Russian President Vladimir Putin directed a massive propaganda and cyber operation aimed at discrediting Hillary Clinton and getting Donald Trump elected, the top U.S. intelligence agencies said in a remarkable yet unshocking report released on Friday.
The 25-page dossier from the Office of the Director of National Intelligence stopped short of saying the Russians succeeded at influencing the outcome of the election, noting that the report did not attempt to make an assessment on that front. But it makes the case that “Russia’s intelligence services conducted cyber operations against targets associated with the 2016 US presidential election, including targets associated with both major US political parties.”
“We assess with high confidence that Russian military intelligence (General Staff Main Intelligence Directorate or GRU) used the Guccifer 2.0 persona and DCLeaks.com to release US victim data obtained in cyber operations publicly and in exclusives to media outlets and relayed material to WikiLeaks,” the DNI report reads.
The report is a quick and fascinating read. One example: It includes a fairly detailed appendix which concludes that the U.S.-based but Kremlin-financed media outlet RT (formerly Russia Today) is little more than a propaganda machine controlled by Russian intelligence agencies.
“Moscow’s influence campaign followed a Russian messaging strategy that blends covert intelligence operations—such as cyber activity—with overt efforts by Russian Government agencies, state-funded media, third-party intermediaries, and paid social media users or ‘trolls,'” reads the report.
The DNI report is remarkable for several reasons. First, it publicly accuses Russia’s President of trying to meddle with the U.S. election and to hack both political parties. Also, as The New York Times observed, it offers “a virtually unheard-of, real-time revelation by the American intelligence agencies that undermined the legitimacy of the president who is about to direct them.”
However, those who’ve been clamoring for more technical evidence to support a conclusion that Russian intelligence agencies were behind the phishing, malware attacks and email leaks at The Democratic National Committee (DNC) and Clinton campaign likely will be unmoved by this report. Those details will remain safely hidden from public view in the classified version of the report.
Last week, the FBI and Department of Homeland Security issued a joint report (PDF) on some of the malware and Internet resources used in the DNC intrusion. But many experts criticized it as a poorly-written, jumbled collection of threat indicators and digital clues that didn’t all quite lead where they should.
Others were perplexed by the high confidence level the agencies assigned to the findings in their unclassified report, noting that neither the FBI nor DHS examined the DNC hard drives that were compromised in the break-in (that work was done by private security firm Crowdstrike).
Former black-hat hacker turned Wired and Daily Beast contributing editor Kevin Poulsen slammed the FBI/DHS report as “so aimless that it muddies the clear public evidence that Russia hacked the Democratic Party to affect the election, and so wrong it enables the Trump-friendly conspiracy theorists trying to explain away that evidence.”
Granted, trying to reconstruct a digital crime scene absent some of the most important pieces of evidence is a bit like attempting to assemble a jigsaw puzzle with only half of the pieces. But as digital forensics and security expert Jonanthan Zdziarksi noted via Twitter last night, good old fashioned spying and human intelligence seems to have played a bigger role in pinning the DNC hack on the Russians.
“The DNI report subtly implied that more weight was put on our intelligence coming from espionage operations than on cyber warfare,” Zdziarski wrote. “As someone who’s publicly called out the FBI over misleading the public and the court system, I believe the DNI report to be reliable. I also believe @CrowdStrike’s findings to be reliable based on the people there and their experience with threat intelligence.”
My take? Virtually nothing in the DNI report is dispositive of anything in the FBI/DHS report. In other words, the DNI report probably won’t change anyone’s minds. I’m sure that many smart U.S. intelligence analysts spent a great deal of time on this, but none of it was particularly surprising at all: The DNI report describes precisely the kind of cloak and dagger stuff that one might expect the Kremlin to be doing to the United States, day-in and day-out.
What makes these kinds of cyber espionage and propaganda campaigns so worthwhile is that even if the Kremlin cannot always get its favorite candidate elected, Moscow may still consider it a success if it can continuously sow doubt in the minds of Americans about the legitimacy of the U.S. election process and other tenets of democracy.
It’s also exactly the sort of thing the U.S. government has been doing to other countries for decades. In fact, the U.S. has done so as many as 81 times between 1946 and 2000, according to a database amassed by political scientist Dov Levin of Carnegie Mellon University, writes Nina Agrawal for The Los Angeles Times.
