Cyber Attribution, the Macron hacks, and the Existential Threat of Unwarranted Certainty

Did you hear the big new hack­ing news? It’s the The news about ‘Fan­cy Bear’ already get­ting ready to wage a new hack­ing cam­paign against US politi­cians? If not, here’s a brief sum­ma­ry: Trend Micro, a Japan­ese cyber­se­cu­ri­ty firm, just issued a new report pur­port­ing to show that ‘Fan­cy Bear’ has already set up mul­ti­ple phish­ing web­sites intend­ed to cap­ture the login cre­den­tials to the US Sen­ate’s email sys­tem. And Trend Micro is 100 per­cent con­fi­dent this is the work of ‘Fan­cy Bear’, the Russ­ian mil­i­tary intel­li­gence hack­ing team. What led to Trend Micro’s 100 per­cent cer­tain­ty that these phish­ing sites were set up by ‘Fan­cy Bear’? It appears to be based on the sim­i­lar­i­ty of this oper­a­tion to the Macron email hack that impact­ed hit French elec­tion last year. The same hack that the French cyber­se­cu­ri­ty agency said was so unso­phis­ti­cat­ed that any rea­son­ably skilled hack­ers could have pulled them off. And the same hacks com­i­cal­ly includ­ed the name of a Russ­ian gov­ern­ment secu­ri­ty con­trac­tor in the meta-data and were traced back to Andrew ‘weev’ Auern­heimer. That’s the hack that this cur­rent Sen­ate phish­ing oper­a­tion strong­ly mim­ics that led to Trend Micro’s 100 per­cent cer­tain­ty that this is the work of ‘Fan­cy Bear.’ So how cred­i­ble is this 100 per­cent cer­tain cyber attri­bu­tion? Well, it’s pos­si­ble Trend Micro is cor­rect, it’s also extreme­ly pos­si­ble they aren’t cor­rect. That’s going to be the top­ic if this post, because Trend Micro is far from alone in mak­ing cyber attri­bu­tion an exer­cise in gam­bling with exis­ten­tial risks.