Despite the weakness of the evidence they provided, after private cybersecurity companies made those claims against Russia, the media almost unanimously accepted them as facts. This became even more true after the US intelligence community started to publicly make very similar claims during the campaign. On October 7, just one month before the election, the Office of the Director of National Intelligence and the Department of Homeland Security issued a joint statement in which they said that the US intelligence community was confident that “the Russian Government directed the recent compromises of e-mails from US persons and institutions, including from US political organizations”. However, in the rest of the statement, the claims they made were very weak and extremely ambiguous:
The recent disclosures of alleged hacked e-mails on sites like DCLeaks.com and WikiLeaks and by the Guccifer 2.0 online persona are consistent with the methods and motivations of Russian-directed efforts. These thefts and disclosures are intended to interfere with the US election process. Such activity is not new to Moscow—the Russians have used similar tactics and techniques across Europe and Eurasia, for example, to influence public opinion there. We believe, based on the scope and sensitivity of these efforts, that only Russia’s senior-most officials could have authorized these activities.
The fact that the public disclosure of material stolen from the Democratic party is consistent with the methods and motivations of Russian-directed efforts is at best extremely weak evidence that Russia is responsible. There are obviously lots of things it’s also consistent with and, in general, lots of things are consistent with lots of other things, but you usually don’t hear people say it constitutes evidence. Similarly, it may be true that, if Russia was behind the attacks, only the most senior officials could have authorized them, but it’s hard to see how the scope and sensitivity of the attacks could be evidence that Russia is responsible. Presumably, if the ODNI and the DHS had been in possession of stronger evidence at the time, they would not have used that kind of language. Indeed, although the statement talked about the “US intelligence community”, the FBI declined to join the chorus as, according to the New York Times, they could not establish a clear link between the leaks and Russia.
That’s where we were before the election, but things started to change after Trump’s surprise victory. On December 9, just one month after the election, the Washington Post revealed that the CIA had determined that Russia was responsible not only for hacking the Democratic party, but also for providing WikiLeaks with the stolen material so that it would publish it. Someone from the agency briefed a group of US senators and told them that, according to their assessment, Russia had tried to help Trump win the election. According to the article, however, there were still disagreements among US intelligence officials:
For example, intelligence agencies do not have specific intelligence showing officials in the Kremlin “directing” the identified individuals to pass the Democratic emails to WikiLeaks, a second senior U.S. official said. Those actors, according to the official, were “one step” removed from the Russian government, rather than government employees. Moscow has in the past used middlemen to participate in sensitive intelligence operations so it has plausible deniability.
In other words, despite that the Washington Post claimed at the beginning of the article, it seems that, even a month after the election, the US intelligence could still not prove that the Russian government was behind the release of the material stolen to the DNC and Podesta by WikiLeaks. As for the other points on which US intelligence officials disagreed, we have no idea what they were about, as the Washington Post was apparently not very interested in dissenting opinions on this story…
A few days after the Washington Post published that story, the New York Times published a very long piece, which purported to tell the history of Russian-directed cyber attacks in the US. I don’t want to dissect the whole article, which didn’t really say anything new, but I have to quote this passage, which would have made even journalists at the Pravda blush:
In February 2014, [the Russians] broadcast an intercepted phone call between Victoria Nuland, the assistant secretary of state who handles Russian affairs and has a contentious relationship with Mr. Putin, and Geoffrey Pyatt, the United States ambassador to Ukraine. Ms. Nuland was heard describing a little-known American effort to broker a deal in Ukraine, then in political turmoil.