Anyone shocked by the Kremlin-funded news station RT in all of this probably never heard of Voice of America, a U.S. government-funded news service that broadcast the American response to Soviet propaganda during the Cold War.
President-elect Trump has publicly mocked American intelligence assessments that Russia meddled with the U.S. election on his behalf, and said recently that he doubts the U.S. government can be certain it was hackers backed by the Russian government who hacked and leaked emails from the DNC.
Mr. Trump issued a statement last night only loosely acknowledging Russian involvement, saying that “while Russia, China, other countries, outside groups and people are consistently trying to break through the cyber institutions, businesses and organizations including the Democrat [sic] National Committee, there was absolutely no effect on the outcome of the election including the fact that there was no tampering whatsoever with the voting machines.”
Trump also has called for a review of the nation’s plans to stop cyberattacks, which he said will be completed within 90 days of his taking office on Jan. 20.
“Whether it is our government, organizations, associations or businesses we need to aggressively combat and stop cyberattacks,” Trump said. “I will appoint a team to give me a plan within 90 days of taking office. The methods, tools and tactics we use to keep America safe should not be a public discussion that will benefit those who seek to do us harm. Two weeks from today I will take the oath of office and America’s safety and security will be my number one priority.”
Time will tell if Mr. Trump’s team can do anything to slow the frequency of data breaches in the United States. But I hope we can all learn from this report. It’s open season out there for sure, but there are some fairly simple, immutable truths that each of us should keep in mind, truths that apply equally to political parties, organizations and corporations alike:
-If you connect it to the Internet, someone will try to hack it.
-If what you put on the Internet has value, someone will invest time and effort to steal it.
-Even if what is stolen does not have immediate value to the thief, he can easily find buyers for it.
-The price he secures for it will almost certainly be a tiny slice of its true worth to the victim.
-Organizations and individuals unwilling to spend a small fraction of what those assets are worth to secure them against cybercrooks can expect to eventually be relieved of said assets.
“We assess Moscow will apply lessons learned from its Putin-ordered campaign aimed at the US presidential election to future influence efforts worldwide, including against US allies and their election processes,” the DNI report concludes.
Yeah, no kidding. The question is: Will political and corporate leaders begin applying those lessons to their own operations, and gird themselves for full-on, 24/7 cyberattacks from every direction, before, during and after each election? How many more examples do we need to understand that maybe we’re really not taking this cybersecurity stuff seriously enough given what’s at stake?
The DNI report is available here (PDF).
Your “simple, immutable truths”, sum the situation up perfectly. With your agreement I’d like to share them more widely (with attribution of course)
Putin and the Russians did not discredit Hillary Clinton. She discredited herself. The Russians merely publicized it.
hillary doesn’t know how to use the interwebs, and this is why she lost emailz that caused her to loose the election.
isn’t it ironic that it was the clinton administration in the 90’s that touted the internet super highway as being the next industrial revolution. and it is!
and now 20 yrs later it was the use of that medium along with her and her campaigns negligence of security and protocol that revealed to the US as well as the world how she and those that she’s surrounded by don’t have a clue about the internet and it’s underpinnings.
and she still uses a black berry? ¯\_(ツ)_/¯
and her campaign managers password was: password
although trump is no better, his password was: yourefired on some of the social media sites he trolls.
and the celebrities are just as bad too.
so there you have it, the world is run by old people who haven’t a clue about modern technology or security and are stuck in the past thinking old ways. you gotta love it. you just cant make this stuff up folks.
it’s like a bad movie that just keeps getting worse.
and then it wins awards.
¯\_(ツ)_/¯
HRC didn’t actually get hacked, her aide John Podsta did. Again, there is no evidence that any data came from her email server and no evidence it was hacked.
Sorry, but you left out an important detail, Chris V, and in so doing you have missed the point. The Russians did it by committing a crime, part of a pattern of such crimes aimed at a broad section U.S. business and political interests. Shame on you for letting your politics color your view of the seriousness of another nation state engaging in such action.
He left nothing out. Computer hacking is what nation states do. We do it; they do it. There is no excuse for not taking cyber-security serious and that includes, Barrack Obama, Hillary Clinton and the DNC.
