The secu­ri­ty firm claims that the tech­niques used were sim­i­lar to those deployed in past secu­ri­ty hack­ing oper­a­tions that have been attrib­uted to the same actors, while the pro­file of pre­vi­ous vic­tims “close­ly mir­rors the strate­gic inter­ests of the Russ­ian gov­ern­ment. Fur­ther­more, it appeared that the intrud­ers were unaware of each other’s pres­ence in the DNC sys­tem. “While you would vir­tu­al­ly nev­er see West­ern intel­li­gence agen­cies going after the same tar­get with­out de-con­flic­tion for fear of com­pro­mis­ing each other’s oper­a­tions,” Crowd­strike reports, “in Rus­sia this is not an uncom­mon sce­nario.” [1]

    Those may be indi­ca­tors of Russ­ian gov­ern­ment cul­pa­bil­i­ty. But then again, per­haps not. Regard­ing the point about sep­a­rate intrud­ers, each oper­at­ing inde­pen­dent­ly of the oth­er, that would seem to more like­ly indi­cate that the sources have noth­ing in com­mon.

    Each of the two intru­sions act­ed as an advanced per­sis­tent threat (APT), which is an attack that resides unde­tect­ed on a net­work for a long time. The goal of an APT is to exfil­trate data from the infect­ed sys­tem rather than inflict dam­age. Sev­er­al names have been giv­en to these two actors, and most com­mon­ly Fan­cy Bear is known as APT28, and Cozy Bear as APT29.

    The fact that many of the tech­niques used in the hack resem­bled, in vary­ing degrees, past attacks attrib­uted to Rus­sia may not nec­es­sar­i­ly car­ry as much sig­nif­i­cance as we are led to believe. Once mal­ware is deployed, it tends to be picked up by cyber­crim­i­nals and offered for sale or trade on Deep Web black mar­kets, where any­one can pur­chase it. Exploit kits are espe­cial­ly pop­u­lar sell­ers. Quite often, the code is mod­i­fied for spe­cif­ic uses. Secu­ri­ty spe­cial­ist Josh Pitts demon­strat­ed how easy that process can be, down­load­ing and mod­i­fy­ing nine sam­ples of the Onion­Duke mal­ware, which is thought to have first orig­i­nat­ed with the Russ­ian gov­ern­ment. Pitts reports that this exer­cise demon­strates “how easy it is to repur­pose nation-state code/malware.” [2]

    In anoth­er exam­ple, when Senti­nalOne Research dis­cov­ered the Gyges mal­ware in 2014, it report­ed that it “exhibits sim­i­lar­i­ties to Russ­ian espi­onage mal­ware,” and is “designed to tar­get gov­ern­ment orga­ni­za­tions. It comes as no sur­prise to us that this type of intel­li­gence agency-grade mal­ware would even­tu­al­ly fall into cyber­crim­i­nals’ hands.” The secu­ri­ty firm explains that Gyges is an “exam­ple of how advanced tech­niques and code devel­oped by gov­ern­ments for espi­onage are effec­tive­ly being repur­posed, mod­u­lar­ized and cou­pled with oth­er mal­ware to com­mit cyber­crime.” [3]

    Attri­bu­tion is hard, cyber­se­cu­ri­ty spe­cial­ists often point out. “Once an APT is released into the wild, its spread isn’t con­trolled by the attack­er,” writes Mark McAr­dle. “They can’t pre­vent some­one from ana­lyz­ing it and repur­pos­ing it for their own needs.” Adapt­ing mal­ware “is a well-known real­i­ty,” he con­tin­ues. “Find­ing irrefutable evi­dence that links an attack­er to an attack is vir­tu­al­ly unat­tain­able, so every­thing boils down to assump­tions and judg­ment.” [4]

    Secu­ri­ty Alliance regards secu­ri­ty firm FireEye’s analy­sis that tied APT28 to the Russ­ian gov­ern­ment as based “large­ly on cir­cum­stan­tial evi­dence.” FireEye’s report “explic­it­ly dis­re­gards tar­gets that do not seem to indi­cate spon­sor­ship by a nation-state,” hav­ing exclud­ed var­i­ous tar­gets because they are “not par­tic­u­lar­ly indica­tive of a spe­cif­ic sponsor’s inter­ests.” [5] Fire­Eye report­ed that the APT28 “vic­tim set is nar­row,” which helped lead it to the con­clu­sion that it is a Russ­ian oper­a­tion. Cyber­se­cu­ri­ty con­sul­tant Jef­frey Carr reacts with scorn: “The vic­tim set is nar­row because the report’s authors make it nar­row! In fact, it wasn’t nar­row­ly tar­get­ed at all if you take into account the tar­gets men­tioned by oth­er cyber­se­cu­ri­ty com­pa­nies, not to men­tion those that Fire­Eye delib­er­ate­ly exclud­ed for being ‘not par­tic­u­lar­ly indica­tive of a spe­cif­ic sponsor’s inter­ests’.” [6]

    FireEye’s report from 2014, on which much of the DNC Russ­ian attri­bu­tion is based, found that 89 per­cent of the APT28 soft­ware sam­ples it ana­lyzed were com­piled dur­ing reg­u­lar work­ing hours in St. Peters­burg and Moscow. [7]

    But com­pile times, like lan­guage set­tings, can be eas­i­ly altered to mis­lead inves­ti­ga­tors. Mark McAr­dle won­ders, “If we think about the very high lev­el of design, engi­neer­ing, and test­ing that would be required for such a sophis­ti­cat­ed attack, is it rea­son­able to assume that the attack­er would leave these kinds of bread­crumbs? It’s pos­si­ble. But it’s also pos­si­ble that these things can be used to mis­di­rect atten­tion to a dif­fer­ent par­ty. Poten­tial­ly anoth­er adver­sary. Is this evi­dence the result of slop­pi­ness or a care­ful mis­di­rec­tion?” [8]

    “If the guys are real­ly good,” says Chris Finan, CEO of Man­i­fold Tech­nol­o­gy, “they’re not leav­ing much evi­dence or they’re leav­ing evi­dence to throw you off the scent entire­ly.” [9] How plau­si­ble is it that Russ­ian intel­li­gence ser­vices would fail even to attempt such a fun­da­men­tal step?

    James Scott of the Insti­tute for Crit­i­cal Infra­struc­ture Tech­nol­o­gy points out that the very vul­ner­a­bil­i­ty of the DNC servers con­sti­tutes a mud­died basis on which deter­mine attri­bu­tion. “Attri­bu­tion is less exact in the case of the DNC breach because the mail servers com­pro­mised were not well-secured; the orga­ni­za­tion of a few hun­dred per­son­nel did not prac­tice prop­er cyber-hygiene; the DNC has a glob­al rep­u­ta­tion and is a valu­able tar­get to script kid­dies, hack­tivists, lone-wolf cyber-threat actors, cyber-crim­i­nals, cyber-jihadists, hail-mary threats, and nation-state spon­sored advanced per­sis­tent threats; and because the mal­ware dis­cov­ered on DNC sys­tems were well-known, pub­licly dis­closed, and vari­ants could be pur­chased on Deep Web mar­kets and forums.” [10]

    Some­one, or some group, oper­at­ing under the pseu­do­nym of Guc­cifer 2.0, claimed to be a lone actor in hack­ing the DNC servers. It is unclear what rela­tion – if any – Guc­cifer 2.0 has to either of the two APT attacks on the DNC. In a PDF file that Guc­cifer 2.0 sent to Gawker.com, meta­da­ta indi­cat­ed that it was it was last saved by some­one hav­ing a user­name in Cyril­lic let­ters. Dur­ing the con­ver­sion of the file from Microsoft Word to PDF, invalid hyper­link error mes­sages were auto­mat­i­cal­ly gen­er­at­ed in the Russ­ian lan­guage. [11]

    This would seem to present rather damn­ing evi­dence. But who is Guc­cifer 2.0? A Russ­ian gov­ern­ment oper­a­tion? A pri­vate group? Or a lone hack­tivist? In the poor­ly secured DNC sys­tem, there were almost cer­tain­ly many infil­tra­tors of var­i­ous stripes. Nor can it be ruled out that the meta­da­ta indi­ca­tors were inten­tion­al­ly gen­er­at­ed in the file to mis­di­rect attri­bu­tion. The two APT attacks have been not­ed for their sophis­ti­ca­tion, and these mis­takes – if that is what they are – seem ama­teur­ish. To change the lan­guage set­ting on a com­put­er can be done in a mat­ter of sec­onds, and that would be stan­dard pro­ce­dure for advanced cyber-war­riors. On the oth­er hand, slop­pi­ness on the part of devel­op­ers is not entire­ly unknown. How­ev­er, one would expect a nation-state to enforce strict soft­ware and doc­u­ment han­dling pro­ce­dures and imple­ment rig­or­ous review process­es.

    At any rate, the doc­u­ments post­ed to the Guc­cifer 2.0 blog do not nec­es­sar­i­ly orig­i­nate from the same source as those pub­lished by Wik­iLeaks. Cer­tain­ly, none of the doc­u­ments post­ed to Wik­iLeaks pos­sess the same meta­da­ta issues. And one hack­ing oper­a­tion does not pre­clude anoth­er, let alone an insid­er leak.

