recommended reading

Questions at the Senate Hearing on Russian Hacking

Ververidis Vasilis/Shutterstock.com

What’s the latest?

Senior intelligence officials will testify this morning before the Senate Armed Services Committee about foreign cyberthreats to the U.S. Much of the testimony is likely to focus on what role Russia had in the U.S. election.

U.S. intelligence officials say Russia hacked the Democratic National Committee and others in an attempt, they say, to influence the U.S. presidential election. Although it's unclear if that alleged action was successful, President-elect Donald Trump is skeptical of claims about Russia’s role. He says it’s difficult to definitively say who was behind the hacking, and has supported the views of Julian Assange, the WikiLeaks founder, that a “14-year-old could have hacked” Democratic officials.

Among those testifying Thursday are James Clapper, the director of national intelligence; Marcel J. Lettre, the undersecretary of defense for intelligence; and Adm. Mike Rogers, who heads U.S. Cyber Command.

Sen. John McCain, the Republican senator from Arizona who chairs the SASC, has made his own views clear, telling Ukrainian TV that Russia's actions were “an act of war.”

Who is involved?

Intelligence officials leaked word to NBC and ABC that Russian President Vladimir Putin was “personally involved” in cyberattacks aimed at interfering with the United States presidential election. NBC’s report relied on “two senior officials with direct access to the information,” ABC’s on “U.S. and foreign intelligence officials.”

In an interview with NPR on Dec. 15, U.S. President Barack Obama vowed the U.S. would take action in response, “at a time and place of our own choosing.” He went on: “Mr. Putin is well aware of my feelings about this, because I spoke to him directly about it.”

Didn’t we already know about Russia hacking the Democratic National Committee and others? Why all the fuss?

The newest reports purport to add detail on both actors and intent. Putin personally has not been previously blamed for hacks resulting in leaks damaging to the Clinton campaign, though in October, Clapper stopped just short of doing so, saying, “based on the scope and sensitivity of these efforts ... only Russia’s senior-most officials could have authorized these activities.”

Secondly, separate intelligence leaks to The New York Times and The Washington Post on Dec. 9 for the first time claimed the intent of the hacking was to sway the election in favor of Trump, rather than simply sow generalized distrust. It has not yet been suggested that cyberattacks managed to change the actual vote tally in favor of either presidential candidate.

Information on what exactly happened has been dripping out slowly, and often anonymously and unofficially, for months. Way back in mid-June, the Democratic National Committee reported an intrusion into its computer network, and the cybersecurity firm CrowdStrike publicly blamed Russian hackers after analyzing the breach.

In July, after emails stolen from the committee appeared on WikiLeaks, Democratic members of Congress also blamed the Russians, with Clinton campaign manager Robby Mook alleging “It was the Russians who perpetrated this leak for the purpose of helping Donald Trump and hurting Hillary Clinton.”

It wasn’t until September anonymous federal officials confirmed to The New York Times the intelligence community’s “high confidence” of Russian government involvement in the hack, if not the subsequent leak, and leaving doubt as to whether the hacks were “routine cyberespionage” or actually intended to influence the election.

And it wasn’t until October that Clapper went on the record to blame Russia—government actors, not, say, cybercriminals who happened to be Russian, “based on the scope and sensitivity of these efforts,” and further declaring they were “intended to interfere with the U.S. election process.” Days later, emails stolen from Clinton campaign chairman John Podesta appeared on WikiLeaks.

So as of fall, the United States government had officially blamed Russia for the hacks, and stated the hacks were intended to interfere with the American election. Until Dec. 9, intelligence officials were not claiming the Russians wanted specifically to help Trump win, as opposed to undermining faith in the overall process.

Then The Washington Post disclosed a “secret CIA assessment”—again described by anonymous officials—declaring it “quite clear” a Trump presidency was the ultimate goal of the hacks. A Times investigation published a few days later provided more background on how the hacks actually worked. Yet, the Office of the Director of National Intelligence has not publicly embraced the CIA’s findings, and the FBI has given a more “ambiguous” picture of Russia’s goals in congressional briefings. Meanwhile, Congress is planning to investigate.

Who else has been hacked?

Thomas Rid, writing in Esquire in October, noted Russia began hacking the U.S. as early as 1996, five years after the demise of the Soviet Union, and added the DNC hack concealed an even bigger prize for the Russians: the National Security Agency, whose secret files were dumped this August on GitHub and other file-sharing sites.

Then, there is Germany. In May, BfV, Germany’s domestic intelligence agency, said hackers linked to the Russian government had targeted Chancellor Angela Merkel’s Christian Democratic Union party, as well as German state computers.

In September, Arne Schoenbohm, who heads Germany’s Federal Office for Information Security, briefed German lawmakers about Russian hacking. Schoenbohm told Sudduetsche Zeitung, after reports emerged in the U.S. of the hacking of the Democratic National Committee, "[g]iven the background of the American situation, I have to protect our political parties from spying.”

Those warnings became more urgent after the U.S. presidential election. Bruno Kahl, the head of the Germany’s foreign intelligence service, told the newspaper last month Russia could seek to disrupt Germany’s elections next year to create “political uncertainty.”

Merkel, who is seeking a fourth term in those elections, said in November after an attack targeted Deutsche Telekom customers “[s]uch cyber attacks, or hybrid conflicts as they are known in Russian doctrine, are now part of daily life and we must learn to cope with them.”

Suspected Russian hacking has targeted other countries, as well. In April 2007, websites and servers belonging to the government, banks and media in the former Soviet republic of Estonia came under a sustained month-long attack. A U.S. diplomatic cable, published in WikiLeaks, called the Baltic state an “unprecedented victim of the world's first cyberattacks against a nation state.”

