Hardly a day goes by without some “news” about the Russian “threat,” and in the past twenty-four hours, the hate-on-Russia campaign seems to have picked up speed. After that Vladimir Putin is not only responsible for the Trump campaign, but also for the “global nationalist movement” that yanked the British out of the European Union, mainstream media are telling us that Russian interlopers are supposedly invading our electoral process by hacking into voter databases. The Washington Post “”:
“Hackers targeted voter registration systems in Illinois and Arizona, and the FBI alerted Arizona officials in June that Russian hackers were behind the assault on the election system in that state.
“The bureau told Arizona officials that the threat was ‘credible’ and severe, ranking as ‘an 8 on a scale of 1 to 10,’ said Matt Roberts, a spokesman for the secretary of state’s office.
“As a result, Secretary of State Michele Reagan shut down the state voter registration system for almost a week.”
So the Russkies are invading the American polity, launching a cybernetic assault on the very basis of our democracy? Really? Well, no, as becomes apparent when the reader gets down in the weeds and exercises his critical faculties if such exist. Because by the time we arrive at paragraph five of this “news” story, we learn that:
“It turned out that the hackers did not succeed in compromising the state system or even any county system, but rather had managed to steal the username and password for one Gila County elections official.”
Oh, but never mind that nothing much happened and no data was altered, because:
“Nonetheless, the revelation comes amid news that the FBI is investigating suspected foreign hacks of state election computer systems, and earlier this month warned states to be on the alert for intrusions.”
“Russian” hackers have now been magically transformed into “suspected foreign hacks”: we aren’t supposed to notice this shift in attribution because, after all, the FBI is supposedly putting its imprimatur on this conspiracy theory. Except they aren’t: nowhere in the story does the FBI confirm that the Russians or any foreign actors are behind this.
In Illinois, election officials – who just happen to be Democrats – report a similarly minor intrusion, which one Kyle Thomas, director of voting and registration systems for the State Board of Elections, describes as “a highly sophisticated attack most likely from a foreign (international) entity.” How does he know that? Well, he doesn’t. As we read on, we are told that “The bureau has told Illinois officials that they’re looking at possible foreign government agencies as well as criminal hackers.”
In other words, it could’ve been a couple of teenagers sitting in a cyber-café in Shanghai.
Is there a shred of evidence the Russians were behind any of this, as reporter Ellen Nakashima states in her opening paragraph? The answer to that question is an unequivocal no.
The same day the Washington Post story appeared yet another act of Russian aggression on American soil was revealed to a breathless world: Russian “state actors” have hacked into a number of unnamed Washington thinktanks! appeared in “Defense One,” a website that caters to “insiders” in the national security bureaucracy and their corporate cronies. In an “exclusive,” they claim:
“Last week, one of the Russia-backed hacker groups that attacked Democratic computer networks also attacked several Russia-focused think tanks in Washington, D.C., Defense One has learned.
“The perpetrator is the group called COZY BEAR, or APT29, one of the two groups that cyber security company blamed for the DNC hack, according to founder Dmitri Alperovitch. CrowdStrike discovered the attack on the DNC and provides security for the think tanks.”
So the same company paid by the Democratic National Committee to echo the party line on the DNC hacks is now telling us that they know the Russians are behind this alleged hack. And yet, as cyber-security expert Jeffrey Carr points out , there is no way CrowdStrike (or anybody else) could definitively point to Russian “state actors” as the culprits in this or any other case: that’s because the procedure they use in “tracing” a hack is inherently subjective, what Carr calls “faith-based attribution.”
Technical analysis of code and the software utilized by the hackers is less than helpful in identifying hackers: if Chinese characters are found in the code, well then you’ve been hacked by the People’s Liberation Army. If Russian characters are discovered, well then it’s Putin’s spies. Except this is nonsense: as Carr explains it, if a Kalashnikov is used in a murder, does that mean the murderer is a Russian? Well, uh, no – and no one would ever make that assumption. And yet this is precisely the sort of “analysis” we’re getting from the hucksters who infest the “cyber-security” industry. In short,the “scientific” analysis marketed by these companies is based on assumptions that cannot be objectively verified.
These companies would like their customers to believe that their conclusions are based on science, but as Carr :
“It’s important to know that the process of attributing an attack by a cyber security company has nothing to do with the scientific method. Claims of attribution aren’t testable or repeatable because the hypothesis is never proven right or wrong.
“When looking at professions who use an investigative process to determine a true and accurate answer, the closest profession to the attribution estimate of a cyber intelligence analyst is that of a religious office like a priest or a minister, who simply asks their congregation to believe what they say on faith. The likelihood that a nation state will acknowledge that a cybersecurity company has correctly identified one of their operations is probably slightly less likely than God making an appearance at the venue where a theological debate is underway about whether God exists.”
If you look at the “analysis” done by those who attribute the DNC hack to Russian state actors, a pattern of confirmation bias emerges, as Carr shows:
“On June 15, 2016, CrowdStrike’s co-founder and CTO Dmitri Alperovich announced in a that two Russian hacker groups were responsible for the DNC breach: Cozy Bear and Fancy Bear; and that both hacker groups worked for competing for Russian intelligence services.
“Other cybersecurity companies including FireEye, Kaspersky Lab, ESET, TrendMicro, Microsoft, iSight Partners, and AlienLab have made similar claims of attribution to the Russian government. The question that this article seeks to answer is, are those claims grounded in evidence or guesswork?
“I chose to look at Fancy Bear (APT28 in FireEye’s ecosystem). The most comprehensive on that threat actor was written by FireEye and released last October, 2014 so I started with that. To my surprise, the report’s authors declared that they deliberately excluded evidence that didn’t support their judgment that the Russian government was responsible for APT28’s activities: ‘APT28 has targeted a variety of organizations that fall outside of the three themes we highlighted above. However, we are not profiling all of APT28’s targets with the same detail because they are not particularly indicative of a specific sponsor’s interests.’ (emphasis added)
“That is the very definition of confirmation bias. Had FireEye published a detailed picture of APT28’s activities including all of their known targets, other theories regarding this group could have emerged; for example, that the malware developers and the operators of that malware were not the same or even necessarily affiliated.”
What we are dealing with here is an industry – “cyber-security” – that has a vested interest in promoting the idea that its methodology is “scientific,’ and that it can provide answers to its paying customers who want to know for sure who hacked their computer systems. It wouldn’t do to tell them that no definitive answers are possible and that any attribution procedure is necessarily based on a whole range of assumptions that are not objectively verifiable. That wouldn’t do much to improve their profit margins. So they market themselves as “scientists” who have all the answers, when, in fact, they have no answers.
The post appeared first on .