    APT28 relied on XTun­nel, repur­posed from open source code that is avail­able to any­one, to open net­work ports and siphon data. The inter­est­ing thing about the soft­ware is its fail­ure to match the lev­el of sophis­ti­ca­tion claimed for APT28. The strings in the code quite trans­par­ent­ly indi­cate its intent, with no attempt at obfus­ca­tion. [12] It seems an odd over­sight for a nation-state oper­a­tion, in which plau­si­ble deni­a­bil­i­ty would be essen­tial, to over­look that glar­ing point dur­ing soft­ware devel­op­ment.

    Com­mand-and-con­trol servers remote­ly issue mali­cious com­mands to infect­ed machines. Odd­ly, for such a key com­po­nent of the oper­a­tion, the com­mand-and-con­trol IP address in both attacks was hard-cod­ed in the mal­ware. This seems like anoth­er inex­plic­a­ble choice, giv­en that the point of an advanced per­sis­tent threat is to oper­ate for an extend­ed peri­od with­out detec­tion. A more suit­able approach would be to use a Domain Name Sys­tem (DNS) address, which is a decen­tral­ized com­put­er nam­ing sys­tem. That would pro­vide a more covert means of iden­ti­fy­ing the com­mand-and-con­trol serv­er. [13] More­over, one would expect that address to be encrypt­ed. Using a DNS address would also allow the com­mand-and-con­trol oper­a­tion to eas­i­ly move to anoth­er serv­er if its loca­tion is detect­ed, with­out the need to mod­i­fy and rein­stall the code.

    One of the IP address­es is claimed to be a “well-known APT 28” com­mand-and-con­trol address, while the sec­ond is said to be linked to Russ­ian mil­i­tary intel­li­gence. [14] The first address points to a serv­er locat­ed in San Jose, Cal­i­for­nia, and is oper­at­ed by a serv­er host­ing ser­vice. [15] The sec­ond serv­er [16] Clear­ly, these are servers that have been com­pro­mised by hack­ers. It is cus­tom­ary for hack­ers to route their attacks through vul­ner­a­ble com­put­ers. The IP address­es of com­pro­mised com­put­ers are wide­ly avail­able on the Deep Web, and typ­i­cal­ly a hacked serv­er will be used by mul­ti­ple threat actors. These two par­tic­u­lar servers may or may not have been reg­u­lar­ly uti­lized by Russ­ian Intel­li­gence, but they were not unique­ly so used. Almost cer­tain­ly, many oth­er hack­ers would have used the same machines, and it can­not be said that these IP address­es unique­ly iden­ti­fy an infil­tra­tor. Indeed, the sec­ond IP address is asso­ci­at­ed with the com­mon Tro­jan virus­es Agent-APPR and Shun­nael. [17]

    “Every­one is focused on attri­bu­tion, but we may be miss­ing the big­ger truth,” says Joshua Cro­man, Direc­tor of the Cyber State­craft Ini­tia­tive at the Atlantic Coun­cil. “[T]he lev­el of sophis­ti­ca­tion required to do this hack was so low that near­ly any­one could do it.” [18]

    In answer to crit­ics, the Depart­ment of Home­land Secu­ri­ty and the FBI issued a joint analy­sis report, which pre­sent­ed “tech­ni­cal details regard­ing the tools and infra­struc­ture used” by Russ­ian intel­li­gence ser­vices “to com­pro­mise and exploit net­works” asso­ci­at­ed with the U.S. elec­tion, U.S. gov­ern­ment, polit­i­cal, and pri­vate sec­tor enti­ties. The report code-named these activ­i­ties “Griz­zly Steppe.” [19]

    For a doc­u­ment that pur­ports to offer strong evi­dence on behalf of U.S. gov­ern­ment alle­ga­tions of Russ­ian cul­pa­bil­i­ty, it is strik­ing how weak and slop­py the con­tent is. Includ­ed in the report is a list of every threat group ever said to be asso­ci­at­ed with the Russ­ian gov­ern­ment, most of which are unre­lat­ed to the DNC hack. It appears that var­i­ous gov­ern­men­tal orga­ni­za­tions were asked to send a list of Russ­ian threats, and then an offi­cial lack­ing IT back­ground com­piled that infor­ma­tion for the report, and the result is a mish­mash of threat groups, soft­ware, and tech­niques. “Pow­er­Shell back­door,” for instance, is a method used by many hack­ers, and in no way describes a Russ­ian oper­a­tion.

    Indeed, one must take the list on faith, because nowhere in the doc­u­ment is any evi­dence pro­vid­ed to back up the claim of a Russ­ian con­nec­tion. Indeed, as the major­i­ty of items on the list are unre­lat­ed to the DNC hack, one won­ders what the point is. But it bears repeat­ing: even where soft­ware can be traced to Russ­ian orig­i­na­tion, it does not nec­es­sar­i­ly indi­cate exclu­sive usage. Jef­frey Carr explains: “Once mal­ware is deployed, it is no longer under the con­trol of the hack­er who deployed it or the devel­op­er who cre­at­ed it. It can be reverse-engi­neered, copied, mod­i­fied, shared and rede­ployed again and again by any­one.” Carr quotes secu­ri­ty firm ESET in regard to the Sed­nit group, one of the items on the report’s list, and which is anoth­er name for APT28: “As secu­ri­ty researchers, what we call ‘the Sed­nit group’ is mere­ly a set of soft­ware and the relat­ed infra­struc­ture, which we can hard­ly cor­re­late with any spe­cif­ic orga­ni­za­tion.” Carr points out that X‑Agent soft­ware, which is said to have been uti­lized in the DNC hack, was eas­i­ly obtained by ESET for analy­sis. “If ESET could do it, so can oth­ers. It is both fool­ish and base­less to claim, as Crowd­strike does, that X‑Agent is used sole­ly by the Russ­ian gov­ern­ment when the source code is there for any­one to find and use at will.” [20]

    The salient impres­sion giv­en by the government’s report is how devoid of evi­dence it is. For that mat­ter, the major­i­ty of the con­tent is tak­en up by what secu­ri­ty spe­cial­ist John Hin­der­ak­er describes as “pedes­tri­an advice to IT pro­fes­sion­als about com­put­er secu­ri­ty.” As for the report’s indi­ca­tors of com­pro­mise (IoC), Hin­der­ak­er char­ac­ter­izes these as “tools that are freely avail­able and IP address­es that are used by hack­ers around the world.” [21]

    In con­junc­tion with the report, the FBI and Depart­ment of Home­land Secu­ri­ty pro­vid­ed a list of IP address­es it iden­ti­fied with Russ­ian intel­li­gence ser­vices. [22] Word­fence ana­lyzed the IP address­es as well as a PHP mal­ware script pro­vid­ed by the Depart­ment of Home­land Secu­ri­ty. In ana­lyz­ing the source code, Word­fence dis­cov­ered that the soft­ware used was P.A.S., ver­sion 3.1.0. It then found that the web­site that man­u­fac­tures the mal­ware had a site coun­try code indi­cat­ing that it is Ukrain­ian. The cur­rent ver­sion of the P.A.S. soft­ware is 4.1.1, which is much new­er than that used in the DNC hack, and the lat­est ver­sion has changed “quite sub­stan­tial­ly.” Word­fence notes that not only is the soft­ware “com­mon­ly avail­able,” but also that it would be rea­son­able to expect “Russ­ian intel­li­gence oper­a­tives to devel­op their own tools or at least use cur­rent mali­cious tools from out­side sources.” To put it plain­ly, Word­fence con­cludes that the mal­ware sam­ple “has no appar­ent rela­tion­ship with Russ­ian intel­li­gence.” [23]

    Word­fence also ana­lyzed the government’s list of 876 IP address­es includ­ed as indi­ca­tors of com­pro­mise. The sites are wide­ly dis­persed geo­graph­i­cal­ly, and of those with a known loca­tion, the Unit­ed States has the largest num­ber. A large num­ber of the IP address­es belong to low-cost serv­er host­ing com­pa­nies. “A com­mon pat­tern that we see in the indus­try,” Word­fence states, “is that accounts at these hosts are com­pro­mised and those hacked sites are used to launch attacks around the web.” Fif­teen per­cent of the IP address­es are cur­rent­ly Tor exit nodes. “These exit nodes are used by any­one who wants to be anony­mous online, includ­ing mali­cious actors.” [24]

    If one also takes into account the IP address­es that not only point to cur­rent Tor exits, but also those that once belonged to Tor exit nodes, then these com­prise 42 per­cent of the government’s list. [25] “The fact that so many of the IPs are Tor address­es reveals the true slop­pi­ness of the report,” con­cludes net­work secu­ri­ty spe­cial­ist Jer­ry Gam­blin. [26]