Now, people at the New York Times are very polite and they often don’t like to talk bluntly about the activities of the activities of the US government abroad, lest people be shocked by what they read. Indeed, what they describe as “a little-known American effort to broker a deal in Ukraine” was actually a coup against Viktor Yanukovych, the democratically elected President of Ukraine. In the conversation between Nuland and Pyatt they mention, you can hear them talk about who should become Prime Minister of the country after Yanukovych is gone. They quickly decide that Arseniy Yatseniuk was the right man for the job and, two weeks after that conversation, a coup took place and, you guessed it, Yatseniuk became Prime Minister. (There would be a lot to say about the way in which Jonathan Marcus, the author of the BBC article about that conversation I linked to, tried to spin it and what he didn’t say, but that’s a story for another day.) The New York Times, however, is absolutely correct that this “effort” is little-known, but this may have something to do that the US media chose not to talk much about that story. I wonder why…
A few days before it published that article, just after the Washington Post published the story about the CIA’s assessment that Russia was behind the leaks of the material stolen to the Democratic party, the New York Times had published another piece on the CIA’s assessment. According to that article, it was built on a “swell of evidence”, no less. What was the evidence in question? Well, in traditional NYT fashion, one had to wait until the middle of the article to find out. Of course, most people won’t go that far, but they will remember the headline, which is probably what the New York Times wanted. But when you read the entire thing, it’s clear that the evidence, at least that which is given in the article, boils down to statements by Russian officials suggesting that the Russian government wasn’t particularly fond of Clinton. Given that she compared Putin to Hitler, this wasn’t exactly a surprise, but it’s clearly not evidence that Russia hacked the DNC/Podesta’s email account and provided the material they stole to WikiLeaks so that it would publish it, all in order to help Trump win the election…
The piece also mentioned the previous revelation that Paul Manafort, the director of Trump’s campaign before he was replaced in August in large part because of that article, may have received illegal payments from the party of Viktor Yanukovych for whom Manafort used to work, according to a ledger miraculously found by the Ukrainian government during the campaign. The Ukrainian government in question, it should be recalled (which the New York Times didn’t), had been installed by a coup supported by the US. So let me summarize: a government which resulted from a coup orchestrated by the US and had every reason to fear a Trump presidency, given his declared intention to pursue a détente with Russia, allegedly found the name of Trump’s campaign manager, who we already knew had worked for Yanukovych, in a ledger where someone noted cash payments made by corrupt members of the Party of Regions and we’re supposed to take that very seriously. Right… Note by the way that, after the election, the Ukrainian government suddenly realized that the ledger in question may have been fabricated and, according to a very detailed article on Politico, this could have been part of a campaign to help Clinton during the election. (Unlike the alleged interference of Russia, this interference in the US presidential election doesn’t seem to concern the media very much, but I’m sure this is just a coincidence.) Of course, this should not affect our assessment because the Ukrainian government now has a very good reason to play nice with Trump, just like it was irrational to put much stock in their discovery of the ledger a few months ago, when the authorities in Kiev thought Clinton was going to be elected.
Another thing mentioned by the New York Times in that article is “a mysterious and unexplained trail of computer activity between the Trump Organization and an email account at a large Russian bank, Alfa Bank”. Sounds nefarious, right? Except that what the New York Times didn’t say in the article is that, by the time it was published, this story had already been debunked a long time ago, including by news outlets openly favorable to Clinton. I guess the New York Times, which is full of very competent and honest journalists, who are not biased against Trump at all, must have just forgotten to mention that small detail. Clearly, it had to be an oversight, right? What other explanation could there be?
As we have seen, up until that point, the US intelligence community apparently didn’t have any proof that Russia was responsible for hacking the Democratic party and providing the stolen material to WikiLeaks. The Obama administration, at any rate, had certainly not publicly claimed that it had proof of that. But this changed on December 29, when the administration published a joint analysis report by the DHS and the FBI, which claimed that Russian intelligence agencies were behind APT28/Fancy Bear and APT29/Cozy Bear, the groups that had already been accused by private cybersecurity companies of hacking the Democratic party. On whether Russia was responsible for publicly disclosing the material, however, the report was more ambiguous:
In spring 2016, APT28 compromised the same political party, again via targeted spearphishing. This time, the spearphishing email tricked recipients into changing their passwords through a fake webmail domain hosted on APT28 operational infrastructure. Using the harvested credentials, APT28 was able to gain access and steal content, likely leading to the exfiltration of information from multiple senior party members. The U.S. Government assesses that information was leaked to the press and publicly disclosed.
