Post-Soviet hacking attack: A reminder of hostile cyber-security threats

America’s enemies continue to wage cyberwar against us and are, apparently, getting better at it. If our government is unwilling to fight back and shore up our cyber-defenses, the least it could do is not to make the job of hostile hackers based in Russia, China, the Islamic Republic of Iran, or any other unfriendly state any easier than it already is.

news_red1
By Paweł Piotr Styrna l November 15, 2016

former-cia
Former CIA technician and NSA whistleblower Edward Snowden has been granted temporary asylum in Russia

During this year’s presidential election – as dump after dump of electronic information damaging to Hillary Clinton and her party have surfaced online – the Democrats have, in their desperation, pointed fingers at Moscow and whipped out the anti-Russian card (apparently, Hillary’s “women’s card” was maxed out). In other words, the party that not so long ago promoted the “reset” policy (i.e. appeasement) with Putin’s Russia and mocked Mitt Romney for calling Moscow a major geopolitical adversary has suddenly taken to labeling Trump an agent of Putin and accusing the Kremlin of interfering in the U.S. presidential election and even seeking to overthrow American democracy! The irony of all this, which seems to be lost on both the Democrats and the “Never Trumpers,” should not prevent us from acknowledging that Russia is indeed most likely behind the DNC hacks. That realization should not distract us from the disturbing contents of the leaked Clinton team/DNC emails or the fact that Hillary and the Democrats have only themselves to blame.

In June, Americans learned that post-Soviet Russian hackers penetrated the computer network of the Democratic National Committee (DNC) stealing a treasure trove of information on Hillary Clinton and Donald Trump. Moscow, of course, denied any role whatsoever in this act of cyber-espionage, cynically adding that someone may have merely “forgotten a password.” But this is not surprising and only brings to mind a proverb that circulated throughout the Soviet Union, describing how to deal with the regime: “if they accuse you of something, deny it; if they catch you by the hand (i.e. in the act), deny that it is your hand.” However, the hacking attack is first and foremost a reminder of our cyber-vulnerabilities and the eagerness and ability of our enemies to exploit them and, of course, of the hostile ambitions driving similar post-Soviet Russian, Chinese, Islamist, and other hacking raids.

The files stolen by the hackers included: DNC documents anticipating likely difficult questions (including about Benghazi) that will certainly be posed to Hillary Clinton along with scripted answers to be given by the Democratic presidential candidate; information on Democratic donors, with a particular interest in those who have been convicted (such as Norman Hsu, who ran a Ponzi scheme and helped arrange illegal contributions, but was jailed in 2009); and opposition research on Donald Trump and Sarah Palin.

The individual claiming credit for the breach – a hacker using the handle “Guccifer 2.0” – is a Romanian without clearly-defined political views. He ridicules experts suggesting connections to Russia or its government. Yet, ridicule frequently camouflages an effort to hide or obscure the truth.

The DNC hired the company CrowdStrike, which was co-founded by Russian-born Dmitri Alperovitch, to investigate. According to CNBC: “After responding to the breach, CrowdStrike quickly saw the telltale signatures of two Russian adversaries it codenamed COZY BEAR and FANCY BEAR. The group believes the two agencies were not working together on the hack, but rather competing, as Russian intelligence agencies often do. Dmitri Alperovitch, CrowdStrike’s co-founder, told NBC News that the Russian government is ‘extremely interested in Mr. Trump, his positions, and any weaknesses he may have.’”

The fact that both Guccifer 2.0 and the post-Soviet hackers seem to have penetrated the DNC computer networks may be nothing more than a coincidence. However, when it comes to the Kremlin, coincidence theories are often expressions of wishful thinking and naïveté. According to Michael Buratowski – the Senior Vice President of Fidelis Cybersecurity, another company the DNC brought in to investigate the hack-attack – “There’s always the possibility that [Guccifer 2.0] is just a smokescreen to divert attention from the real actors.”

Given the historic modus operandi of Moscow’s intel and counterintel agencies, and given the emphasis that the Russian state (and especially the Soviet Union and its post-communist successor, the Russian Federation) has traditionally put on aggressive espionage, the “smokescreen” theory is probably the most likely one. It may well be true that Guccifer 2.0 is indeed who he claims to be – a lone wolf – but that does not necessarily preclude the possibility of him “doing a job” for the Russians (as a mercenary hacker) or simply being used for the Kremlin’s purposes.

Guccifer 2.0 notwithstanding, the key takeaway in this case is that our enemies continue to wage cyberwar against us and are, apparently, getting better at it. If our government is unwilling to fight back and shore up our cyber-defenses, the least it could do is not to make the job of hostile hackers based in Russia, China, the Islamic Republic of Iran, or any other unfriendly state any easier than it already is. The gross negligence and brazen disregard of the importance of cyber-security to national security demonstrated by Hillary Clinton – all for personal convenience (or worse, to cover up corrupt dealings and pay-to-play schemes!) – during her tenure as President Obama’s Secretary of State is a prime example of what not to do. If the enemy wants to do us harm, let us not hand him ammunition!


Paweł Styrna is a PhD student in Russian history at a DC area university. He holds two MA degrees, one in modern European and Russian history (University of Illinois at Chicago) and another in statecraft international affairs (Institute of World Politics in Washington DC). Mr. Styrna is also a Eurasia analyst for the Selous Foundation for Public Policy Research and a contributor to SFPPR News & Analysis.