    Cyber­se­cu­ri­ty ana­lyst Robert Gra­ham was par­tic­u­lar­ly blis­ter­ing in his assess­ment of the government’s report, char­ac­ter­iz­ing it as “full of garbage.” The report fails to tie the indi­ca­tors of com­pro­mise to the Russ­ian gov­ern­ment. “It con­tains sig­na­tures of virus­es that are pub­licly avail­able, used by hack­ers around the world, not just Rus­sia. It con­tains a long list of IP address­es from per­fect­ly nor­mal ser­vices, like Tor, Google, Drop­box, Yahoo, and so forth. Yes, hack­ers use Yahoo for phish­ing and mal­ad­ver­tis­ing. It doesn’t mean every access of Yahoo is an ‘indi­ca­tor of com­pro­mise’.” Gra­ham com­pared the list of IP address­es against those accessed by his web brows­er, and found two match­es. “No,” he con­tin­ues. “This doesn’t mean I’ve been hacked. It means I just had a nor­mal inter­ac­tion with Yahoo. It means the Griz­zly Steppe IoCs are garbage.” Gra­ham goes on to point out that “what real­ly hap­pened” with the sup­posed Russ­ian hack into the Ver­mont pow­er grid “is that some­body just checked their Yahoo email, there­by access­ing one of the same IP address­es I did. How they get from the facts (one per­son accessed Yahoo email) to the sto­ry (Rus­sians hacked pow­er grid)” is U.S. gov­ern­ment “mis­in­for­ma­tion.” [27]

    The indi­ca­tors of com­pro­mise, in Graham’s assess­ment, were “pub­lished as a polit­i­cal tool, to prove they have evi­dence point­ing to Rus­sia.” As for the P.A.S. web shell, it is “used by hun­dreds if not thou­sands of hack­ers, most­ly asso­ci­at­ed with Rus­sia, but also through­out the rest of the world.” Rely­ing on the government’s sam­ple for attri­bu­tion is prob­lem­at­ic: “Just because you found P.A.S. in two dif­fer­ent places doesn’t mean it’s the same hack­er.” A web shell “is one of the most com­mon things hack­ers use once they’ve bro­ken into a serv­er,” Gra­ham observes. [28]

    Although cyber­se­cu­ri­ty ana­lyst Robert M. Lee is inclined to accept the government’s posi­tion on the DNC hack, he feels the joint analy­sis report “reads like a poor­ly done ven­dor intel­li­gence report string­ing togeth­er var­i­ous aspects of attri­bu­tion with­out evi­dence.” The report’s list “detracts from the con­fi­dence because of the inter­weav­ing of unre­lat­ed data.” The infor­ma­tion pre­sent­ed is not sourced, he adds. “It’s a ran­dom col­lec­tion of infor­ma­tion and in that way, is most­ly use­less.” Indeed, the indi­ca­tors of com­pro­mise have “a high rate of false pos­i­tives for defend­ers that use them.” [29]

    ...

    The intent of the joint analy­sis report was to pro­vide evi­dence of Russ­ian state respon­si­bil­i­ty for the DNC hack. But nowhere does it do so. Mere asser­tions are meant to per­suade. How much evi­dence does the gov­ern­ment have? The Demo­c­ra­t­ic Par­ty claims that the FBI nev­er request­ed access to DNC servers. [32] The FBI, for its part, says it made “mul­ti­ple requests” for access to the DNC servers and was repeat­ed­ly turned down. [33] Either way, it is a remark­able admis­sion. In a case like this, the FBI would typ­i­cal­ly con­duct its own inves­ti­ga­tion. Was the DNC afraid the FBI might come to a dif­fer­ent con­clu­sion than the DNC-hired secu­ri­ty firm Crowd­strike? The FBI was left to rely on what­ev­er evi­dence Crowd­strike chose to sup­ply. Dur­ing its analy­sis of DNC servers, Crowd­strike reports that it found evi­dence of APT28 and APT29 intru­sions with­in two hours. Did it stop there, sat­is­fied with what it had found? Or did it con­tin­ue to explore whether addi­tion­al intru­sions by oth­er actors had tak­en place?

    In an attempt to fur­ther inflame the hys­te­ria gen­er­at­ed from accu­sa­tions of Russ­ian hack­ing, the Office of the Direc­tor of Nation­al Intel­li­gence pub­lished a declas­si­fied ver­sion of a doc­u­ment briefed to U.S. offi­cials. The infor­ma­tion was sup­plied by the CIA, FBI, and Nation­al Secu­ri­ty Agency, and was meant to cement the government’s case. Not sur­pris­ing­ly, the report received a warm wel­come in the main­stream media, but what is notable is that it offers not a sin­gle piece of evi­dence to sup­port its claim of “high con­fi­dence” in assess­ing that Rus­sia hacked the DNC and released doc­u­ments to Wik­iLeaks. Instead, the bulk of the report is an unhinged dia­tribe against Russ­ian-owned RT media. The con­tent is rife with inac­cu­ra­cies and absur­di­ties. Among the heinous actions RT is accused of are hav­ing run “anti-frack­ing pro­gram­ming, high­light­ing envi­ron­men­tal issues and the impacts on health issues,” air­ing a doc­u­men­tary on Occu­py Wall Street, and host­ing third-par­ty can­di­dates dur­ing the 2012 elec­tion.[34]

    The report would be laugh­able, were it not for the fact that it is being played up for pro­pa­gan­da effect, bypass­ing log­ic and appeal­ing direct­ly to unex­am­ined emo­tion. The 2016 elec­tion should have been a wake-up call for the Demo­c­ra­t­ic Par­ty. Instead, pre­dictably enough, no self-exam­i­na­tion has tak­en place, as the par­ty dou­bles down on the neolib­er­al poli­cies that have impov­er­ished tens of mil­lions, and back­ing mil­i­tary inter­ven­tions that have sown so much death and chaos. Instead of thought­ful analy­sis, the par­ty is lash­ing out and blam­ing Rus­sia for its loss to an oppo­nent that even a mere­ly weak can­di­date would have beat­en hand­i­ly.

    Main­stream media start with the premise that the Russ­ian gov­ern­ment was respon­si­ble, despite a lack of con­vinc­ing evi­dence. They then leap to the fal­la­cious con­clu­sion that because Rus­sia hacked the DNC, only it could have leaked the doc­u­ments.

    So, did the Russ­ian gov­ern­ment hack the DNC and feed doc­u­ments to Wik­iLeaks? There are real­ly two ques­tions here: who hacked the DNC, and who released the DNC doc­u­ments? These are not nec­es­sar­i­ly the same. An ear­li­er intru­sion into Ger­man par­lia­ment servers was blamed on the Rus­sians, yet the release of doc­u­ments to Wik­iLeaks is thought to have orig­i­nat­ed from an insid­er. [35] Had the Rus­sians hacked into the DNC, it may have been to gath­er intel­li­gence, while anoth­er actor released the doc­u­ments. But it is far from cer­tain that Russ­ian intel­li­gence ser­vices had any­thing to do with the intru­sions. Julian Assange says that he did not receive the DNC doc­u­ments from a nation-state. It has been point­ed out that Rus­sia could have used a third par­ty to pass along the mate­r­i­al. Fair enough, but for­mer UK diplo­mat Craig Mur­ray asserts: “I know who the source is… It’s from a Wash­ing­ton insid­er. It’s not from Rus­sia.” [36]

    There are too many incon­sis­ten­cies and holes in the offi­cial sto­ry. In all like­li­hood, there were mul­ti­ple intru­sions into DNC servers, not all of which have been iden­ti­fied. The pub­lic ought to be wary of quick claims of attri­bu­tion. It requires a long and involved process to arrive at a plau­si­ble iden­ti­fi­ca­tion, and in many cas­es the source can nev­er be deter­mined. As Jef­frey Carr explains, “It’s impor­tant to know that the process of attribut­ing an attack by a cyber­se­cu­ri­ty com­pa­ny has noth­ing to do with the sci­en­tif­ic method. Claims of attri­bu­tion aren’t testable or repeat­able because the hypoth­e­sis is nev­er proven right or wrong.” [37]

    Rus­sia-bash­ing is in full swing, and there does not appear to be any let­up in sight. We are plung­ing head­long into a new Cold War, rid­ing on a wave of pro­pa­gan­da-induced hys­te­ria. The self-serv­ing claims fuel­ing this cam­paign need to be chal­lenged every step of the way. Sur­ren­der­ing to evi­dence-free emo­tion­al appeals would only serve those who arro­gant­ly advo­cate con­fronta­tion and geopo­lit­i­cal dom­i­na­tion.

    ...

    So, did the Russ­ian gov­ern­ment hack the DNC and feed doc­u­ments to Wik­iLeaks? There are real­ly two ques­tions here: who hacked the DNC, and who released the DNC doc­u­ments? These are not nec­es­sar­i­ly the same. An ear­li­er intru­sion into Ger­man par­lia­ment servers was blamed on the Rus­sians, yet the release of doc­u­ments to Wik­iLeaks is thought to have orig­i­nat­ed from an insid­er. [35] Had the Rus­sians hacked into the DNC, it may have been to gath­er intel­li­gence, while anoth­er actor released the doc­u­ments. But it is far from cer­tain that Russ­ian intel­li­gence ser­vices had any­thing to do with the intru­sions. Julian Assange says that he did not receive the DNC doc­u­ments from a nation-state. It has been point­ed out that Rus­sia could have used a third par­ty to pass along the mate­r­i­al. Fair enough, but for­mer UK diplo­mat Craig Mur­ray asserts: “I know who the source is… It’s from a Wash­ing­ton insid­er. It’s not from Rus­sia.” [36]

    And that right there points to one of the most fas­ci­nat­ing pos­si­bil­i­ties in this DNC hack sit­u­a­tion: it’s pos­si­ble that the Krem­lin can’t hon­est­ly deny that Russ­ian hack­ers hacked the DNC because they real­ly did hack the DNC, but did­n’t actu­al­ly release the infor­ma­tion and instead it was either an insid­er leak or an entire­ly dif­fer­ent set of hack­ers that stole those doc­u­ments and hand­ed them over to Wik­ileaks. Would­n’t that be a doozy of a clusterf#ck.