Knowing that all states do cyber espionage, it makes Hillary’s home brewed server even more egregious. And a password that is “password”. What did they expect from some of the most sophisticated hackers in the world.
Don’t forget Chip they also hacked the RNC and DT. Only time will tell when they release what they have on the Trump and the rest of his ” advisors”. Maybe to influence some decision of his?
You got it.
The Russians did us a favor and revealed just how crooked and incompetent Hillary Clinton is, as well as how loose our computer security really is.
Under Obama more hi-level government departments were breached than ever before, including ALL of the personal information of our agents in the government spy business. Obama’s incompetence may have caused much of the damage because he failed to deal with the breeches early on. If Obama had cared ANYTHING about cyber-security, he would have done what Trump said he will do, and then take the appropriate action.
The ends do not justify the means. Saying Russia did us a favor by hacking the DNC only excuses the action.
As a patriotic American, i believe that nothing Russia did in this matter is acceptable.
Outside the Box: If Trump served in the Korean Police Action, 1st Question, was he a POW subsequently released? Putin as the Queen of Diamonds.
“We assess with high confidence” This quote, taken from the report summary intentionally misstates what is found within the report. There we have a thumbs up, down or to the side rating system.
Compared to the FBI and DHS, the NSA is the most likely to have the data necessary to place blame and the NSA thumb goes to the side. That would be the “NSA cannot be sure” response.
The best assessment I have heard refers to a pile of meat on an African plain. With a conflagration of predators clawing to grab the meat the administration has arbitrarily picked one to blame as if the data was difficult to reach and only one made it.
I blame the person who put our meaty confidential data up for grabs in the first place.
Mr. Krebs normally covers the actions and reporting responsibilities of the organization hacked. Did I miss any mention of that in this article?
I agree.
The most shadowy of the three is definitely the NSA and they would not concur. Being that there is a strong chance that James Comey of the FBI was compromised during the election, and John Brennan is suspect in the CIA, why would anyone take them at their word?
Attribution is part of the equation, but the fact that the DNC was hacked is just as important. Let’s not lose sight of that. And it is easy to point fingers at the victim but there is plenty of blame to go around.
Wow. I have read better conspiracy theories about Aliens on the Internet that have more evidence than this.
Seriously. Even people claiming the moon landing was fake are more trustworthy when it comes to presenting their case.
When the P***y grabber Trump went to Moscow to promote Miss Universe pageant it seems probable something untoward (compromising) could have occurred hence the “bromance”?
Pathetic!
Is that all you’ve got?
In the next month when all the things pulled from the GOP are dumped on wikileaks and every member of Donny’s family has all their tax filings posted enmasse to DC leaks, will we still be hearing about how this isn’t that big a deal?
I mean I get the “my guy won” so everything is wrong and the “my guy lost” so everything is right attitudes. We have no choice but to wait and see. Anything else seems to be wasted energy, raging against the sea stuff.
But how on Earth can anyone think this is over? Do you really think that Poots done? That the day after the election they deleted everything?
That’s not going to happen. Not immediately. WikiLeaks’ role in this was clearly motivated by the hope of a pardon for Assange by the incoming administration.
Expect a drop in anti-American releases, followed by a sharp rise if that pardon doesn’t come as quickly as Assange wants. Also, there’s no reason to believe Russia risked giving an outside actor GOP/Trump data, and thus, a choice.
Psy Ops is as old as war. This is just the next evolution of what the US (and everybody else) has been doing for decades. What was covert, is now overt. And it was done against us which is just fantastic irony. Since the mainstream media and sites like Facebook were unwittingly complicit, it was unavoidable unless you didn’t watch TV, stayed away from news sites, turned off your RSS feeds, ignored the pop-ups on your mobile based on previous searches that you showed interest in, and stayed off social networking sites. It was a beautiful example of what’s to come.
I wouldn’t say we “fell for it”. Only that Russia has demonstrated that this sort of operation can be successful when you use the right sort of stimulus at just the right time. I applaud them and hope our guys learned some valuable lessons (mainly, farm it out to the dedicated and patriotic amateurs when you can).
