I’ve long tracked Facebook’s serial admission to having SIGINT visibility that nearly rivals the NSA: knowing that Facebook had intelligence corroborating NSA’s judgment that GRU was behind the DNC hack was one reason I was ultimately convinced of the IC’s claims, in spite of initial questions.
Among all his evasions and questionably correct answers in Senate testimony yesterday, Mark Zuckerberg provided another tidbit about the visibility Facebook had on the 2016 attacks.
One of my greatest regrets in running the company is that we were slow in identifying the Russian information operations in 2016. We expected them to do a number of more traditional cyberattacks, which we did identify, and notified the campaigns, that they were trying to hack into them. But we were slow to identifying [sic] the type of new information operations.
Not only did Facebook see GRU’s operations in real time, but they notified “the campaigns” about them.
Note, Zuck didn’t describe the targets in any more detail than “campaigns.” That led Robby Mook to dispute Zuck, eliciting more details from Facebook CISO Alex Stamos.
Aside from illustrating how routinely those involved in and covering the 2016 hacks confuse the possible affected targets (resulting in some real misunderstanding of what happened), Stamos’ clarification provides important new details: these hacks affected both the DNC and RNC’s key employees, and Facebook alerted the FBI (something we’ve previously heard).
The DNC likes to claim they never got any warning they were being hacked. But apparently, in addition to the FBI’s serial attempts to lead them to discover Russia was hacking them, Facebook let them know too.
Elsewhere in his testimony, Zuck got coy about the degree to which Facebook remains involved in the Mueller investigation, a fact that should have been obvious to anyone who has read the Internet Research Agency indictment, but which numerous news outlets treated as news anyway.
Facebook has a lot to answer for (this David Dayen piece on yesterday’s testimony is superb).
But one thing that has continued to trickle out is that Facebook’s surveillance capitalism is good at what it’s designed for: surveillance, including of Russian hackers.