    And if that seems too improb­a­bly, keep in mind that APT28 and 29 appeared to both hack the DNC simul­ta­ne­ous­ly with­out real­iz­ing the oth­er one was there and also keep in mind that the attri­bu­tion of an attack to either APT28 or APT29 or any indi­vid­ual hack­ing group when your assess­ment is based on things like which read­i­ly-avail­able hack­ing tool set they used or which cor­rupt­ed servers they launched the attack from is excep­tion­al­ly dif­fi­cult:

    ...

    Indeed, one must take the list on faith, because nowhere in the doc­u­ment is any evi­dence pro­vid­ed to back up the claim of a Russ­ian con­nec­tion. Indeed, as the major­i­ty of items on the list are unre­lat­ed to the DNC hack, one won­ders what the point is. But it bears repeat­ing: even where soft­ware can be traced to Russ­ian orig­i­na­tion, it does not nec­es­sar­i­ly indi­cate exclu­sive usage. Jef­frey Carr explains: “Once mal­ware is deployed, it is no longer under the con­trol of the hack­er who deployed it or the devel­op­er who cre­at­ed it. It can be reverse-engi­neered, copied, mod­i­fied, shared and rede­ployed again and again by any­one.” Carr quotes secu­ri­ty firm ESET in regard to the Sed­nit group, one of the items on the report’s list, and which is anoth­er name for APT28: “As secu­ri­ty researchers, what we call ‘the Sed­nit group’ is mere­ly a set of soft­ware and the relat­ed infra­struc­ture, which we can hard­ly cor­re­late with any spe­cif­ic orga­ni­za­tion.” Carr points out that X‑Agent soft­ware, which is said to have been uti­lized in the DNC hack, was eas­i­ly obtained by ESET for analy­sis. “If ESET could do it, so can oth­ers. It is both fool­ish and base­less to claim, as Crowd­strike does, that X‑Agent is used sole­ly by the Russ­ian gov­ern­ment when the source code is there for any­one to find and use at will.” [20]

    ...

    “Carr quotes secu­ri­ty firm ESET in regard to the Sed­nit group, one of the items on the report’s list, and which is anoth­er name for APT28: “As secu­ri­ty researchers, what we call ‘the Sed­nit group’ is mere­ly a set of soft­ware and the relat­ed infra­struc­ture, which we can hard­ly cor­re­late with any spe­cif­ic orga­ni­za­tion.””

    And what about the evi­dence that would appear to direct­ly attribute these hacks to Russ­ian hack­ers?

    ...
    Secu­ri­ty Alliance regards secu­ri­ty firm FireEye’s analy­sis that tied APT28 to the Russ­ian gov­ern­ment as based “large­ly on cir­cum­stan­tial evi­dence.” FireEye’s report “explic­it­ly dis­re­gards tar­gets that do not seem to indi­cate spon­sor­ship by a nation-state,” hav­ing exclud­ed var­i­ous tar­gets because they are “not par­tic­u­lar­ly indica­tive of a spe­cif­ic sponsor’s inter­ests.” [5] Fire­Eye report­ed that the APT28 “vic­tim set is nar­row,” which helped lead it to the con­clu­sion that it is a Russ­ian oper­a­tion. Cyber­se­cu­ri­ty con­sul­tant Jef­frey Carr reacts with scorn: “The vic­tim set is nar­row because the report’s authors make it nar­row! In fact, it wasn’t nar­row­ly tar­get­ed at all if you take into account the tar­gets men­tioned by oth­er cyber­se­cu­ri­ty com­pa­nies, not to men­tion those that Fire­Eye delib­er­ate­ly exclud­ed for being ‘not par­tic­u­lar­ly indica­tive of a spe­cif­ic sponsor’s inter­ests’.” [6]

    FireEye’s report from 2014, on which much of the DNC Russ­ian attri­bu­tion is based, found that 89 per­cent of the APT28 soft­ware sam­ples it ana­lyzed were com­piled dur­ing reg­u­lar work­ing hours in St. Peters­burg and Moscow. [7]

    But com­pile times, like lan­guage set­tings, can be eas­i­ly altered to mis­lead inves­ti­ga­tors. Mark McAr­dle won­ders, “If we think about the very high lev­el of design, engi­neer­ing, and test­ing that would be required for such a sophis­ti­cat­ed attack, is it rea­son­able to assume that the attack­er would leave these kinds of bread­crumbs? It’s pos­si­ble. But it’s also pos­si­ble that these things can be used to mis­di­rect atten­tion to a dif­fer­ent par­ty. Poten­tial­ly anoth­er adver­sary. Is this evi­dence the result of slop­pi­ness or a care­ful mis­di­rec­tion?” [8]
    ...

    Some­one, or some group, oper­at­ing under the pseu­do­nym of Guc­cifer 2.0, claimed to be a lone actor in hack­ing the DNC servers. It is unclear what rela­tion – if any – Guc­cifer 2.0 has to either of the two APT attacks on the DNC. In a PDF file that Guc­cifer 2.0 sent to Gawker.com, meta­da­ta indi­cat­ed that it was it was last saved by some­one hav­ing a user­name in Cyril­lic let­ters. Dur­ing the con­ver­sion of the file from Microsoft Word to PDF, invalid hyper­link error mes­sages were auto­mat­i­cal­ly gen­er­at­ed in the Russ­ian lan­guage. [11]

    This would seem to present rather damn­ing evi­dence. But who is Guc­cifer 2.0? A Russ­ian gov­ern­ment oper­a­tion? A pri­vate group? Or a lone hack­tivist? In the poor­ly secured DNC sys­tem, there were almost cer­tain­ly many infil­tra­tors of var­i­ous stripes. Nor can it be ruled out that the meta­da­ta indi­ca­tors were inten­tion­al­ly gen­er­at­ed in the file to mis­di­rect attri­bu­tion. The two APT attacks have been not­ed for their sophis­ti­ca­tion, and these mis­takes – if that is what they are – seem ama­teur­ish. To change the lan­guage set­ting on a com­put­er can be done in a mat­ter of sec­onds, and that would be stan­dard pro­ce­dure for advanced cyber-war­riors. On the oth­er hand, slop­pi­ness on the part of devel­op­ers is not entire­ly unknown. How­ev­er, one would expect a nation-state to enforce strict soft­ware and doc­u­ment han­dling pro­ce­dures and imple­ment rig­or­ous review process­es.

    ...

    And how about the com­mand-and-con­trol servers that was part of the com­mon “infra­struc­ture” used to attribute these hacks to APT28/APT29:

    ...

    Com­mand-and-con­trol servers remote­ly issue mali­cious com­mands to infect­ed machines. Odd­ly, for such a key com­po­nent of the oper­a­tion, the com­mand-and-con­trol IP address in both attacks was hard-cod­ed in the mal­ware. This seems like anoth­er inex­plic­a­ble choice, giv­en that the point of an advanced per­sis­tent threat is to oper­ate for an extend­ed peri­od with­out detec­tion. A more suit­able approach would be to use a Domain Name Sys­tem (DNS) address, which is a decen­tral­ized com­put­er nam­ing sys­tem. That would pro­vide a more covert means of iden­ti­fy­ing the com­mand-and-con­trol serv­er. [13] More­over, one would expect that address to be encrypt­ed. Using a DNS address would also allow the com­mand-and-con­trol oper­a­tion to eas­i­ly move to anoth­er serv­er if its loca­tion is detect­ed, with­out the need to mod­i­fy and rein­stall the code.

    One of the IP address­es is claimed to be a “well-known APT 28” com­mand-and-con­trol address, while the sec­ond is said to be linked to Russ­ian mil­i­tary intel­li­gence. [14] The first address points to a serv­er locat­ed in San Jose, Cal­i­for­nia, and is oper­at­ed by a serv­er host­ing ser­vice. [15] The sec­ond serv­er [16] Clear­ly, these are servers that have been com­pro­mised by hack­ers. It is cus­tom­ary for hack­ers to route their attacks through vul­ner­a­ble com­put­ers. The IP address­es of com­pro­mised com­put­ers are wide­ly avail­able on the Deep Web, and typ­i­cal­ly a hacked serv­er will be used by mul­ti­ple threat actors. These two par­tic­u­lar servers may or may not have been reg­u­lar­ly uti­lized by Russ­ian Intel­li­gence, but they were not unique­ly so used. Almost cer­tain­ly, many oth­er hack­ers would have used the same machines, and it can­not be said that these IP address­es unique­ly iden­ti­fy an infil­tra­tor. Indeed, the sec­ond IP address is asso­ci­at­ed with the com­mon Tro­jan virus­es Agent-APPR and Shun­nael. [17]

    “Every­one is focused on attri­bu­tion, but we may be miss­ing the big­ger truth,” says Joshua Cro­man, Direc­tor of the Cyber State­craft Ini­tia­tive at the Atlantic Coun­cil. “[T]he lev­el of sophis­ti­ca­tion required to do this hack was so low that near­ly any­one could do it.” [18]

    ...

