Posts

Will Hurd

Will Hurd’s Sparkle Pony Approach to the Solemn Duty of Upholding the Constitution

There was yet another stunning impeachment hearing, with Fiona Hill and David Holmes laying out yet more evidence that Trump subordinated the national security of the United States to his own personal needs.

But that didn’t sway Will Hurd, who used his minutes at the end not to ask the question he has asked of many other witnesses, for a list of Ukrainians close to Volodymyr Zelensky with whom Rudy was interacting (Holmes had already made clear the list is much longer than the list Hurd had previously used to dismiss the inquiry).

Instead, he used his time to:

  • Grossly misrepresent the totality of the inquiry to two words in Trump’s call
  • Admit that this is a terrible precedent (one that Trump has already repeated with other countries)
  • Affirm that Trump’s actions harmed national security
  • Grossly misrepresent crystal clear messages to Ukraine, pretending they were unclear to the Ukrainians
  • Call willful actions for personal benefit a “bungling” foreign policy
  • Accuse Democrats (and nonpartisan witnesses) of undermining Ukraine for observing its reliance on us
  • Falsely claim there were differences of opinion about the call: no witness expressed having no concern about it
  • Call an investigation in which not a single witness was a partisan Democrat (just Tim Morrison, as a Congressional staffer, and Jennifer Williams, as a George W Bush campaign worker expressed any partisan affiliation) an extremely partisan process
  • Completely ignore Trump’s violation of the Budget Impoundment Act to create his extortion, effectively blessing the usurpation of his own power as a Congressman
  • Remain silent about the Administration’s refusal to cooperate at all in the inquiry, withholding every senior official’s testimony

Most cynically, though, Hurd blamed the focus on the President’s crimes for the distraction from Ukraine, not the President’s crimes itself. He blamed Democrats for the shift of focus, not the Administration’s refusal to respond to very simple, bipartisan requests about Ukraine, most notably on funding.

Then he suggested this investigation was rushed.

The delay is hurting Ukraine (and our own national security), but the inquiry has been rushed, said the former CIA officer.

And then, he laid out what he needed to assess whether this was really a crime: more testimony. Not from Mike Pompeo, Rick Perry, Mick Mulvaney, or John Eisenberg, all of whom can answer key questions that remain unanswered.

But from three people who should not testify:

  • Rudy Giuliani (because he is being criminally investigated for this activity and it’d be insane for him to do so–which is probably why he refused Lindsey Graham’s request for testimony)
  • Hunter Biden (because there has been no credible claim he did anything that Trump’s children aren’t currently doing)
  • The whistleblower (because every other witness has corroborated the whistleblower’s complaint and the President has already been retaliating against him for a month)

In short, Hurd offered up these three impossible witnesses, knowing that neither Democrats nor Republicans would agree to the request, as his condition to consider the matter further.

Hurd admitted in his statement that this is a gravely serious duty under the Constitution. And, having admitted that seriousness, he asked for a Sparkle Pony — something he knew he would not get — to excuse his own cowardice for refusing to do anything about Trump’s abuse of office.

The Intelligence Issues the House Intelligence Committee Largely Ignored

I watched or listened to most of the House Intelligence Committee hearing with Acting Director of National Intelligence Joseph Maguire this morning. And because both sides (with the very limited exception of Will Hurd) failed to raise the issues regarding the whistleblower complaint that go to the core of Maguire’s own equities, he was largely able to dodge the difficult issues.

Maguire’s own actions implicate whether IC whistleblowers will believe credible complaints will be treated appropriately. As Democrats noted, his first actions when he received a complaint implicating the President and the Attorney General were to refer to lawyers reporting directly to the President and the Attorney General. Maguire even pretended that Bill Barr’s role in this was not a significant part of the complaint to dismiss the worthlessness of referring this complaint to Bill Barr to investigate.

But there were three other key issues Maguire should not have been able to dodge.

First is the allegation that Trump moved the summary of this call to the covert communications system to hide the improper nature of the call. The whistleblower complaint said that this is not the first time the White House has done so. This is a clear abuse of the legal status of covert operations dictated by the National Security Act, something for which Maguire has direct responsibility. Covert operations must be communicated, by law, to at least the Gang of Eight in Congress. That Trump has politicized and misused this system discredits a core means of accountability for the White House, on Maguire’s job directly oversees. And yet he wasn’t asked how Trump’s actions undermine the legally mandated system of covert communications.

Then there’s the fact that Trump is premising policy decisions not on the best intelligence, but instead on how he can derive personal benefit from them. His doing so is a core abuse of presidential power. But — as I noted this morning — it also robs American citizens of the benefits the entire intelligence system is supposed to ensure. Maguire admittedly cannot force the President to make the right decisions. But the repercussions of premising policy decisions on personal gain for the national security of the US should be a concern of Maguire’s. That wasn’t mentioned either.