People saying “Hillary is a crook” are missing the point. One of their big successes was publishing lies that were just believable enough after publicizing breaches. They told people what they wanted to hear. If the Russians had targeted the GOP instead of the DNC, we’d have seem the exact same sort of thing only going the other way. Do you think the GOP is clean and has no skeletons that can be tweaked to look even more dire? If so, then you are the person this campaign targeted.
Jasey DePriest — Regarding your comment about “publishing lies,” even the report itself says there are “no evident forgeries” in the wikileaks documents.
I agree completely with your comment. I additionally believe it is too bad that the ‘general population’ does not understand fully the ramifications.
Five of 25 pages are devoted to substantive conclusions. Seven pages are devoted to describing RT, and that they supported the Occupy Wall Street Movement and are opposed to fracking. They could be describing MSNBC.
Since Clinton won the popular vote by nearly 4 million votes, and even an evil genius like Putin could not have possibly targeted the 106,000 voters (or non-voters) in Philadelphia, Pittsburgh, Milwaukee or Detroit who actually did affect the results of this election, shouldn’t the report have also concluded the operation was technically a failure?
I have yet to see a single voter or non-voter anywhere in the country claim the “hacks”, and the information derived therefrom, affected their voting decision. If such a person existed, I am confident the NY Times and CNN would have found them.
This is the most blatantly politicized use of intelligence since the Gulf of Tonkin. If you are under 40 – Google it. Way more so than the alleged WMD’s in Iraq intel since that was not initially intended for wide distribution to non-policy makers, like this was.
I bet you can’t find anyone that bought something because of an ad they saw for it on TV, either, but companies still pay big money to make, and air, TV ads.
The campaign was designed to subtly get people to doubt and question, and to trick people to include fake news sources in their personal echo chambers. It’s like political arguments on Facebook- someone overtly telling you that what you think is wrong, will likely not succeed in changing your mind. Neither would an overt campaign from Russia.
This is all about further de-legitimatizing the election by the current administration and the Democratic party. It is a political maneuver. This kind of corruption of public institutions is what made myself, and many like me, reject Hillary and her stable of cronies. I feel the same about the Bush’s and Obama. All these administrations have been engaging in assassinations and assorted other meddling in other countries for decades–Putin is a lightweight compared to these. There are no facts presented in the report, only opinions. These are the same folks that were criticized for their WMD assessments (also political in nature). The deep state has never been stronger. I think the whole US intelligence community needs to be gutted and rebooted.
Read The Brothers and The Devils Chessboard for a real eye opener.
If you take out the popular vote count from one county in Los Angeles and one county in New York city Trump wins the popular vote.
Like it or not that is exactly why we have a representative electoral system for presidential voting and selection. It makes as much sense now as it did when the founders created it.
I doubt people in New York and Los Angeles agree.
I am glad the people in two cities do not get the privilege of picking the president that governs the entire country every four years.
Perhaps President Trump can takes us back to 50 states that can celebrate their differences.
Keep up the good work!
The Pulitizer Prize Committee , or whoever they are, might have to designate a special honor —-like the George K. Polk Award — a Krebs Award — for your relentless due diligence, as well as your Nous —practically unerring, meaning an instinct for justice as fairness, and a deep mind, willing to keep learning. No I do not patronize I note proleptically, I calls ’em as I sees em.
Including in this account the wise advice about “fairly simple, immutable truths that each of us should keep in mind” (no matter who we are) hits home. Do unto others, as You would have them do unto you. You wouldn’t want your privacy invaded, so don’t invade. It only gets more complicated when the fanatically intolerant demand tolerance, but not that much more complicated
From the report:
“RT runs anti-fracking programming, highlighting environmental issues and the impacts on public health. This is likely reflective of the Russian Government’s concern about the impact of fracking and US natural gas production on the global energy market and the potential challenges to Gazprom’s profitability.”
One wonders how much of the criticism of fracking is real and how much is based on (and funded by) Russia.
U stop wondering when ur tap water can be set on fire.
I saw Gasland. It was faked – sort of. The water did light on fire.
The person who owned the home had drilled into a methane chamber.
No fracking involved. Just a drilled well to an unlawful depth.
But the Russians love ya, Walter, and you are proof-positive of their effectiveness.