    “Almost cer­tain­ly, many oth­er hack­ers would have used the same machines, and it can­not be said that these IP address­es unique­ly iden­ti­fy an infil­tra­tor. Indeed, the sec­ond IP address is asso­ci­at­ed with the com­mon Tro­jan virus­es Agent-APPR and Shun­nael.”

    So what can we con­clude? Well, for one, if the Krem­lin real­ly did order these hacks, they were pulled off using read­i­ly avail­able out­dat­ed hack­ing tools that are used by hack­ers around the world. And who knows, maybe using out­dat­ed tools that can still get the job done is the method of choice for nation state hack­ing groups sim­ply because that would pro­vide the most plau­si­ble deni­a­bil­i­ty.

    Except in the case of APT28 that’s not the case. At least not always. As Fire­Eye put it in the July 2016 Defense One arti­cle below, where they make the case that the DNC hack­ers want­ed to be caught and were try­ing to send a mes­sage, one of the rea­sons Fire­Eye became con­vinced that these were state-spon­sored groups was the high num­ber of zero-day (nev­er seen before) exploits they used. Although this was­n’t a ref­er­ence to the DNC hack but instead an unre­lat­ed July 2015 hack which was also attrib­uted to APT28:

    Defense One

    Rus­sia Want­ed to be Caught, Says Com­pa­ny Wag­ing War on the DNC Hack­ers

    By Patrick Tuck­er Read bio

    July 28, 2016

    Point­ing a fin­ger at Rus­sia is easy. Pun­ish­ing them is hard. That’s why they hacked the DNC, accord­ing to the com­pa­ny that first named one of the key sus­pects.

    The Russ­ian groups behind the DNC hack no longer seem to care about get­ting caught. Long before the Krem­lin-spon­sored hack­ing squads APT 28 and APT 29 were mak­ing waves for steal­ing files from the Demo­c­ra­t­ic Nation­al Com­mit­tee, they made an appear­ance in two white papers put out by Fire­Eye. The cyber­se­cu­ri­ty com­pa­ny has been mon­i­tor­ing and ana­lyz­ing the two groups on behalf of cor­po­rate clients for years. In the DNC breach, a com­pa­ny spokesman told Defense One: “They want­ed experts and pol­i­cy­mak­ers to know that Rus­sia is behind it.”

    That fits a pat­tern of increas­ing bold moves over the past year by the groups, which are also known as FANCY BEAR and COZY BEAR, says Christo­pher Porter, the man­ag­er of Hori­zons, the strate­gic intel­li­gence and fore­cast­ing arm of Fire­Eye iSIGHT Intel­li­gence, the company’s threat mon­i­tor­ing divi­sion.

    “We see them now per­sist­ing even when they know that secu­ri­ty pro­fes­sion­als have been called in to remove them from a sys­tem. They con­tin­ue their oper­a­tional pace at a very high lev­el. So that’s a huge risk and a sea change in their behav­ior,” Porter said. “Even when they know they’re caught, they don’t stop the oper­a­tion, nec­es­sar­i­ly.”

    That’s high­ly unusu­al for an advanced per­sis­tent threat. It sig­nals that Rus­sia is will­ing to work in a space nor­mal­ly reserved for crim­i­nals, devot­ing gov­ern­ment resources and act­ing with impuni­ty. That makes them incred­i­bly dif­fi­cult to counter, for the same rea­son the West had no good response to the “lit­tle green men” — the Russ­ian forces that invad­ed Ukraine dis­guised as a organ­ic pop­ulist mil­i­tant move­ment.

    That cam­ou­flaged brazen­ness was also seen in the 2015 hack on the Joint Chiefs of Staff’s non­clas­si­fied email, also attrib­uted to APT 29. The attack­ers were “jump­ing from one com­put­er to anoth­er” in the net­work, accord­ing to a rep­re­sen­ta­tive of the com­pa­ny the Pen­ta­gon hired to fix the dam­age. “A lot of the time you don’t have the com­mand-and-con­trol archi­tec­ture to be able to go in and see the attack,” he said. “So the advanced threat char­ac­ter­is­tics change to be more auto­mat­ed, a kind of per­va­sive deploy­ment using com­mon vul­ner­a­bil­i­ties and exploit­ing them wide­ly.”

    That means that APT 29 has stopped retreat­ing from net­works when they think they’ve been detect­ed. Now they adapt the hack in the open, bob­bing and weav­ing like a fast and clever box­er, taunt­ing the vic­tim to expel them.

    “We’ve even seen them on some sys­tems where they know that there is anti-virus [soft­ware] on a com­put­er inside of a net­work sys­tem that they’re on,” FireEye’s Porter said. “They’re mov­ing lat­er­al­ly with­in a net­work. They know that their tool is going to be detect­ed by a sys­tem that they’re about to move to and they’ll do it any­way because they’re such skilled hack­ers that they can com­pro­mise the sys­tem and then jump to anoth­er sys­tem and get what they need before they can be quar­an­tined.”

    There’s a rea­son that’s not nor­mal behav­ior, even among very skilled hack­ers. After attack­ers are expelled from a sys­tem, defend­ers move quick­ly to patch the secu­ri­ty hole they used. Groups that run advanced per­sis­tent attacks move stealth­ily, lest they burn too quick­ly through their bag of tricks.

    Yet Fire­Eye found that APT 28 and APT 29 didn’t even both­er to change the pace of their attacks as their tar­gets became aware of them.

    “We have a Man­di­ant arm that can go back and recre­ate what hap­pened,” after a breach, Porter said. “When we look back on it over time, there’s no evi­dence that if their oper­a­tions were exposed on Tues­day that, on Wednes­day, exploita­tion pace against their tar­gets would change. It didn’t make any dif­fer­ence. They have an armory of zero days,” attacks that have nev­er been seen before.

    Case in point: a July 2015 inci­dent in which a secu­ri­ty firm pub­lished a blog post about how APT 28 was using a spe­cif­ic zero-day exploit. The group updat­ed the hack the next day, as Fire­Eye focused report­ing team man­ag­er Kris­ten Den­nesen told the RSA con­fer­ence this year.

    Porter thinks that’s one piece of evi­dence that both groups have state spon­sor­ship. You need more than than cod­ing chops to pull off a stunt like that; it helps to have an inter­na­tion­al intel­li­gence col­lec­tion net­work you can work with.

    “If these state-backed actors have pro­fes­sion­al mil­i­tary or intel­li­gence oper­a­tors over­see­ing the oper­a­tion, any change you can make, they’re going to try and find a counter to that,” he said. “They seem to know that cer­tain white papers are going to be pub­lic and they make the changes the day before they come out. We’ve seen evi­dence that they’ve known in advance that some­one is going to reveal that they were going to be dis­cov­ered and they make changes so that they con­tin­ue unin­ter­rupt­ed.”

    ...

    “Case in point: a July 2015 inci­dent in which a secu­ri­ty firm pub­lished a blog post about how APT 28 was using a spe­cif­ic zero-day exploit. The group updat­ed the hack the next day, as Fire­Eye focused report­ing team man­ag­er Kris­ten Den­nesen told the RSA con­fer­ence this year.”

    And that 2015 use of a burst of zero-day exploits is, in part, the basis for FireEye’s con­clu­sions that APT28 is state-spon­sored. This is of course assum­ing the same group respon­si­ble for that 2015 hack was also respon­si­ble for the DNC hack and this was­n’t a case of mis­at­tri­bu­tion due to sim­i­lar­i­ties in the tool set and infra­struc­ture than would be point towards APT28 being state-spon­sored. But as we saw above, assum­ing there isn’t a case of mis­at­tri­bu­tion for all these hacks is a pret­ty big assump­tion and if there real­ly are mul­ti­ple hack­ing groups shar­ing the same code/infrastructure, all it’s going to take is one of those groups using a zero-day exploit or some­thing to make it seems like all the sim­i­lar hack­ing groups are state-spon­sored too. And that means some ran­dom hack­er using the same read­i­ly-avail­able tool set could end up doing some­thing that looks like an act of cyber­war sim­ply by using the same tool sets used by an actu­al state-spon­sored actor and, in turn, hav­ing the hack mis­at­trib­uted to the state-spon­sor. So that’s pret­ty scary.

    And in relat­ed news, the Shad­ow Bro­kers appar­ent­ly retired and dumped a bunch more pre­vi­ous­ly unknown NSA hacks on the web for hack­ers around the world to use.