Similar attacks targeted the former Soviet republic of Georgia a year later, and Ukraine more recently. All three countries have pro-Western leaders deeply critical of what they see as Russia’s turn toward authoritarianism under Putin.

And prior to perhaps their most high-value target thus far, the DNC, Russian hackers allegedly targeted the World Anti-Doping Agency ahead of the Rio Olympics this summer. WADA had reported a widespread Russian state-run doping program that involved the country’s track-and-field program. That revelation resulted in the Russian track-and-field team being banned from the games.

WADA was hacked in apparent response, and the personal information of several athletes, including the Russian whistleblower who alerted WADA to the scandal, was leaked online. It’s worth pointing out the Russian government has dismissed claims it was involved.

What does “hacking” actually entail?

It depends: Hackers believed to be from Russia have accessed computers and servers belonging to government and political parties in rival countries. In some cases, such as in the DNC or WADA hack, those hacks resulted in the leak of information on websites such as WikiLeaks.

In other cases, the attacks focused on national infrastructure: In Ukraine, for instance, according to Wired, hackers targeted the power grid; they then attacked the telephone service so customers couldn’t call to report the outages. When they hit NSA, hackers posted the agency’s “cyber-weapons” to file-sharing sites, according to Esquire.

The hackers don’t just target states and institutions. Frequently, individuals are caught up, as well. On Dec. 9, the Times reported suspected Russian hackers targeted critics of the country’s government who live overseas by posting child porn on their computers.    

How solid is the CIA’s case that Russia tried to tilt the election for Trump?

An unnamed official told Reuters on Tuesday that “ODNI is not arguing that the agency (CIA) is wrong, only that they can’t prove intent.” The Post noted this problem in its Friday report, citing “the United States’ long-standing struggle to collect reliable intelligence on President Vladi­mir Putin and those closest to him.”

Since the end of the Cold War and especially since 9/11, American intelligence agencies have deprioritized Russia. The Post reported in fall, citing U.S. officials, the “CIA and other agencies now devote at most 10 percent of their budgets to Russia-related espionage, a percentage that has risen over the past two years,” but is still dwarfed by the Cold War peak of about 40 percent.

As for the actual evidence of intent, what’s publicly available is circumstantial, including Russian state TV’s pushing of Trump’s candidacy, and reports that the Republican National Committee, too, was hacked though suffered none of the same embarrassing leaks as the DNC. (The RNC has denied it was hacked; The Wall Street Journal reports, citing “officials who have been briefed on the attempted intrusion,” that the effort was thwarted by the RNC’s cybersecurity systems.)

All of this was occurring in an international political context in which Trump was one of the most pro-Russian presidential candidates in recent memory, while Putin personally blamed Hillary Clinton for inciting protests against his rule when she was secretary of state.

Meanwhile, the denials. Many of Trump’s surrogates have publicly suggested Russia is the victim of a false-flag operation planned by U.S. intelligence—an assertion that doesn’t appear to be based on any fact in the public realm. Russian officials themselves have rejected the idea they are involved, as have Russian cybersecurity experts, one of whom dismissed it as “a classic stereotype of the nineties and early 2000s.” They say it’s virtually impossible to trace the origin of a hack.

But as Kaveh Waddell explained in The Atlantic, while it can be difficult to catch the culprit of a hack, it’s by no means impossible. Esquire, in its story, noted sloppy errors committed by the hackers pointed U.S. intelligence to their whereabouts. Andrei Soldatov, who wrote Red Webtold The Telegraph the Russian government is using its computer industry to hack its targets.

“We have maybe the biggest engineer community in the world, and lots of great specialists,” he told the newspaper. “They are not criminals, they are professionals—and they are not bothered or afraid to refuse requests from government agencies.”

But Trump says we shouldn’t trust the CIA because they were wrong about Iraq’s WMD. Shouldn’t we take that history into consideration?

“There's a big difference between Iraq WMD and Russian cyber hacking,” wrote Amy Zegart, an intelligence expert at Stanford, in an email. “For starters, we're talking about different people making the assessments, a different problem to unravel (hidden nuclear capabilities in a foreign country versus cyberattacks on U.S. systems), and a different analysis process. Intelligence analysis was thoroughly revamped after Iraq, as it should have been. But saying that these are same people who brought us Iraq WMD is like saying this year's Golden State Warriors must be terrible, because the Warriors lost so many games in the '90s.”

Which isn’t to say past intelligence failures writ large have no relevance to today. The relevance is: Intelligence sometimes fails. As Zegart notes: “The best experts didn't predict Trump's win, and that's Americans predicting what Americans will do in an open society with frequent polling. In intelligence, adversaries are working hard and spending billions to hide their activities and deceive us.”

Kenneth Pollack, a former CIA analyst and Clinton National Security Council staffer who argued for invading Iraq in 2003, said in an interview Saddam Hussein did a “totally insane” version of this: “Saddam’s whole thinking was, ‘I’m going to get rid of my weapons of mass destruction, basically after 1995, but I can’t tell my people that. I want my people to continue to fear me, and believe that I have this.’ … The U.S., and the rest of the world, frankly … all picks up on the fact that that he is putting it out to all of his people that, ‘Yeah, I still have WMD.’ And that strikes me as a really fundamental difference.”

He continued: “The intelligence community certainly can be wrong about these kinds of things, and you do want to take everything with a certain amount of skepticism. That said, it seems like in this case, they’ve found the tracks—that’s kind of the nice thing about cyber, as best as I understand it, is you can actually go back and see the keystrokes … which was not something that we had in Iraq.”

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats

JOIN THE DISCUSSION

Close [ x ] More from Nextgov