Wait, so all those people that could also light their water on fire in WaPo and NYT articles also dug into methane chambers? Is this a mass conspiracy?
Thank You Brian! Your analysis and thoughts are always interesting and factual. I am personally alarmed and concerned by the many Good Americans that actually failed to fact-check and blindly believed, and also spread, the Russian Social Engineering Propaganda. Now that Russia’s actions been more fully exposed many of my duped friends across our nation refuse to accept their own role in aiding Russia.
Can you please provide an example of “the Russian Social Engineering Propaganda”?
what’s ‘remarkable’ about lame duck Dem president trying to undermine incoming GOP prez?
The democrats wrote it. Someone(s) exposed it. Trump won. The items may or may not be related.
“Interference” in elections is in the eye of the observer, it goes on all the time. That’s the nature of elections, they’re not neat affairs. We should get over it and work on something important.
There’s little here of lasting value (in the report itself, that is) beyond concluding both that everything is about politics in DC and your passwords should be something even slightly stronger than “password.”
I agree with Mike Masnick here: even if the report is right and Russia did it (and it seems they did) it’s worrying that the US Govt wants to escalate things based on their say-so. But fun stuff to dig: It seems Matt Tait dis some investigative work that would give more credibility to the report. He found the phishing e-mail in the leaks and dug through the links. The findings are fascinating.
Shocked. Shocked. In the excellent movie Casablanca, there is a scene where the police chief is shocked to find gambling.
Hello people! The Russians grab photos, steal all kinds of documents, and break in to email accounts. (So do Wiki Leaks, the Chinese, the other Russians, Nigerians, Brits, French, and lots of other countries. PLUS teenagers everywhere).
Also, the Russians dish out propaganda. So do the Americans. Again, this is not really breaking news.
Brian thanks for the continuing analysis. Please continue.
Brian, kudos for taking on such a touchy topic with your usual solid, factual approach. I think this quote from your article sums up so much of this story quite nicely:
“What makes these kinds of cyber espionage and propaganda campaigns so worthwhile is that even if the Kremlin cannot always get its favorite candidate elected, Moscow may still consider it a success if it can continuously sow doubt in the minds of Americans about the legitimacy of the U.S. election process and other tenets of democracy.”
The “simple, immutable truths” should be codified… much like Asimov’s Rules for Robots.
These reports are like JFK going before the American public in October 1962 without the pictures of missiles in Cuba.
All we have is “high confidence” otherwise known to anyone else as “trust us”. I understand that not every piece of evidence can be shared, but really there is absolutely, positively NOTHING that can be heavily redacted and shared? Not one iota of evidence can be shared for fear that methods will be discovered? Seriously? Like all of the other intelligence services don’t know how our intelligence services for the most part get their information? Wow! We’re that much more advanced than the rest of the world in this area? Really? Yeah, I doubt it, but here we all sit.
This gets all the more difficult to take when we know that the players involved do not trust back. They are after all effectively compiling a digital dossier on everyone with a digital footprint “just in case” someone goes rogue.
Not that it works in preventing everything (as our lone wolf attacks prove), but we are told it prevents a lot of events. Yet time and again when asked to prove its worth, it never can be proved because it would reveal “secrets”. After years and years of hearing such claims, those claims sound more like someone protecting a scam than someone protecting something actually worth something.
Just saying.
This keeps getting more and more scary. What needs of Watergate burglars when you can have the Russians do it for you? Also, they cannot be extradited. It is a win-win. The Russians have their stooge puppet in the White House, and Trump has his untouchable dirty tricks operatives.
@John Nelson – Part of the reason proffered for why the Russians did it was their consternation with Ms. Clinton’s moralizing over their election process. Is it a “crime” if the U.S. government gives bags-o-money to South American (of Afghani, and Iraqi, and Pakistani) strongmen we support? Or props up Iranian dictators who we believe share the same interests as us? Or finances the Israeli opposition party like we did two years ago because President Obama disagreed politically with Bibi Netanyhau?
Nations engage in hegemonic projections of power, because they can. You either put on your big boy pants in this arena or find the international relations equivalent of a safe space – It’s called Switzerland.