Finally, there’s the allegation that someone without clearance and entirely outside of the intelligence community was being asked to share and act on classified information derived from the intelligence community. Maguire at one point claimed that Trump can do whatever he wants with his personal lawyer and that such discussions would be privileged (after, at another point, dodging a question because he’s not a lawyer). That’s the height of absurdity. Rudy’s pursuit of policy actions has nothing to do with his role as Trump’s personal lawyer. And as the DOJ IG complaint against Jim Comey makes clear, sharing even retroactively confidential information with your personal lawyers — as Comey was scolded for doing — is not permissible. Yes, it’s true that as President Trump can declassify anything he wants (though Comey was original classification authority for the information he shared with his own lawyers), but others in the IC cannot share information with an uncleared person without formal declassification, or they risk their own legal troubles.

None of this came up in substantive fashion in today’s hearing by the people who are supposed to oversee the intelligence community.

In Op-Ed Calling for Counter-Disinformation Strategy, Will Hurd Engages in His Own Disinformation

I like Will Hurd. I think he’s smart, thoughtful, and (when I met him at an event I did last year in DC) personally very nice. So I was a bit disappointed by this op-ed, arguing that to save democracy, “Americans must begin working together,” just weeks after he voted with all the rest of the House Intelligence Committee Republicans to release the Nunes memo.

After revealing that his CIA clandestine service was in places in Russia’s sphere, Hurd argues that we need a counter-disinformation strategy.

I served in places where Russia has geopolitical interests, and learned that Russia has one simple goal: to erode trust in democratic institutions.

[snip]

To address continued Russian disinformation campaigns, we need to develop a national counter-disinformation strategy. The strategy needs to span the entirety of government and civil society, to enable a coordinated effort to counter the threat that influence operations pose to our democracy. It should implement similar principles to those in the Department of Homeland Security’s Strategy for Countering Violent Extremism, with a focus on truly understanding the threat and developing ways to shut it down.

That much I can agree with him on.

But it has no business appearing in an op-ed that suggests bipartisan criticism of the Nunes Memo stunt amounts to Russia winning — which flips reality on its head.

Unfortunately, over the last year, the United States has demonstrated a lack of resilience to this infection. The current highly charged political environment is making it easier for the Russians to achieve their goal. The hyperbolic debate over the release of the FISA memos by the House Intelligence Committee further helps the Russians achieve their aim. Most recently, Russian social-media efforts used computational propaganda to influence public perceptions of this issue, and we found ourselves once again divided among party lines.

When the public loses trust in the press, the Russians are winning. When the press is hyper-critical of Congress for executing oversight and providing transparency on the actions taken by the leaders of our law-enforcement agencies, the Russians are winning. When Congress and the general public disagree simply along party lines, the Russians are winning. When there is friction between Congress and the executive branch resulting in the further erosion of trust in our democratic institutions, the Russians are winning.

Let’s unpack this passage closely.

First, note how Hurd refers to “the last year” during which the US demonstrated a lack of resilience to Russian disinformation? Hurd is pretending that that lack of resilience doesn’t extend to 2016, when in fact at least the social media companies started to respond to Russian election year events last year.

He then calls the debate over the release of the memo — not propaganda seeded by Republicans claiming the Nunes memo revealed something “worse than Watergate” — hyperbolic.

Hurd then makes the same mistake everyone always makes with the Fucking Gizmo™, the Hamilton Dashboard that tracks right wing propaganda and — because it moves in tandem with official Russian propaganda outlets — deems it Russian, not American.

Then Hurd rebrands Nunes’ stunt as the press being “hyper-critical of Congress for executing oversight and providing transparency on the actions taken by the leaders of our law-enforcement agencies.” As I’ve noted before, it’s particularly rich for people who voted against the Amash-Lofgren amendment to the FISA 702 reauthorization to claim they support transparency, as that amendment would have provided just that. But it’s also pathetic that Hurd would claim either the Nunes or Schiff memos are about transparency or oversight. It’d be awesome if HPSCI decided to hold a hearing on the use of consultants and informants in FISA applications and elsewhere in law enforcement. The Nunes stunt only brought a concern about that to a white politically connect white guy, not the people who really would benefit from actual oversight.

And more importantly, the Nunes memo (which GOPers admitted made a false claim about whether FISC got notice about the political nature of the Steele dossier), especially, was about obfuscation, not transparency.

Will Hurd was on the wrong side of adult behavior when he voted in favor of the Nunes memo. He seems to be trying to spin his vote as something it wasn’t.

He’d do well if, instead, he tried to make up for it.