    Posted by Pterrafractyl | January 18, 2017, 8:29 pm
  8. It start­ed rain­ing in Wash­ing­ton DC the minute Trump start­ed giv­ing his inau­gu­ra­tion speech. That’s a bit omi­nous. Although not near­ly as omi­nous as Trump’s entire cam­paign. Or his actu­al inau­gu­ra­tion speech:

    The Wash­ing­ton Post

    Don­ald Trump is sworn in as pres­i­dent, vows to end ‘Amer­i­can car­nage’

    By David A. Fahren­thold, Philip Ruck­er and John Wag­n­er

    Jan­u­ary 20, 2017 at 4:32 PM

    Don­ald John Trump was sworn in Fri­day as the 45th pres­i­dent of the Unit­ed States, after which he deliv­ered a dark but ambi­tious speech promis­ing to throw out entrenched Wash­ing­ton elites, end “Amer­i­can car­nage” in cities and restore jobs lost to shut­tered fac­to­ries.

    “Today, we are not mere­ly trans­fer­ring pow­er from one admin­is­tra­tion to anoth­er, or from one par­ty to anoth­er, but we are trans­fer­ring pow­er from Wash­ing­ton, D.C., and giv­ing it back to you, the peo­ple,” Trump said.

    It was a speech that seemed to promise not just the obvi­ous tran­si­tion from the Demo­c­ra­t­ic admin­is­tra­tion of Barack Oba­ma to full Repub­li­can con­trol of Wash­ing­ton — but to a new style of pol­i­tics, in which Trump will seek to be a new kind of inde­pen­dent pow­er cen­ter.

    Trump, 70, was admin­is­tered the oath by Chief Jus­tice John G. Roberts Jr., using two Bibles — one from Pres­i­dent Lincoln’s inau­gu­ra­tion, and anoth­er that Trump’s moth­er gave him in 1955. His wife Mela­nia Trump stood at his side.

    Then, as rain began to fall, Trump gave an inau­gur­al address that — while short in dura­tion — made a major break with pres­i­den­tial prece­dent. Most pres­i­dents use this moment to acknowl­edge the oppo­nent they defeat­ed, to praise America’s promise and to call upon both par­ties to work togeth­er.

    Trump, by con­trast, used his speech to make a wide-rang­ing con­dem­na­tion of America’s cur­rent state — talk­ing about “Amer­i­can car­nage” caused by urban crime, and say­ing that “wealth, strength and con­fi­dence has dis­si­pat­ed” because of jobs lost over­seas.

    Trump charged that both major polit­i­cal par­ties have lost their way, serv­ing the needs of an elite rather than the needs of the pub­lic. In grandiose lan­guage, Trump sought to cast this day as a kind of restart for Amer­i­can pol­i­tics, with every­thing before — Repub­li­can and Demo­c­rat — cast aside.

    “The Unit­ed States of Amer­i­ca is your coun­try,” he said.

    ...

    Trump takes office as the least-pop­u­lar new pres­i­dent in 40 years, accord­ing to a new Wash­ing­ton Post-ABC News poll. Forty per­cent of Amer­i­cans view Trump favor­ably, which is 21 points low­er than the rat­ing with which Oba­ma will leave office.

    But Trump won the elec­tion and this is his day to com­mand.

    “It all begins today!,” Trump tweet­ed ear­ly Fri­day morn­ing. “I will see you at 11:00 A.M. for the swear­ing-in. THE MOVEMENT CONTINUES — THE WORK BEGINS!”

    “It was a speech that seemed to promise not just the obvi­ous tran­si­tion from the Demo­c­ra­t­ic admin­is­tra­tion of Barack Oba­ma to full Repub­li­can con­trol of Wash­ing­ton — but to a new style of pol­i­tics, in which Trump will seek to be a new kind of inde­pen­dent pow­er cen­ter.

    Well, while Trump’s desired “new style of pol­i­tics” may not be new to the world, it’s pret­ty unusu­al for the US.

    So now we get to see how Trump’s new style of pol­i­tics trans­lates into the kind of poli­cies he thinks will accom­plish his goals. Goals like like end­ing the “Amer­i­can car­nage”. We’ll find out! Unfor­tu­nate­ly!

    The Verge

    Trump wants to use a tagline from The Purge as his 2020 cam­paign slo­gan

    by Kait­lyn Tiffany
    Jan 18, 2017, 12:32pm EST

    While the 2016 elec­tion prompt­ed social media users to say things like “Ha ha, what is this, The Purge?” and “The Trump kids always look like they just took their Purge masks off,it’s now offi­cial — Don­ald J. Trump, soon-to-be pres­i­dent of the Unit­ed States of Amer­i­ca, wants his 2020 cam­paign slo­gan to be “Keep Amer­i­ca Great.”

    This fact was revealed in an inter­view with The Wash­ing­ton Post, pub­lished this morn­ing. The inter­view­er did not men­tion to Trump that the phrase is already the tagline of the 2016 hor­ror film The Purge: Elec­tion Year, a film about income inequal­i­ty and mass mur­der in the nation’s cap­i­tal. It is the lat­est in a series of films about a dystopi­an alter­nate real­i­ty in which Amer­i­ca gives its cit­i­zens one night every year to com­mit any crime they want — includ­ing mur­der! The com­par­isons to the Trump cam­paign are prob­a­bly due in part to his play­ful rib­bing of his “vicious, vio­lent” sup­port­ers and the fact that he, at one point, “joked” that his sup­port­ers should con­sid­er mur­der­ing his oppo­nent.

    As Emi­ly Yoshi­da point­ed out in her review for The Verge: “The Purge exists not to cleanse Amer­i­cans of their sins, but to cleanse Amer­i­ca of its poor and dis­en­fran­chised— who con­ve­nient­ly, often hap­pen to be non-white.” Some might say the phras­es “make Amer­i­ca great again” and “keep Amer­i­ca great” have sim­i­lar impuls­es behind them, par­tic­u­lar­ly con­sid­er­ing the incom­ing administration’s stances on health care, edu­ca­tion, immi­gra­tion, and the min­i­mum wage.

    ...

    So there it is. “Keep Amer­i­ca Great” and “Keep Amer­i­ca Great!” are two phras­es the pres­i­dent-elect would like to own so he can tie his polit­i­cal future to the lega­cy of a film in which a neo-Nazi para­mil­i­tary force plays a piv­otal role in the plot.

    “So there it is. “Keep Amer­i­ca Great” and “Keep Amer­i­ca Great!” are two phras­es the pres­i­dent-elect would like to own so he can tie his polit­i­cal future to the lega­cy of a film in which a neo-Nazi para­mil­i­tary force plays a piv­otal role in the plot.”

    That’s no omi­nous at all. So let the end­ing of all the “Amer­i­can car­nage” begin! And sure, it’s not like Trump explic­it­ly said he was plan­ning on unleash­ing a wave of vig­i­lante vio­lence as part of some sort of state-sanc­tioned neo-Nazi “cleans­ing” dur­ing his inau­gu­ra­tion speech. But he did kind of hint at it.

    Posted by Pterrafractyl | January 20, 2017, 3:04 pm
  9. So Don­ald Trump decid­ed to pay a vis­it to the CIA on his first full day in office, which is per­haps not sur­pris­ing­ly after reports that the CIA is part of a mul­ti-agency inves­ti­ga­tion into pos­si­ble coor­di­na­tion between the Trump cam­paign and the Russ­ian gov­ern­ment. And, or course, his vis­it includ­ed a pub­lic speech about how much he loves the intel­li­gence com­mu­ni­ty. And, of course, the speech to the intel­li­gence com­mu­ni­ty was actu­al­ly a bizarre rant most­ly about him­self and his intel­li­gence:

    Talk­ing Points Memo
    Livewire

    Trump Makes Bizarre Cour­tesy Call At CIA Head­quar­ters (VIDEO)

    By Lau­ren Fox
    Pub­lished Jan­u­ary 21, 2017, 4:38 PM EDT

    A pres­i­den­tial speech that was intend­ed to thank the intel­li­gence com­mu­ni­ty quick­ly went off the rails Sat­ur­day as Don­ald Trump talked about him­self, his inau­gu­ra­tion crowd, the dis­hon­est media and how great his par­ty was.

    Trump appeared at the CIA on his first offi­cial day as the 45th pres­i­dent after a rough few weeks where he’d heav­i­ly crit­i­cized the agency, blamed it for leaks and ques­tioned their assess­ment that Rus­sia had inter­fered in the U.S. elec­tion. In a brief 15-minute state­ment, Trump mean­dered, but with­out the kind of dis­ci­pline or grace one might expect from the com­man­der in chief.

    “I am so behind you and I know maybe some­times you haven’t got­ten the back­ing that you’ve want­ed and you’re going to get so much back­ing,” Trump told the intel com­mu­ni­ty with whom he has feud­ed. “Maybe you’ll say, ‘don’t give us so much back­ing. Mr. Pres­i­dent, please, we don’t need that much back­ing,’ But you’re going to have that, and I think every­body in this room knows it.”

    It seemed at every turn, Trump would piv­ot to him­self. As he talked about his choice to lead the CIA Rep. Mike Pom­peo (R‑KS), Trump not­ed that he him­self was smart.

    “I met him and I said, he is so good. Num­ber one in his class at West Point. I know a lot about West Point, and I’m a per­son that very strong­ly believes in aca­d­e­mics. In fact, every time I say I had an uncle who was a great pro­fes­sor at M.I.T. for 35 years, who did a fan­tas­tic job in so many ways,” Trump said. “He was an aca­d­e­m­ic genius, and then they say, there’s Don­ald Trump, an intel­lec­tu­al, trust me, I’m like a smart per­son.”

