The Two Tales of Russia Hacking NYT

Yesterday, CNN posted this “first on CNN” story:

Hackers thought to be working for Russian intelligence have carried out a series of cyber breaches targeting reporters at The New York Times and other US news organizations, according to US officials briefed on the matter.

The intrusions, detected in recent months, are under investigation by the FBI and other US security agencies. Investigators so far believe that Russian intelligence is likely behind the attacks and that Russian hackers are targeting news organizations as part of a broader series of hacks that also have focused on Democratic Party organizations, the officials said.

Here’s what the NYT’s own account of the hacking (attempt) is:

The New York Times’s Moscow bureau was the target of an attempted cyberattack this month. But so far, there is no evidence that the hackers, believed to be Russian, were successful.

“We are constantly monitoring our systems with the latest available intelligence and tools,” said Eileen Murphy, a spokeswoman for The Times. “We have seen no evidence that any of our internal systems, including our systems in the Moscow bureau, have been breached or compromised.”

[snip]

The New York Times’s Moscow bureau was the target of an attempted cyberattack this month. But so far, there is no evidence that the hackers, believed to be Russian, were successful.

“We are constantly monitoring our systems with the latest available intelligence and tools,” said Eileen Murphy, a spokeswoman for The Times. “We have seen no evidence that any of our internal systems, including our systems in the Moscow bureau, have been breached or compromised.”

So CNN tells an alarming story about specific reporters being targeted that fits into a larger narrative, citing both the FBI (in which Evan Perez has very good sources) and “other US security agencies,”  which presumably means the NSA. NYT tells an entirely different story, stating that an attack on its bureau in Russia was targeted unsuccessfully, relying solely on official sources as the FBI. One wonders why the NYT story required Nicole Perloth and David Sanger, and also why David Sanger didn’t cite any of his extensive sources at NSA, where these allegations appear to derive.

It’s quite possible both of these stories are misleading. But they do raise questions about why the spooks want to sensationalize these Russian hacks while NYT chooses to downplay them.

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

13 replies
  1. blueba says:

    “Hackers thought to be working for Russian intelligence” unproven allegation!!!! complete with the weasel words.

    “But so far, there is no evidence that the hackers, believed to be Russian, were successful.”

    Just curious as to how emptywheel defines the phrase “believed to be” sense the conclusion to this post “factually” states: “these Russian hacks” saving readers the need to wade through all those pesky weasel words, no doubt the documentary evidence of this “factual” assertion will be forthcoming.

    Or was it China?? I guess that depends of whether it is morning or afternoon.

    • jerryy says:

      You are illustrating the phrase ‘cannot take yes for an answer’.
      .
      You have a short article directly casting doubt on any claim of nationality or group membership of the crackers, yet have to distort the conclusion to be able to use it as a step ladder to climb up there on that high horse you are riding.
      .
      From the quoted article: “New York Times’s Moscow bureau was the target of an attempted cyberattack…”
      .
      Moscow is in Russia, that makes it a ‘Russian hack’ as opposed to ‘Russian hackers’ which would be a specific group.

  2. edge says:

    What the ..sensationalism? I have never had a server where there wasn’t unsuccessful attacks practically every day.

    • bevin says:

      If I understand you correctly what you are saying is that this is not a story.

      I agree; the real story lies in the use, by the NYTimes, of this occasion (on which nothing happened) to run out an old Cold War meme which, very conveniently, chimes with the Clinton campaign’s increasingly desperate attempts to deflect attention from its peccadilloes.

      It strikes me that Mr Slim, who is a major shareholder at the Times and is reported in Politico today as having given the Clinton Foundation between $5 million and $1 million, might want some of his money back: the Clintons should be paying him.

      Marcy cannot be faulted for following this story. Because the story behind the story is one of enormous significance. It is all part of a smokescreen being laid, behind which a very dangerous war, a desperate neo-con gamble which jeopardises life itself, is being planned.

    • JC says:

      I agree. My home server (I live in a US Military Base town) is probed literally hundreds of times a day. The largest amount of probes on a daily basis are far and away Chinese IP Blocks, easily exceeding Russian blocks ten-fold. Why would it not be the same in Moscow?

  3. rugger9 says:

    As edge noted as well, this is kind of a non-story, and we don’t have the context (i.e. how long ago was this hacked?) because in prior releases like this over the last month or so, the reporting was delayed well after the event.
    *
    Note to bevin, please do not refer to the Cold War unless you served during that period. It’s not as Manichean as you make it to be. This post’s story by itself does not make a big enough provocation to do much of anything, at most it’s more of the poke-with-a-stick exercise that NATO and the Warsaw Pact would do to see what the other side would detect and/or do.

  4. rugger9 says:

    Something else popped up on Daily Kos:
    http://www.dailykos.com/story/2016/8/25/1563684/-Russian-Hackers-Accidentally-Post-Different-Versions-of-Stolen-Docs-Post-Steal-Editing
    *
    It seems our hackers also edited some of the documents, which is behavior seen before as well. I had noted in an earlier thread about the issue of NSA spying being able to plant inconvenient information to take down opponents as the McCarthy-driven HUAC had done.
    *
    So, while Assange could have done the world a great service by sticking solely to the facts, something like this will give anyone identified a plausible story of malicious editing. It’s a pity that Julian Assange had gone over to the dark side. In this case there seems to be the fine hand of Putin driving the outcome he wants in our election, a pliable hothead nicknamed “the Donald” who owes Vladimir a lot of money and has already done what Vlad wanted done.

Comments are closed.