What Was the Relationship Between FSB and GRU in the DNC Hack, Redux?

I want to return to last week’s House Intelligence Hearing on Russia (because that fecker Devin Nunes canceled my birthday hearing with James Clapper and John Brennan today), to revisit a question I’ve asked a number of times (in most detail here): what was the relationship between Russia’s FSB and GRU intelligence services in the DNC hack?

The public narrative (laid out in this post) goes like this: Sometime in summer 2015, APT (Advanced Persistent Threat) 29 (associated with FSB, Russia’s top intelligence agency) hacked the DNC along with 1,000 other targets and because DNC ignored FBI’s repeated warnings, remained in their network unnoticed. Then, in March 2016, APT 28 (generally though not universally associated with GRU, Russia’s military intelligence) hacked DNC and John Podesta. According to the public story, GRU oversaw the release (via DC Leaks and Guccifer 2.0) and leaking (to Wikileaks via as-yet unidentified cut-outs) of the stolen documents.

Under the public story, then, FSB did the same kind of thing the US does (for example, with Enrique Peña Nieto in 2012), collecting intelligence on a political campaign, whereas GRU did something new (though under FBI-directed Sabu, we did something similar to Bashar al-Assad in 2012), leaking documents to Wikileaks.

Obama’s sanctions to retaliate for the hack primarily focused on GRU, but did target FSB as well, though without sanctioning any FSB officers by name. And in its initial report on the Russian hack, the government conflated the two separate groups, renaming attack tools previously dubbed Cozy and Fancy Bear the “Grizzly Steppe,” making any detailed discussion of how they worked together more confusing. As I noted, however, the report may have offered more detail about what APT 29 did than what APT 28 did.

Last week’s hearing might have been an opportunity to clarify this relationship had both sides not been interested in partisan posturing. Will Hurd even asked questions that might have elicited more details on how this worked, but Admiral Mike Rogers refused to discuss even the most basic details  of the hacks.

HURD: Thank you, Chairman.

And gentlemen, thank you all for being here. And thank you for your continued service to your country. I’ve learned recently the value of sitting in one place for a long period of time and listening and today I’m has added to that understanding and I’m going to try to ask questions that y’all can answer in this format and are within your areas of expertise. And Director Rogers, my first question to you — the exploit that was used by the Russian’s to penetrate the DNC, was it sophisticated? Was it a zero day exploit? A zero day being some type of — for those that are watching, an exploit that has never been used before?

ROGERS: In an open unclassified forum, I am not going to talk about Russian tactics, techniques or procedures about how they executed their hacks.

HURD: If members of the DNC had not — let me rephrase this, can we talk about spear fishing?

ROGERS: Sure, in general terms, yes sir.

HURD: Spear fishing is when somebody sends an email and they — somebody clicks on something in that email…

ROGERS: Right, the user of things (inaudible) they’re receiving an email either of interest or from a legitimate user, they open it up and they’ll often click if you will on a link — an attachment.

HURD: Was that type of tactic used in the…

ROGERS: Again, I’m not in an unclassified forum just not going to be…

The refusal to discuss the most basic details of this hack — even after the government listed 31 reports describing APT 28 and 29 (and distinguishing between the two) in its updated report on the hacks — is weird, particularly given the level of detail DOJ released on the FSB-related hack of Yahoo. Given that the tactics themselves are not secret (and have been confirmed by FBI, regardless of what information NSA provided), it seems possible that the government is being so skittish about these details because they don’t actually match what we publicly know. Indeed, at least one detail I’ve learned about the documents Guccifer 2.0 leaked undermines the neat GRU-FSB narrative.

Comey did confirm something I’ve been told about the GRU side of the hack: they wanted to be found (whereas the FSB side of the hack had remained undiscovered for months, even in spite of FBI’s repeated efforts to warn DNC).

COMEY: The only thing I’d add is they were unusually loud in their intervention. It’s almost as if they didn’t care that we knew what they were doing or that they wanted us to see what they were doing. It was very noisy, their intrusions in different institutions.

There is mounting evidence that Guccifer 2.0 went to great lengths to implicate Russia in the hack. Confirmation GRU also went out of its way to make noise during the DNC hack may suggest both within and outside of the DNC the second hack wanted to be discovered.

I have previously pointed to a conflict between what Crowdstrike claimed in its report on the DNC hack and what the FBI told FireEye. Crowdstrike basically said the two hacking groups didn’t coordinate at all (which Crowdstrike took as proof of sophistication). Whereas FireEye said they did coordinate (which it took as proof of sophistication and uniqueness of this hack). I understand the truth is closer to the latter. APT 28 largely operated on its own, but at times, when it hit a wall of sorts, it got help from APT 29 (though there may have been some back and forth before APT 29 did share).