    ...

    It was a strange jux­ta­po­si­tion: a Pres­i­dent, stand­ing before the memo­r­i­al wall at the CIA that hon­ors the lives lost by agency offi­cers as he talked about crowd size and his intel­li­gence. Accord­ing to the pool report, there were about 400 CIA employ­ees at the agency Sat­ur­day. At first, the cheer­ing came from across the crowd, but the pool­er not­ed that as the speech con­tin­ued, the senior offi­cials in the front grew “sub­dued.”

    “Prob­a­bly almost every­body in this room vot­ed for me but I will not ask you to raise your hands if you did but I guar­an­tee a big por­tion because we’re all on the same wave­length,” Trump said.

    Trump also could­n’t resist talk­ing about his feud with the media.

    “I have a run­ning war with the media. They are among the most dis­hon­est human beings on Earth. And they sort of made it sound like I had a feud with the intel­li­gence com­mu­ni­ty. And I just want to let you know, the rea­son you’re the num­ber one stop is exact­ly the oppo­site,” Trump said. “We did a thing yes­ter­day at the speech and every­body like the speech? But we had a mas­sive field of peo­ple. You saw that. Packed. I get up this morn­ing, I turn on one of the net­works, and they show an emp­ty field. I’m like, wait a minute. I made a speech. I looked out, the field was, it looked like a mil­lion, mil­lion and a half peo­ple.”

    “It seemed at every turn, Trump would piv­ot to him­self. As he talked about his choice to lead the CIA Rep. Mike Pom­peo (R‑KS), Trump not­ed that he him­self was smart.”

    How inspir­ing. What lead­er­ship. If Trump was hop­ing to wow the intel­li­gence com­mu­ni­ty into going easy on him in its inves­ti­ga­tion of Trump talk­ing about his intel­li­gence was cer­tain­ly an unorthodocx tac­tic. It’s also the kind of odd to act in a man­ner that almost seems alarmed about that inves­ti­ga­tion into Trump’s cam­paign and pos­si­ble ties to the Krem­lin.

    But here’s some­thing else crit­i­cal to keep in mind about this inves­ti­ga­tion and how it might be moti­vat­ing Trump’s behav­ior: the inves­ti­ga­tion is specif­i­cal­ly focused on Trump’s ties to the Krem­lin, we prob­a­bly can’t rule out the pos­si­bil­i­ty that any oth­er pos­si­ble for­eign ties to the Trump cam­paign could also show up in the inves­ti­ga­tion. Why? Because as the arti­cle below points out, the inves­ti­ga­tion involves wire­tapped con­ver­sa­tions pro­vid­ed by the NSA and finan­cial trans­ac­tions. And the inves­ti­ga­tion won’t just be look­ing at fig­ures like Paul Man­afort — whose ties to Vic­tor Yanukovich would have put at least some of his con­ver­sa­tions on the NSA’s radar — but also Roger Stone, who appeared to have fore­knowl­edge of the DNC Wik­ileaks leaks and who also open­ly talked about being in con­tact with Wik­ileaks.

    And that’s all part of why the Trump cam­paign should obvi­ous­ly be very con­cerned about this inves­ti­ga­tion if it real­ly was coor­di­nat­ing with the Krem­lin but should prob­a­bly also be con­cerned if it was coor­di­nat­ing with any­one else. This inves­ti­ga­tion does­n’t nec­es­sar­i­ly have to remain focused on the Krem­lin when it’s based on evi­dence like finan­cial trans­ac­tions and wire­taps from the NSA:

    The New York Times

    Inter­cept­ed Russ­ian Com­mu­ni­ca­tions Part of Inquiry Into Trump Asso­ciates

    By MICHAEL S. SCHMIDT, MATTHEW ROSENBERG, ADAM GOLDMAN and MATT APUZZO
    JAN. 19, 2017

    WASHINGTON — Amer­i­can law enforce­ment and intel­li­gence agen­cies are exam­in­ing inter­cept­ed com­mu­ni­ca­tions and finan­cial trans­ac­tions as part of a broad inves­ti­ga­tion into pos­si­ble links between Russ­ian offi­cials and asso­ciates of Pres­i­dent-elect Don­ald J. Trump, includ­ing his for­mer cam­paign chair­man Paul Man­afort, cur­rent and for­mer senior Amer­i­can offi­cials said.

    The con­tin­u­ing coun­ter­in­tel­li­gence inves­ti­ga­tion means that Mr. Trump will take the oath of office on Fri­day with his asso­ciates under inves­ti­ga­tion and after the intel­li­gence agen­cies con­clud­ed that the Russ­ian gov­ern­ment had worked to help elect him. As pres­i­dent, Mr. Trump will over­see those agen­cies and have the author­i­ty to redi­rect or stop at least some of these efforts.

    It is not clear whether the inter­cept­ed com­mu­ni­ca­tions had any­thing to do with Mr. Trump’s cam­paign, or Mr. Trump him­self. It is also unclear whether the inquiry has any­thing to do with an inves­ti­ga­tion into the hack­ing of the Demo­c­ra­t­ic Nation­al Committee’s com­put­ers and oth­er attempts to dis­rupt the elec­tions in Novem­ber. The Amer­i­can gov­ern­ment has con­clud­ed that the Russ­ian gov­ern­ment was respon­si­ble for a broad com­put­er hack­ing cam­paign, includ­ing the oper­a­tion against the D.N.C.

    The coun­ter­in­tel­li­gence inves­ti­ga­tion cen­ters at least in part on the busi­ness deal­ings that some of the president-elect’s past and present advis­ers have had with Rus­sia. Mr. Man­afort has done busi­ness in Ukraine and Rus­sia. Some of his con­tacts there were under sur­veil­lance by the Nation­al Secu­ri­ty Agency for sus­pect­ed links to Russia’s Fed­er­al Secu­ri­ty Ser­vice, one of the offi­cials said.

    Mr. Man­afort is among at least three Trump cam­paign advis­ers whose pos­si­ble links to Rus­sia are under scruti­ny. Two oth­ers are Carter Page, a busi­ness­man and for­mer for­eign pol­i­cy advis­er to the cam­paign, and Roger Stone, a long­time Repub­li­can oper­a­tive.

    The F.B.I. is lead­ing the inves­ti­ga­tions, aid­ed by the Nation­al Secu­ri­ty Agency, the C.I.A. and the Trea­sury Department’s finan­cial crimes unit. The inves­ti­ga­tors have accel­er­at­ed their efforts in recent weeks but have found no con­clu­sive evi­dence of wrong­do­ing, the offi­cials said. One offi­cial said intel­li­gence reports based on some of the wire­tapped com­mu­ni­ca­tions had been pro­vid­ed to the White House.

    Coun­ter­in­tel­li­gence inves­ti­ga­tions exam­ine the con­nec­tions between Amer­i­can cit­i­zens and for­eign gov­ern­ments. Those con­nec­tions can involve efforts to steal state or cor­po­rate secrets, cur­ry favor with Amer­i­can gov­ern­ment lead­ers or influ­ence pol­i­cy. It is unclear which Russ­ian offi­cials are under inves­ti­ga­tion, or what par­tic­u­lar con­ver­sa­tions caught the atten­tion of Amer­i­can eaves­drop­pers. The legal stan­dard for open­ing these inves­ti­ga­tions is low, and pros­e­cu­tions are rare.

    ...

    The deci­sion to open the inves­ti­ga­tions was not based on a dossier of sala­cious, uncor­rob­o­rat­ed alle­ga­tions that were com­piled by a for­mer British spy work­ing for a Wash­ing­ton research firm. The F.B.I. is also exam­in­ing the alle­ga­tions in that dossier, and a sum­ma­ry of its con­tents was pro­vid­ed to Mr. Trump ear­li­er this month.

    Rep­re­sen­ta­tives of the agen­cies involved declined to com­ment. Of the half-dozen cur­rent and for­mer offi­cials who con­firmed the exis­tence of the inves­ti­ga­tions, some said they were pro­vid­ing infor­ma­tion because they feared the new admin­is­tra­tion would obstruct their efforts. All spoke on con­di­tion of anonymi­ty because they were not autho­rized to dis­cuss the cas­es.

    Numer­ous news out­lets, includ­ing The New York Times, have report­ed on the F.B.I. inves­ti­ga­tions into Mr. Trump’s advis­ers. BBC and then McClatchy revealed the exis­tence of a mul­ti­a­gency work­ing group to coor­di­nate inves­ti­ga­tions across the gov­ern­ment.

    The con­tin­u­ing inves­ti­ga­tion again puts the F.B.I. direc­tor, James B. Comey, in the mid­dle of a polit­i­cal­ly fraught inves­ti­ga­tion. Democ­rats have sharply crit­i­cized Mr. Comey’s han­dling of the inves­ti­ga­tion into Hillary Clinton’s use of a pri­vate email serv­er. Mrs. Clin­ton has said his deci­sion to reveal the exis­tence of new emails late in the cam­paign cost her the elec­tion.