This suggests that it was APT28/Fancy Bear who arranged for the material it stole from the Democratic party to be leaked, but while it’s a natural interpretation, the language used in that paragraph strictly speaking doesn’t even require it. Indeed, the last sentence just says that the information stolen from the Democratic party was publicly disclosed, but it doesn’t say by whom. It doesn’t even mention WikiLeaks or DC Leaks, the organizations that published the material. Of course, this imprecision could just be another sign that the report was put together in haste, which is certainly the impression it gives.
Indeed, while it’s 13-pages long, only the first 4 of them explains why the DHS and the FBI thought Russia was behind the hacking of the Democratic party. The rest of the report just contained advice for American individuals and organization to protect themselves against cyber attacks in general and, for the most part, didn’t have anything to do with the allegations against Russia specifically. In fact, the only thing which had anything to do with this in the rest of the report was an “indicator of compromise”, i. e. a signature used by cybersecurity experts to identify a well-known file that has been found on hacked systems before. The report suggested that, by using a YARA rule they give to identify this signature (YARA is a tool used to detect malwares), one could attribute cyber attacks to the Russian intelligence. But, as the cybersecurity expert Robert Graham pointed out at the time, what this rule detects is “PAS TOOL WEB KIT”, a tool used by thousands of hackers most of whom presumably have nothing to do with the Russian government. Indeed, if you just Google it, you can download a copy yourself.
As for the first 4 pages of the report, which explains why the FBI and the DHS believe that Russia was behind the attacks on the Democratic party, it provided almost no evidence whatsoever and absolutely nothing that private cybersecurity firms had not already published several months before the report was published. In fact, if you read what cybersecurity companies had published in the months before that, you will find a lot more evidence than what you can find in the DHS/FBI report, which almost doesn’t contain any. The fact that the DHS/FBI report totally failed to make the case was pointed out by many cybersecurity experts. Jeffrey Carr, whom I already mentioned, called it a “fatally flawed effort”. Ars Technica, a specialized website, published a piece with the headline was “White House fails to make case that Russian hackers tampered with election”. Robert Lee, another cybersecurity expert who is clearly sympathetic to the administration’s allegations, published a lengthy critique of the report in which he said that it read “like a poorly done vendor intelligence report stringing together various aspects of attribution without evidence”. He also pointed out some pretty serious technical confusions in the report. Security Week, another specialized website, reported that experts agreed that the report “didn’t deliver on its promises”. ZDNet wrote that “the Russian government may have hacked Hillary Clinton’s campaign and the Democratic National Committee (DNC) to support Donald Trump’s campaign, but there’s no hard technical proof”.
Moreover, as even the New York Times had to admit, “the evidence in a report, in which the administration referred to the Russian cyberactivity as Grizzly Steppe, fell short of anything that would directly tie senior officers of the G.R.U. or the F.S.B., the other intelligence service, to a plan to influence the election.” But this didn’t prevent Obama from using the DHS/FBI report as a justification for the new sanctions that he imposed on Russia for its alleged interference in the election. According to the statement released by the White House at the time, “Russia’s cyber activities were intended to influence the election, erode faith in U.S. democratic institutions, sow doubt about the integrity of our electoral process, and undermine confidence in the institutions of the U.S. government.” What is remarkable about this statement is how vague the accusations it makes against Russia are. For instance, it claims that Russia tried to “influence the election”, but doesn’t say how exactly.