All of which brings me to two questions Elise Stefanik asked. First, she asked — casually raising it because it had “been in the news recently” — whether the FSB was collecting intelligence in its hack of Yahoo.

STEFANIK: Thank you. Taking a further step back of what’s been in the news recently, and I’m referring to the Yahoo! hack, the Yahoo! data breech, last week the Department of Justice announced that it was charging hackers with ties to the FSB in the 2014 Yahoo! data breech. Was this hack done to your knowledge for intelligence purposes?

COMEY: I can’t say in this forum.

STEFANIK: Press reporting indicates that Yahoo! hacked targeted journalists, dissidence and government officials. Do you know what the FSB did with the information they obtained?

COMEY: Same answer.

Again, in spite of the great deal of detail in the indictment, Comey refused to answer these obvious questions.

The question is all the more interesting given that the indictment alleges that Alexsey Belan (who was sanctioned along with GRU in December) had access to Yahoo’s network until December 2016, well after these hacks. More interestingly, Belan was “minting” Yahoo account credentials at least as late as May 20, 2016. That’s significant, because one of the first things that led DNC to be convinced Russia was hacking it was when Ali Chalupa, who was then collecting opposition research on Paul Manafort from anti-Russian entities in Ukraine, kept having her Yahoo account hacked in early May. With the ability to mint cookies, the FSB could have accessed her account without generating a Yahoo notice. Chalupa has recently gone public about some, though not all, of the other frightening things that happened to her last summer (she was sharing them privately at the time). So at a time when the FSB could have accomplished its goals unobtrusively, hackers within the DNC network, Guccifer 2.0 outside of it, and stalkers in the DC area were all alerting Chalupa, at least, to their presence.

While it seems increasingly likely the FSB officers indicted for the Yahoo hack (one of whom has been charged with treason in Russia) were operating at least partly on their own, it’s worth noting that overlapping Russian entities had three different ways to access DNC targets.

Note, Dianne Feinstein is the one other person I’m aware of who is fully briefed on the DNC hack and who has mentioned the Yahoo indictment. Like Comey, she was non-committal about whether the Yahoo hack related to the DNC hack.

Today’s charges against hackers and Russian spies for the theft of more than 500 million Yahoo user accounts is the latest evidence of a troubling trend: Russia’s sustained use of cyber warfare for both intelligence gathering and financial crimes. The indictment shows that Russia used these cyberattacks to target U.S. and Russian government officials, Russian journalists and employees of cybersecurity, financial services and commercial entities.

There seems to be a concerted effort to obscure whether the Yahoo hack had any role in the hack of the DNC or other political targets.

Finally, Stefanik asked Comey a question I had myself.

STEFANIK: OK, I understand that. How — how did the administration determine who to sanction as part of the election hacking? How — how familiar with that decision process and how is that determination made?

COMEY: I don’t know. I’m not familiar with the decision process. The FBI is a factual input but I don’t recall and I don’t have any personal knowledge of how the decisions are made about who to sanction.

One place you might go to understand the relationship between GRU and FSB would be to Obama’s sanctions, which described the intelligence targets this way.

  • The Main Intelligence Directorate (a.k.a. Glavnoe Razvedyvatel’noe Upravlenie) (a.k.a. GRU) is involved in external collection using human intelligence officers and a variety of technical tools, and is designated for tampering, altering, or causing a misappropriation of information with the purpose or effect of interfering with the 2016 U.S. election processes.
  • The Federal Security Service (a.k.a. Federalnaya Sluzhba Bezopasnosti) (a.k.a FSB) assisted the GRU in conducting the activities described above.

[snip]

  • Sanctioned individuals include Igor Valentinovich Korobov, the current Chief of the GRU; Sergey Aleksandrovich Gizunov, Deputy Chief of the GRU; Igor Olegovich Kostyukov, a First Deputy Chief of the GRU; and Vladimir Stepanovich Alexseyev, also a First Deputy Chief of the GRU.

Remember, by the time Obama released these sanctions, several FSB officers, including Dmitry Dokuchaev (who was named in the Yahoo indictment) had been detained for treason for over three weeks. But the officers named in the sanctions, unlike the private companies and individual hackers, are unlikely to be directly affected by the sanctions.

The sanctions also obscured whether Belan was sanctioned for any role in the DNC hack.

  • Aleksey Alekseyevich Belan engaged in the significant malicious cyber-enabled misappropriation of personal identifiers for private financial gain.  Belan compromised the computer networks of at least three major United States-based e-commerce companies.

Again, all of this suggests that the intelligence community has reason to want to obscure how these various parts fit together, even while publicizing the details of the Yahoo indictment.

Which suggests a big part of the story is about how the public story deviates from the real story the IC is so intent on hiding.