I believe this was a “test run” that was more successful than expected. I expect this type of influence will be used to influence upcoming European elections. I also believe the DDoS attack on Krebs, et al was a test to see how many devices and people could be reached in a short period of time.
What an apt image. The man in the background is none other than the “dead” Mikhail Lesin, the creator of Russia Today (RT).
Lesin, a billionare, was found “dead” in a cheap Washington D.C. hotel room. The coroner’s report said he died of blunt force trauma to the head and all over his body.
He got drunk and fell. That was the cause of death.
Or maybe he’s under witness protection after defecting.
Brian if you want to bust this story open investigate the troll army employed by Putin.
They are the weak link in all of this. They were an integral part in the propaganda exercise as they helped perpetuate the themes they wanted to push and they helped run blocker by attacking anyone exposing what was/is happening. You can see them here on this very story.
Thank You Russia for President “PutinPuppet” Trump
You very welcome .See you again in 4 years time .
A bit OT, but you mentioned VOA, and RT and (related but not mentioned, Radio Moscow and Radio Free Europe).
VOA was not, as far as I can tell, a propaganda outlet.
Starting in the late ’50s, I used to monitor VOA and Radio Moscow. VOA seemed to be very careful to be factual, I think with the idea that the facts alone were what their target audiences would find most convincing. Radio Moscow for a long time was very poor propaganda – about at the level of some of the Russian trolls you can see in comment sections. Around 1980, Radio Moscow became much more convincing – they sounded then about as RT today – propaganda, but very slick and subtle. Frankly, it achieved the level of credibility of CBS, which is to say, yeah, propaganda, but slick and subtle, and with a lot of straight factual reporting – in RM/RT’s case, to better mask the propaganda.
The US also funded Radio Free Europe. It too provided factual information, but it was narrowly targeted at occupied Eastern Europe, and was reportedly very successful. The Russians routinely jammed it.
Let’s see: RT news was working to change the election outcome=evil. Facebook trolls and fake news working to change the election outcome=evil. CNN and other left-leaning media outlets, Fox news and other right-leaning news work to change the outcome of the election=OK.
Lies and half truths broadcast by American sources are fine. Until it backfires and regular folks change their votes because we don’t trust ANY media.
If we’re smart, anyway.
If the admissions of wikileaks and Steve Pieczenik are true, then the big smoke screen is that, JUST LIKE WE DO, the Russians and China are hacking everything everywhere in the first place. However, that does not mean that they were the ones supplying e-mails to Wikileaks, no matter how much they would have enjoyed seeing Clinton lose.
So, as a previous comment gave this link,
https://consortiumnews.com/2016/12/12/us-intel-vets-dispute-russia-hacking-claims/ ,
we have characteristics of a leak, not a hack. Then, we have Steve Pieczenik admitting that his group of people are the ones inside the intelligence agencies who helped with the leaks, as much of an oddball as he seems in other issues. See also, http://yournewswire.com/fbi-emails-wikileaks-clinton-coup/ .
Both of these factors, the idea that this comes from espionage rather than from cyber warfare (hacking) are consistent with why Lee would describe the report as written sloppily (links in article). Then, at the end, we have Wikileaks claiming that they got their material through an intermediary from disgusted Democrat insiders AND not from Russia. Hrmmm, those all fit together. The fact of Russian hacking efforts existing provides a convenient “fog of war” that can be used to set up the incoming team to start off in a quagmire.
Brian, what do you make of Wikileaks claim that they got their material from Americans, and how that fits with the criticism against the report? Are these consistent with each other? (We’ll leave Pieczenik out of this as he is too oddball.)
As a programmer and as a former reporter the leaks make more sense to me in terms of how information gets placed. What’s more you should never assume that the leaker is leaking to someone they like. I had a county attorney publicly, in a legislative session in which I was a reporter, castigate me from the podium and go on and on. A few weeks later I was asked to go to his office because he had something for me. When I got there it was a huge leak of information he had been collecting on a political opponent. Information he didn’t want anyone to think he would have been the source for. Sure, hacking could be. I spent weeks worth of all-day-and-all-nights recovering servers hacked from China (assumed from logs) in the late 90’s and early 2000’s. It is just that my experience makes me tend toward believing in leaks rather than “hacking” which seems to be the (magic) deus ex machina of television plots.