Despite the lack of evidence, the media had already decided that Russia had interfered in the election to help Trump, which led to a wave of anti-Russian hysteria we had not seen in the US since the Cold War. On December 31, the Washington Post published a story with the headline “Russian hackers penetrated U.S. electricity grid through a utility in Vermont, U.S. officials say.” This story was widely shared by other journalists, but it quickly unravelled, as it turned out that almost everything about it was false. The story initially claimed that a malware used in the attacks on the Democratic party had been found on the computers of the electricity grid in Vermont, but it turned out that it had only been found on the personal laptop of someone working for the utility. Moreover, the malware in question is actually available for purchase online by anyone, meaning that anyone could have used it and not just the Russian intelligence. As people started to point that out, the Washington Post quietly edited the article, but it wasn’t until several other news outlets called it out that it added a note at the beginning acknowledging the mistake and the changes that had been made. However, as Glenn Greenwald explained in the Intercept, the Washington Post no doubt richly benefited from this hack job, as the article was shared widely and generated a lot of traffic on their website, whereas the retraction went mostly unnoticed because the people who shared the article on social networks didn’t bother to point out that it was false after this had been established.
But this was not the only time that the Washington Post had fueled the anti-Russian hysteria by publishing completely unsupported claims that were then widely repeated by other journalists. Even before the DHS and the FBI published their report, it had published another piece, which claimed that Russia was responsible for spreading fake news on the Internet to disinform the American public. The article largely relied on the claims made by a mysterious group called PropOrNot, which compiled a blacklist of websites that, according to it, were relaying Russian propaganda. The problem is that, as many people noted, the methodology used to put together that list was totally obscure and, judging by the websites on the list, many of them perfectly respectable news outlets, it seems that the main or perhaps the only criterion was publishing articles critical of Washington’s foreign policy. After several people criticized it and some of the websites on the list complained, the Washington Post was eventually forced to add a note to the article, which just said that it “does not vouch for the validity of PropOrNot’s findings regarding any individual news outlet, nor did the article purport to do so”. One may legitimately wonder, if the Post didn’t vouch for the validity of PropOrNot’s findings, why it published that article in the first place… Again, this article was shared widely and fueled the anti-Russian hysteria in the media and the public, but the Washington Post didn’t have to pay any penalty for publishing it, on the contrary.
A week after the DHS and the FBI published their joint report analysis, on January 6, the DNI released a report put together by the CIA, the FBI and the NSA. Compared to the DHS/FBI report, the claims in that report were relatively precise. It says that the CIA, the FBI and the NSA “assess with high confidence that the GRU used the Guccifer 2.0 persona, DCLeaks.com, and WikiLeaks to release US victim data obtained in cyber operations publicly and in exclusives to media outlets”. The annex on the estimative language used in the report says that “high confidence generally indicates that judgments are based on high quality information from multiple sources”, but “does not imply that the assessment is a fact or a certainty; such judgments might be wrong”. By contrast, according to the annex, “moderate confidence means that the information is credibly sourced and plausible but not of sufficient quality or corroborated sufficiently to warrant a higher level of confidence”. This language is so vague that it’s essentially impossible to determine what it means without knowing exactly how the judgments were made, but as we shall see, the report does not disclose any evidence to back up the most important claims it contains. The presence of the qualifier “generally” in the explanation of what “high confidence” means is also significant. It’s hard to see what it could mean, except that judgments in which the intelligence community has “high confidence” are not always based on “high quality information from multiple sources”. Thus, it’s not clear what to make of the claim that the CIA, the FBI and the NSA asses with “high confidence” that Russia is responsible for hacking the Democratic party and publicly disclosing the material through Guccifer 2.0, DC Leaks and WikiLeaks.
It’s also significant that, according to the report published by the DNI, while the FBI and the CIA assess with high confidence that “Putin and the Russian Government aspired to help President-elect Trump’s election chances when possible by discrediting Secretary Clinton and publicly contrasting her unfavorably to him”, the NSA only has moderate confidence in this judgment. As we have seen, even high confidence doesn’t really mean anything unless we are told how a judgment was arrived at, but it’s still noteworthy that the NSA was apparently less confident than the CIA and the FBI that Russia was trying to help Trump and we have absolutely no idea why. The NSA has very sophisticated signal interception capabilities, some of which are known to the public because Edward Snowden revealed them in 2013, so it’s a bit surprising that the FBI, which is primarily a domestic intelligence and security agency, was able to establish Putin’s intentions with more confidence than the NSA.
