A Busy Day for the Bears

Yesterday, there were three arguably big events associated with stolen records alleged to have ties to Russia’s GRU.

Simon Biles treats her ADHD

The first is the leak, by a group explicitly calling itself Fancy Bear (though the hack was once tied to Polish Anonymous), of anti-doping agency records showing the Williams sisters and Simone Biles all got approval for and took drugs on a list of otherwise banned substances. While there are no allegations of impropriety — indeed, Biles explained that in her case the exception involved treating ADHD — the story got covered by the major international press, including the Beeb, NBC, and NYT.

Colin Powell rants

The second alleged-Bear event is the release of Colin Powell emails, obtained by DC Leaks, to The Intercept, BuzzFeed, and Politico. The emails include quite recent ones, including one from August 26. Powell now uses GMail, suggesting his emails should be harder to hack than (for example) his State emails on AOL or emails run on a private server. Whether you worry about Russian influence or not, this hack is quite newsworthy.

There are embarrassing emails with Powell asserting that “Everything HRC touches she kind of screws up with hubris,” as well as emails with Powell complaining about Trump’s racism and the press’ stoking of it.

The emails are not limited to election-related ones, either. They also include correspondence between Powell and Jack Straw and how the Chilcot report got buried in all the Brexit news.

Guccifer 2 goes mainstream

dncarchitecture_mc

Finally, there was the “appearance” at a security conference by Guccifer 2.0, the guy who has released the DNC emails that gave the Democrats an excuse to force Debbie Wasserman Schultz’s to resign, though they had been looking for an excuse for some time.

In point of fact, Guccifer 2.0 didn’t appear in person at the conference. Rather, he sent a speech which got read at the conference, with the transcript released to journalists. The speech focused on the negligence of software companies in security. Guccifer went on for several paragraphs about the power and sloppiness of tech companies, arguing they were to blame for hacks.

The next reason, and the crucial one, is software vulnerability. Tech companies hurry to finish the work and earn money. So they break development cycle very often omitting the stage of testing. As a result, clients have raw products installed on their systems and networks with a great number of bugs and holes.

Fourth. It’s well known that all large companies look forward to receiving governmental contracts. They develop governmental websites, communication systems, electronic voting systems, and so on and have their products installed to critical infrastructure objects on the national level.

They are aggressively lobbying their interests. You can see it at the diagram that they spent millions of dollars for lobbying. That doesn’t mean they will produce better software. That means they will get even more money in return.

Then he returned to a claim he has made on two earlier occasions: that he hacked DNC via a vulnerability in VAN.

So, what’s the right question we should ask about cyber crime?

Who hacked a system?

Wrong. The right question is: who made it possible that a system was hacked? In this regard, what question should you ask me?

How I hacked the DNC???

Now you know this is a wrong question. Who made it possible, that I hacked into the DNC? This is the question. And I suppose, you already know the answer. This is NGP VAN Company that operates the DNC network. And this is its CEO Stu Trevelyan who is really responsible for the breach.

Their software is full of holes. And you knew about it even before I came on stage.

You may remember Josh Uretsky, the national data director for Sander’s presidential campaign. He was fired in December, 2015 after improperly accessing proprietary data in the DNC system. As it was agreed, he was intentionally searching for voter information belonging to other campaigns.

However, he is not to blame. The real reason voter information became available for non-authorized users was NGP VAN’s raw software which had holes and errors in the code. And this is the same reason I managed to get access to the DNC network. Vulnerabilities in the NGP VAN software installed on its server which they have plenty of. Shit! Yeah?

This scheme shows how NGP VAN is incorporated in the DNC infrastructure.

One of two schemes released with the speech appears above.

Now, Guccifer’s allegation — tying vulnerabilities in the VAN software to his own hack — could be newsworthy. Recall, after all, that one excuse the Bernie staffer gave for nosing around Hillary’s side of VAN was that Sanders’ own data had been compromised earlier that year. Importantly, Guccifer’s persistent focus on VAN, which was a signature moment in Sanders’ voters disillusionment with the DNC conduct in the election, would provide an alternative motive for this hack rather than just a Putinesque plot to tamper with Hillary’s election.

Thing is, there’s nothing in the materials released on VAN that indicates any particular vulnerability (though the dump does include some dated information on DNC’s computer security): effectively Guccifer makes an allegation but — at least from what I’ve seen and heard from a few people who know security better — doesn’t deliver the goods.

Indeed, while there are documents acknowledging the kind of pay-to-play appointments for big donors that both parties practice, and some other financial data that I suspect may prove more interesting with further scrutiny, there’s nothing really newsworthy in this dump. It seems to be interesting primarily to Bernie diehards, not the press generally, which is rightly more interested by the Powell emails.