    The F.B.I. inves­ti­ga­tion into Mr. Man­afort began last spring, and was an out­growth of a crim­i­nal inves­ti­ga­tion into his work for a pro-Russ­ian polit­i­cal par­ty in Ukraine and for the country’s for­mer pres­i­dent, Vik­tor F. Yanukovych. In August, The Times report­ed that Mr. Manafort’s name had sur­faced in a secret ledger that showed he had been paid mil­lions in undis­closed cash pay­ments. The Asso­ci­at­ed Press has report­ed that his work for Ukraine includ­ed a secret lob­by­ing effort in Wash­ing­ton aimed at influ­enc­ing Amer­i­can news orga­ni­za­tions and gov­ern­ment offi­cials.

    Mr. Stone, a long­time friend of Mr. Trump’s, said in a speech in Flori­da last sum­mer that he had com­mu­ni­cat­ed with Julian Assange, the founder of Wik­iLeaks, the anti-secre­cy group that pub­lished the hacked Demo­c­ra­t­ic emails. Dur­ing the speech, Mr. Stone pre­dict­ed fur­ther leaks of doc­u­ments, a pre­dic­tion that came true with­in weeks.

    In a brief inter­view on Thurs­day, Mr. Stone said he had nev­er vis­it­ed Rus­sia and had no Russ­ian clients. He said that he had worked in Ukraine for a pro-West­ern par­ty, but that any asser­tion that he had ties to Russ­ian intel­li­gence was “non­sense” and “total­ly false.”

    “The whole thing is a canard,” he said. “I have no Russ­ian influ­ences.”

    The Sen­ate intel­li­gence com­mit­tee has start­ed its own inves­ti­ga­tion into Russia’s pur­port­ed attempts to dis­rupt the elec­tion. The committee’s inquiry is broad, and will include an exam­i­na­tion of Russ­ian hack­ing and pos­si­ble ties between peo­ple asso­ci­at­ed with Mr. Trump’s cam­paign and Rus­sia.

    Inves­ti­ga­tors are also scru­ti­niz­ing peo­ple on the periph­ery of Mr. Trump’s cam­paign, such as Mr. Page, a for­mer Mer­rill Lynch banker who found­ed Glob­al Ener­gy Cap­i­tal, an invest­ment firm in New York that has done busi­ness with Rus­sia.

    ...

    The lin­ger­ing inves­ti­ga­tions will pose a test for Sen­a­tor Jeff Ses­sions, Repub­li­can of Alaba­ma, who has been nom­i­nat­ed for attor­ney gen­er­al. If Mr. Ses­sions is con­firmed, he will for a time be the only per­son in the gov­ern­ment autho­rized to seek for­eign intel­li­gence wire­taps on Amer­i­can soil.

    Mr. Ses­sions said at his con­fir­ma­tion hear­ing that he would recuse him­self from any inves­ti­ga­tions involv­ing Mrs. Clin­ton. He was not asked whether he would do so in cas­es involv­ing asso­ciates of Mr. Trump.

    “The coun­ter­in­tel­li­gence inves­ti­ga­tion cen­ters at least in part on the busi­ness deal­ings that some of the president-elect’s past and present advis­ers have had with Rus­sia. Mr. Man­afort has done busi­ness in Ukraine and Rus­sia. Some of his con­tacts there were under sur­veil­lance by the Nation­al Secu­ri­ty Agency for sus­pect­ed links to Russia’s Fed­er­al Secu­ri­ty Ser­vice, one of the offi­cials said.”

    That Paul Man­afort’s con­tacts in Ukraine would be under NSA sur­veil­lance is no sur­prise. But it rais­es the ques­tion: So which inter­na­tion­al clients or con­tacts , Russ­ian or oth­er­wise, that some­one like Paul Man­afort, Roger Stone, or Carter Page would be talk­ing with would­n’t be under NSA sur­veil­lance?

    And that, in turn, rais­es anoth­er ques­tion about this mul­ti-agency inves­ti­ga­tion: Is it only look­ing at pos­si­ble ties to the Krem­lin, or will it go wher­ev­er the evi­dence takes it? For instance, if the evi­dence starts point­ing towards a non-Russ­ian enti­ty, or even the Trump cam­paign itself, hir­ing Russ­ian hack­ers to car­ry out the hacks will it be allowed to go down that avenue of inves­ti­ga­tion? It’s an espe­cial­ly inter­est­ing ques­tion con­sid­er­ing that the reports about that mul­ti-agency inves­ti­ga­tion said that one of the alle­ga­tions they’re inves­ti­gat­ing is that the pay­ment sys­tem for Russ­ian-Amer­i­can pen­sions may have been used to finance the hack­ing oper­a­tion. In the US. To pay hack­ers in the US:

    McClatchy

    FBI, 5 oth­er agen­cies probe pos­si­ble covert Krem­lin aid to Trump

    By Peter Stone and Greg Gor­don

    McClatchy Wash­ing­ton Bureau
    Jan­u­ary 18, 2017 1:52 PM

    WASHINGTON

    The FBI and five oth­er law enforce­ment and intel­li­gence agen­cies have col­lab­o­rat­ed for months in an inves­ti­ga­tion into Russ­ian attempts to influ­ence the Novem­ber elec­tion, includ­ing whether mon­ey from the Krem­lin covert­ly aid­ed Pres­i­dent-elect Don­ald Trump, two peo­ple famil­iar with the mat­ter said.

    The agen­cies involved in the inquiry are the FBI, the CIA, the Nation­al Secu­ri­ty Agency, the Jus­tice Depart­ment, the Trea­sury Department’s Finan­cial Crimes Enforce­ment Net­work and rep­re­sen­ta­tives of the direc­tor of nation­al intel­li­gence, the sources said.

    Inves­ti­ga­tors are exam­in­ing how mon­ey may have moved from the Krem­lin to covert­ly help Trump win, the two sources said. One of the alle­ga­tions involves whether a sys­tem for rou­tine­ly pay­ing thou­sands of Russ­ian-Amer­i­can pen­sion­ers may have been used to pay some email hack­ers in the Unit­ed States or to sup­ply mon­ey to inter­me­di­aries who would then pay the hack­ers, the two sources said.

    ...

    “Inves­ti­ga­tors are exam­in­ing how mon­ey may have moved from the Krem­lin to covert­ly help Trump win, the two sources said. One of the alle­ga­tions involves whether a sys­tem for rou­tine­ly pay­ing thou­sands of Russ­ian-Amer­i­can pen­sion­ers may have been used to pay some email hack­ers in the Unit­ed States or to sup­ply mon­ey to inter­me­di­aries who would then pay the hack­ers, the two sources said.”

    So this inves­ti­ga­tion is tak­ing seri­ous alle­ga­tions that the hacks took place with­in the US. That’s a new twist. Espe­cial­ly giv­en pre­vi­ous reports about how one of the rea­sons it was assumed that these were Russ­ian hack­ers in part because “Guc­cifer 2.0” was traced back to a serv­er in Rus­sia. Now, there’s noth­ing stop­ping a Russ­ian hack­er in Amer­i­ca from using a Russ­ian serv­er in their attacks, but that’s still a new twist. The alleged Russ­ian hack­er could be in Amer­i­ca. Of course, if there real­ly is a sus­pi­cion that the hack could have come from the US, that rais­es the ques­tion of why on earth a Russ­ian hack­er liv­ing in Amer­i­ca and work­ing for the Krem­lin would have inten­tion­al­ly used servers in Rus­sia, thus fram­ing Rus­sia for the hack. And that, in turn, rais­es the obvi­ous, but nev­er asked, ques­tion as to whether or not this real­ly was a hack by Rus­sia.

    That’s all part of why it’s going to be very inter­est­ing to learn if this mul­ti-agency inves­ti­ga­tion is exclu­sive­ly an inves­ti­ga­tion into a pos­si­ble Krem­lin role in the hack­ing cam­paign or if the inves­ti­ga­tion is sim­ply start­ing off look­ing at the Krem­lin but able to go wher­ev­er the evi­dence takes it. Because wire­tap­ping and finan­cial trans­ac­tion evi­dence could end up going in very dif­fer­ent direc­tions from the evi­dence based sole­ly on a tech­ni­cal analy­sis of the hacks them­selves. It’s a lot hard­er to spoof a wire­tapped con­ver­sa­tion and finan­cial trans­ac­tion evi­dence than it would be for a skilled hack­er to make it look like a Russ­ian hack.

    And if there real­ly does end up being evi­dence of some sort of for­eign col­lu­sion with the Trump cam­paign, whether it’s Rus­sia or any oth­er gov­ern­ment, it will be inter­est­ing to see how well the Trump cam­paign did at cov­er­ing its tracks. Like, were they being all sneaky using code words and strong­ly-encrypt­ed com­mu­ni­ca­tions or was the evi­dence point­ing towards col­lu­sion com­plete­ly obvi­ous once this mul­ti-agency inves­ti­ga­tion start­ed look­ing into it. It would be a anoth­er way of assess­ing Trump’s intel­li­gence in addi­tion to lis­ten­ing to his bizarre speech­es about how smart he is.

    Posted by Pterrafractyl | January 21, 2017, 4:23 pm

Post a comment