But what is even worse is that the report doesn’t contain a shred of evidence to back up the most serious claims it makes. Even the New York Times admitted that “what is missing from the public report is what many Americans most eagerly anticipated: hard evidence to back up the agencies’ claims that the Russian government engineered the election attack.” (However, the New York Times only used that blunt but honest language in the inside pages of the newspaper, whereas the article it published on the front page with the headline “Putin Led Scheme to Aid Trump, Report Says” made no such admission, but merely noted that “the public report lacked the evidence that intelligence officials said was included in a classified version”.) Of course, the DNI explains at the beginning of the report that it could not disclose all the evidence, on the ground that it “would reveal sensitive sources or methods and imperil the ability to collect critical foreign intelligence in the future”. However, this rationale has been criticized by many people, such as the Veteran Intelligence Professionals for Sanity, a group of former US intelligence officers formed in January 2003 to protest against the use of faulty intelligence to justify the invasion of Iraq by the US which took place a few months later.
They point out that, on several occasions in the past, the US government decided to release sensitive intelligence at the risk of compromising critical sources/capabilities because it judged that it was important to substantiate the allegations it was making. For instance, in 1986, a nightclub was bombed in Berlin and President Reagan ordered the US air force to bomb Muammar Gaddafi’s compound, resulting in the death of several civilians but not Gaddafi. It’s hard to argue with them that, if this episode justified compromising sensitive intelligence capabilities, the allegations against Russia recently made by the US government, which are extremely serious (at least the claim that Moscow was responsible for leaking the material stolen from the Democratic party to help Trump), justifies it even more. Perhaps the sources and/or capabilities on which the US intelligence community relied to substantiate those accusations, assuming they exist, are more important than in 1986, but surely the administration could have at least given some evidence to back up the most serious accusations made in the report. Yet, despite multiple calls to do so, it has continued to refuse to provide any. Unfortunately, now that Obama left the White House and that Trump is President, people would understandably not trust anything his administration released unless it proved that the accusations against Russia were substantiated by sufficiently strong evidence, which Trump presumably would not allow even if there were such evidence. The Veteran Intelligence Professionals for Sanity are not the only ones who criticized the argument that the intelligence community could not release any hard evidence because it had to protect its sources/methods. For instance, as The Intercept reported, Susan Hennessey — a former NSA attorney who is now a fellow at the Brookings Institution — said the same thing.
As Seymour Hersh, the reporter who, among other things, broke the My Lai massacre story during the Vietnam war and the Abu Ghraib prison scandal during the US occupation of Iraq, observed in a discussion with Jeremy Scahill, the report published by the DNI is not a national intelligence estimate. A national intelligence estimate always contains several dissenting opinions, whereas the report published by the DNI did not contain any. Indeed, as I already noted above, according to the Washington Post, there were still disagreements between US intelligence officials in December (just 3 weeks before Obama announced the sanctions against Russia), when the Post revealed that the CIA officials had briefed US senators about the alleged Russian interference in the election. This kind of intelligence assessment intended for public consumption, which doesn’t contain any evidence but only assertions, has a well-known bad track-record. It’s the kind of things the Bush administration used in 2003 to justify the invasion of Iraq, on the ground that it possessed weapons of mass destruction, which as everybody knows turned out to be completely false. At the time, most of the media also accepted the claims of the Bush administration as facts (just as they uncritically accepted the allegations by the Obama administration that Russia had interfered in the election to help Trump), thereby contributing to one of the greatest foreign policy disasters in the history of the US. In the aftermath of this fiasco, many people noted how unreliable the intelligence process can be when it’s politicized, as it undoubtedly is in the case of the allegations that Russia interfered in the election to help Trump. No one can imagine that the people in charge of the various US intelligence agencies that contributed to the report, all of them appointed by Obama, were not under intense political pressure from their side to confirm the accusations, even if they were not given specific instructions to do so.