Which, again, emphasizes how much Guccifer has been feeding Bernie diehards, either out of his own motivation or his handler’s. It is worth noting that while Guccifer claims to oppose Trump’s policies, he did say this about Sanders: “I have nothing to say about Bernie Sanders. It seems he never had a chance to win the nomination as the Democratic Party itself stood against him!”

Why stomp on the Bears other big blasts?

Which has me wondering about yesterday generally. If someone is orchestrating all these leaks, why have Guccifer “give a speech” on the same day as two highly managed releases, especially given that Guccifer failed to deliver the goods? Indeed, why invite Guccifer to, or have him accept an invitation from, a pretty staid security conference at all?

And what is the role of Darren Martyn, a LulzSec Irish hacker who was indicted along with Jeremy Hammond but apparently never extradited. He’s apparently the one who read Guccifer’s speech. Which raises all sorts of questions about Guccifer’s ties to the Anon group of hackers, or maybe also to what Martyn has been doing since he was indicted in the US.

Let me just close with an observation.

The Democrats have, rightly, been worried about what Guccifer will release closer to the election; I’ve heard specific concerns from connected Dems that he will release far more damning financial documents. The FBI, too, appears uncertain whether the set of documents Guccifer has is the same that the GRU-related hackers are believed to have spied on at the DNC. Thus, both the DNC and FBI would love to do something to make Guccifer show more of his hand.

Before this hack, we were all just waiting to see what Julian Assange, who is clearly maximizing damage to Hillary, will drop next.

And instead, by inviting Guccifer to appear at a conference, someone got Guccifer to drop an additional 700 MB of files while everyone is busy looking at the Powell emails.

 

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

18 replies
  1. jerryy says:

    .
    “And instead, by inviting Guccifer to appear at a conference, someone got Guccifer to drop an additional 700 MB of files while everyone is busy looking at the Powell emails.”
    .
    It was probably Kevin:
    .
    http://xkcd.com/1729/
    .

  2. rugger9 says:

    Well, as I’ve noted before, the problem here is not only that files can be found but files can also be planted into a network, and then “leaked” for effect and the D’s will not be able to counter / prove the fabrications in time, it’s similar to trying to keep up with Trump campaign lies, there’s just too many of them to kill them all. BTW, it’s a favorite Warsaw Pact tactic, to overwhelm their enemy with unlimited force. I have zero doubt that given the level of ties between Trump and Putin (and the Russian mob) with more revelations today from Newsweek that some kind of fix is in like a Zimmerman Telegram except this one will be phony. That’s why Assange’s stuff will need scrutiny, last week’s dump blew up in their faces.
    *
    I see Donald went to the doctor last week and no one noticed in his press pool or thought it worth mentioning. Normally it wouldn’t matter, but if his campaign is going to attack HRC’s health the door is opened to inquire about someone older than she is and who hasn’t taken care of himself that well, so why not point out that the Donald is keeping up on his physicals, if he really saw Bornstein somewhere other than the golf course? More worrisome, behind Trump is Mike Pence who is a RW troglodyte (he passed a hate the gays law in Indiana before reversing himself to save a major championship, among many other antediluvian positions) that was about to be turfed out as Governor in IN before Trump threw him his lifeline as the prospective Veep. Kaine on the other hand is rational. Pence is about pandering for votes.

    • emptywheel says:

      You might be careful to distinguish between ties between Trump and Putin and ties between Trump and others, including Russian mobsters.

      By the logic of association you’ve adopted, Hillary would be every bit as criminal though associations with the Foundation, which I don’t believe to be the case. There’s a WHOLE bunch of bad argumentation about the Trump to Russia ties that is beneath the dignity of a party or a person claiming to be “liberal.”

      The Democrats may well blow this election by running against Putin and not the loathesome Trump.

      • martin says:

        quote”You might be careful to distinguish between ties between Trump and Putin and ties between Trump and others, including Russian mobsters. “unquote

        Not to mention a shitload of “business partner criminals”…

        http://www.newsweek.com/2016/09/23/donald-trump-foreign-business-deals-national-security-498081.html

        Never ceases to amaze me how Trump has convinced the worst capitalist scum bags on the planet, that his “brand” will make them billions, while he sucks in MILLIONS just for using his ..ahem.. name.

        At least one place on the planet tells him to eat shit and die…

        http://www.mcclatchydc.com/news/politics-government/election/article101656692.html

        God, if arrogance was weather, Trump would be the Red Spot of Jupiter.