In that respect, it’s worth noting that, in August 2016, the House of Representatives Joint Task Force on US Central Command Intelligence Analysis published a report which showed that CENTCOM’s procedures had distorted the intelligence produced by its analysts, in a way that made it more optimistic than the facts warranted. As the report notes, the Analytic Objectivity and Process Survey, which is conducted every year by the ODNI, found in 2015 that “over 50% of analysts [thought] that CENTCOM procedures, practices, processes and organizational structures hampered objective analysis, and 40% responded that they had experienced an attempt to distort or suppress intelligence in the past year”. (Michael Flynn, Trump’s short-lived National Security Advisor whose resignation I discuss later in this piece, was forced to step down as head of the DIA in 2014 precisely because he said that the intelligence on the situation in Iraq was distorted in that way.) The report also found evidence that, through frequent teleconferences with the Office of the Director of National Intelligence, CENTCOM’s leaders may have been provided with “with outsized influence on the material presented to the President”. It showed that James Clapper, who until recently was the Director of National Intelligence, made a false statement in his testimony about that issue. (As we shall see shortly, it wasn’t the first time that Clapper lied to Congress.) Thus, there is plenty of evidence that not just under Bush, but also under Obama, the intelligence process was politicized. This does not invite confidence in the kind of intelligence assessment that was released by the ODNI about the alleged interference of Russia in the election.
In fact, I can’t think of a single example in which that kind of intelligence assessment, which is used by a government to justify its decisions but does not contain any hard evidence, was subsequently confirmed independently. The last time the US administration published such a report was after the chemical attack in the suburb of Damascus in 2013, when the White House released a similar document, which accused the Syrian government of being responsible for the attack. Again, most of the media followed suit and accepted this as fact, yet as Robert Parry explained in 2014, several facts have since then made the accusation unlikely to be true. Despite the serious problems with the accusation, to this day, the media largely continues to write that Assad’s regime was responsible as if there could be no doubt about this. Thus, it seems to me that Hersh is clearly right when he blasts the media for uncritically accepting the narrative that Russia hacked the Democratic party and arranged for the material to be released in order to help Trump, for the evidence publicly available is next to non-existent and we have excellent reasons not to trust the government on this. The fact that James Clapper, whose office released the report about Russian hacking, is known to have lied under oath in front of Congress back in 2013 and was heavily involved in the intelligence process which concluded in 2003 that Iraq possessed weapons of mass destruction, only makes this more obvious.
Finally, it’s worth recalling that, as James Bamford pointed out in a piece for Reuters in November, the investigation into a hack of Nasdaq in 2010 lasted for months and, even after so long, wasn’t able to reach a definitive conclusion:
That speed and certainty contrasts sharply with a previous suspected Russian hack in 2010, when the target was the Nasdaq stock market. According to an extensive investigation by Bloomberg Businessweek in 2014, the NSA and FBI made numerous mistakes over many months that stretched to nearly a year.
“After months of work,” the article said, “there were still basic disagreements in different parts of government over who was behind the incident and why.” There was no consensus, with just a 70 percent certainty that the hack was a cybercrime. Months later, this determination was revised again: It was just a Russian attempt to spy on the exchange in order to design its own.
The federal agents also considered the possibility that the Nasdaq snooping was not connected to the Kremlin. Instead, “someone in the FSB could have been running a for-profit operation on the side, or perhaps sold the malware to a criminal hacking group.”
Yet, despite a much shorter investigation, the Obama administration claimed that the US intelligence community had been able to reach a great level of certainty in the case of the allegations that Russia interfered in the election. As a result, with a few exceptions, the media accepted those allegations as facts.