      • rugger9 says:

        I do not concur with the analysis or the both-sider tone since I said bupkis about HRC’s foundation. What is clear from several sources is that Donald is actively involved with at least one, let’s say, “go-between” that had offices in his flagship building in NYC. You may want to stroll over to Mother Jones and TPM and Newsweek and the Washington Post, and even the NYT (outside the editorial staff) for some well-researched articles. The fact that the taxes still will not be released proved the point as about being something to hide such as Russian financing. Putin’s demonstrated marionette control (the USA ditching NATO idea from Trump is a dream for Russia, among many other statements) is an outcome of that, that we know of right now.
        *
        Which strangely enough brings to the point I made about the Zimmerman Telegram, which drove home for America the intended threat from the Kaiser’s Germany and united the nation behind going to war. If Putin is exposed as using Trump as a tool to buy his own pet WH, even Trump would lose half of his 30-something percent base. That’s why the increasingly desperate witch hunts about HRC’s alleged shortcomings, it is to distract away from the rampant corruption (paying Trump first and stiffing vendors) and opacity (medical records, taxes, emails, business dealings, 3000+ lawsuits for fraud, Trump U, ….) problems for Trump.
        *
        CP’s emails prove more about CP’s political cattiness than anything else, which wasn’t very surprising to me. He was the Petraeus before the current Petraeus in terms of political generalship (no, he didn’t cough up pillow talk secrets like DP did) that was strangely Teflon. It basically finishes Powell in politics, however, which is probably a good thing.

  3. GKJames says:

    Vertigo-inducing sophistry from Guccifer. I committed a crime because the victim failed to protect itself adequately. If it was really about improving software, all he had to do was notify NGP VAN Company of the vulnerabilities. The mainstream press, too, walks a fine line between journalism and benefitting from the fruits of criminality. Nothing compels it to publish medical information, nor is that information vital to the functioning of a healthy republic (if we only had one…). And let’s not get confused: the behavior of Guccifer and the press is solely about the money.

  4. wayoutwest says:

    The Clintonites are panicked and waiting for the next shoe to fall without an identifiable Russian to take the heat but their minions keep trying.

    Trump that minion of the Kremlin, according to Clintonites, has just stepped into the lead in Ohio according to the latest poll so many Ohioans must love some Putin too.

    I can’t wait to see how the Clintonites try to spin or distract from the next email IED release, they’re trying to spin the Colin Powell emails as mostly about Trump but that pig won’t fly.

    • Ed says:

      wayoutwest : “I can’t wait to see how the Clintonites try to spin or distract from the next email IED release, they’re trying to spin the Colin Powell emails as mostly about Trump but that pig won’t fly.”

      I have yet to see that. What fever swamps are you visiting?

      • wayoutwest says:

        I do visit that fevered Clintonite swamp HP to see what’s bubbling up and a Clintonite may not be able to recognize the fever but there and elsewhere the headlines I noticed emphasized Powell’s comments about Trump while you had to read into the post to get to the meat of his damming critique of Clinton and Clintonites.

        • bmaz says:

          Colin Powell? The lying asshole with the fake vial of anthrax that literally lied the world into a fraudulent war of aggression?
          .
          Yeah, we should totally give a flying fuck what he thinks.

          • wayoutwest says:

            The Clintonites have been reduced to responding to any new bad news with, it’s all a vast conspiracy of lies. They can’t use right-wing with the lies anymore because the worst of the RW are now her biggest supporters.

            Turnout for the election by Black voters seems to be a problem and Obama has returned to talking down to Black voters trying to shame then into being good docile democrats who will vote for the Super Predator spouting Red Queen.

            In a brief moment of candor the Red Queen displayed her desire to call in the hellfire drones on Middle Amerika where the Despicables roam but Obama is too weak to act decisively for his Queen and the # Despicable Lives Matter movement is growing.

            • bmaz says:

              This is just batshit crazy. There are still hard lies being peddled by the right and alt-right including that she personally started birtherism, that she is dying, that she has a brain tumor, and on and on. And none of that has shit to do with whatever random neocons have endorsed her because they know Trump is dangerous and crazy.
              .
              Saying Obama is “talking down” to black voters merely displays your own ignorance and bigotry. And the rest of your coded insults confirm the above. You are peddling some serious derangement.

  5. Evangelista says:

    All of this information!

    And none of it brought to us by our Main Stream Media.

    All of it brought to us courtesy of the Russians (or the “Russians”)!!

    Were it not for the Russians (or “The Russians”) we would not have any of it!

    Either the Russians want The People of the United States to love them,

    Or the sponsors of “The Russians” want us to love the Russians.

    Either way They (whoever ‘They’ are) have found a right way.

    Freedom of Speech. Ever since William Penn and Johann Peter Zenger we have had a weakness for Freedom of Speech; a component of Liberty.

    Thank you, Russia (or “Russia” handlers).

    And Thank You Globalization!

    It is good to know Freedom of Speech is a globally available commodity. Especially as it appears to be no longer locally available here in the USA (except underground and through the black and gray web-markets)…

    If it is the

  6. bloopie2 says:

    The Powell email release points out the importance of controlling one’s bad habits. Like to gossip? Like to complain about other people? Like to whine about life in general? Like to sound self-important? Okay, but don’t put it on the Internet; wait 24 hours, then say to yourself, “Is it so important to say this now, that I will risk the whole world seeing it?” Just keep your trap shut. Or, maybe consider actually being a nicer person—don’t complain, or whine, or gossip, or exhibit pride. Maybe then you don’t have to worry so much about people listening when you talk?
    .
    I just attended a funeral of a dear relative, and everyone had nice things to say about her. She was a sweet person who did not have a mean bone in her body and never had a bad word to say. Now that’s a legacy.

  7. bevin says:

    “…the Zimmerman Telegram, which drove home for America the intended threat from the Kaiser’s Germany and united the nation behind going to war. ”
    Thanks to the Foreign Office in London, as trustworthy an institution as you will find..,
    Most Americans didn’t buy that tale in 1917.

    “.. it’s a favorite Warsaw Pact tactic, to overwhelm their enemy with unlimited force.”
    I’d always wondered where that tactic originated. Peculiar that you cite the Warsaw Pact though, because it was one of the most conservative and pacific defensive alliances in history.
    As a matter of political and geographical fact the current offensive emplacements and garrisons of NATO not only include all the old Warsaw Pact states but several parts of the Soviet Union.

    As our wise host remarks “There’s a WHOLE bunch of bad argumentation about the Trump to Russia ties that is beneath the dignity of a party or a person claiming to be “liberal.””
    To which I would only add “Or of sound mind.”
    Such nonsense has a very short half life by November it will have been comprehensively exploded. The only reason that it is still current is that the Russians don’t care which one of these jokers ends up in the White House.

    • rugger9 says:

      Warsaw Pact was “pacific”? Really? The KGB had a name for deep thinkers like that, they were known as the “s$%&&t eaters” as exemplified by Armand Hammer. I served then, and no the WP were nowhere close to the “pacific” tree-huggers your revisionist history claims they were. Try again without the propaganda.
      *
      You do bring up a good point in that the Zimmerman telegram was considered an English plant all the way until Foreign Secretary Zimmerman said it was true, on the record. At that point America united behind the war party, since it was clear to everyone that the Kaiser’s government already considered America to be its enemy. Wilson had resisted entry until then.
      *
      The tactic did not begin with the WP (I never said that, please do not misquote me), they simply had the numbers to potentially make it work. It was also used in most of humanity’s wars, most tragically in WWI trench warfare such as the Chemin Des Dames offensive that broke the French Army. In WWII, Zhukov would send soldiers across minefields before vehicles crossed because he could replace the soldiers and he calculated that it would approximate the losses to machine gun fire anyway. So, it is clear that the Soviets were unconcerned with losses as long as they could get victory. We who were on the front lines were well aware of this.
      *
      As far as the claim that the Russians don’t care who wins, that’s way off target. Think, for a change. Putin has Trump under his thumb so hard that Donald is actually spouting off Russian policy goals as his Presidential goals, throwing out treaty obligations in place for decades (how about America’s honor and keeping her word?) because he feels like it. I have seen no evidence whatsoever of any connection to HRC that could be leveraged by Putin. None. Provide links if you have them.

  8. bevin says:

    and here is Justin Raimondo :
    http://original.antiwar.com/justin/2016/09/13/inside-propaganda-matrix/

    here is a taste:
    “…“On or before Election Day, Russian hackers will seek to break into the US voting system. … The Russians attempt to throw the election. They might try to get Trump elected. Alternatively – and this would, of course, be even more devastating – they might try to rig the election for Clinton, perhaps leaving a trail of evidence designed to connect the rigging operation to Clinton’s campaign. Once revealed, the result will be media hysteria, hearings, legal challenges, mass rallies, a constitutional crisis – followed by confusion, chaos and an undermining of the office of the presidency. Trump might emerge from the process as president after all. He will then go on, as promised at so many rallies, to ‘lock her up,’ and of course to open a broad relation with Russian President Vladimir Putin, the only foreign leader he seems to truly admire.”

    “This reads like the script of a Hollywood thriller that’s been rejected by every producer in town. How do you refute what is clearly fiction – and very bad fiction at that?…”

Comments are closed.