Attributing hacking attacks to the correct perpetrators is notoriously difficult. Even the U.S. government, for all its technical resources and expertise, took warranted criticism for trying to pin a high-profile 2014 cyberattack on North Korea, and more recently faced skepticism when it blamed Russia for hacks against top Democrats during the 2016 election.
In those cases, government officials said they based their attribution in part on software tools the hackers employed, which had been used in other cyberattacks linked to North Korea and Russia. But that sort of evidence is not conclusive; hackers have been known to intentionally use or leave behind software and other distinctive material linked to other groups as part of so-called false flag operations intended to falsely implicate other parties. Researchers at Russian digital security firm Kaspersky Lab have documented such cases.
On Tuesday, WikiLeaks published a large cache of CIA documents that it said showed the agency had equipped itself to run its own false-flag hacking operations. The documents describe an internal CIA group called UMBRAGE that WikiLeaks said was stealing the techniques of other nation-state hackers to trick forensic investigators into falsely attributing CIA attacks to those actors. According to WikiLeaks, among those from whom the CIA has stolen techniques is the Russian Federation, suggesting the CIA is conducting attacks to intentionally mislead investigators into attributing them to Vladimir Putin.
“With UMBRAGE and related projects, the CIA can not only increase its total number of attack types, but also misdirect attribution by leaving behind the ‘fingerprints’ of the groups that the attack techniques were stolen from,” WikiLeaks writes in a summary of its CIA document dump.
It’s a claim that seems intended to shed doubt on the U.S. government’s attribution of Russia in the DNC hack; the Russian Federation was the only nation specifically named by WikiLeaks as a potential victim of misdirected attribution. It’s also a claim that some media outlets have accepted and repeated without question.
“WikiLeaks said there’s an entire department within the CIA whose job it is to ‘misdirect attribution by leaving behind the fingerprints’ of others, such as hackers in Russia,” CNN reported without caveats.
It would be possible to leave such fingerprints if the CIA were reusing unique source code written by other actors to intentionally implicate them in CIA hacks, but the published CIA documents don’t say this. Instead, they indicate the UMBRAGE group is doing something much less nefarious.
They say UMBRAGE is borrowing hacking “techniques” developed or used by other actors to use in CIA hacking projects. This is intended to save the CIA time and energy by copying methods already proven successful. If the CIA were actually reusing source code unique to a specific hacking group, this could lead forensic investigators to misattribute CIA attacks to the original creators of the code. But the documents appear to say the UMBRAGE group is writing snippets of code that mimic the functionality of other hacking tools and placing it in a library for CIA developers to draw on when designing custom CIA tools.
“The goal of this repository is to provide functional code snippets that can be rapidly combined into custom solutions,” notes a document in the cache that discusses the project. “Rather than building feature-rich tools, which are often costly and can have significant CI value, this effort focuses on developing smaller and more targeted solutions built to operational specifications.”
Robert Graham, CEO of Errata Security, agrees that the CIA documents are not talking about framing Russia or other nations.
“What we can conclusively say from the evidence in the documents is that they’re creating snippets of code for use in other projects and they’re reusing methods in code that they find on the internet,” he told The Intercept. “Elsewhere they talk about obscuring attacks so you can’t see where it’s coming from, but there’s no concrete plan to do a false flag operation. They’re not trying to say, ‘We’re going to make this look like Russia.’”
The UMBRAGE documents do mention looking at source code, but these reference widely available source code for popular tools, not source code unique to, say, Russian Federation hackers. And the purpose of examining the source code seems to be for purposes of inspiring the CIA code developers in developing their code, not so they can copy/paste it into CIA tools.
It’s not unusual for attackers of all persuasion — nation-state and criminal — to copy the techniques of other hackers. Success breeds success. A month after Stuxnet was discovered in June 2010, someone created a copycat exploit to attack the same Windows vulnerability Stuxnet exploited.
Components the UMBRAGE project has borrowed from include keyloggers; tools for capturing passwords and webcam imagery; data-destruction tools; components for gaining escalated privileges on a machine and maintaining stealth and persistent presence; and tools for bypassing anti-virus detection.
Some of the techniques UMBRAGE has borrowed come from commercially available tools. The documents mention Dark Comet, a well-known remote access trojan, or RAT, which can capture screenshots and keystrokes and grab webcam imagery, among other things. The French programmer who created Dark Comet stopped distributing it after stories emerged that the Syrian government was using it to spy on dissidents. Another tool UMBRAGE highlights is RawDisk, a tool made by the commercial software company Eldos, which contains drivers that system administrators can use to securely delete information from hard drives.
But legitimate tools are often used by hackers for illegitimate purposes, and RawDisk is no different. It played a starring role in the Sony hack in 2014, where the attackers used it to wipe data from Sony’s servers.
It was partly the use of RawDisk that led forensic investigators to attribute the Sony hack to North Korea. That’s because RawDisk had been previously used in 2011 “Dark Seoul” hack attacks that wiped the hard drives and master boot records of three banks and two media companies in South Korea. South Korea blamed the attack on North Korea and China. But RawDisk was also used in the destructive Shamoon attack in 2012 that wiped data from 30,000 systems at Saudi Aramco. That attack wasn’t attributed to North Korea, however; instead U.S. officials attributed it to Iran.
All of this highlights how murky attribution can be, particularly when focused only on the tools or techniques a group uses, and how the CIA is not doing anything different than other groups in borrowing tools and techniques.
“Everything they’re referencing [in the CIA documents] is extremely public code, which means the Russians are grabbing the same snippets and the Chinese are grabbing them and the U.S. is grabbing,” says Graham. “So they’re all grabbing the same snippets of code and then they’re making their changes to it.”
The CIA documents do talk elsewhere about using techniques to thwart forensic investigators and make it hard to attribute attacks and tools to the CIA. But the methods discussed are simply proper operational security techniques that any nation-state attackers would be expected to use in covert operations they don’t want attributed to them. The Intercept wasn’t able to find documents within the WikiLeaks cache that talk about tricking forensic investigators into attributing attacks to Russia. Instead, they discuss do’s and don’ts of tradecraft, such as encrypting strings and configuration data in malware to prevent someone from reverse engineering the code, or removing file compilation timestamps to prevent investigators from making correlations between compilation times and the working hours of CIA hackers in the U.S.
Researchers at anti-virus firms often use compilation times to determine where a malware’s creators might be located geographically if their files are consistently compiled during work hours that are distinctive to a region. For example, tools believed to have been created in Israel have shown compilation times on Sunday, which is a normal workday in Israel.
The bottom line with the CIA data dump released by WikiLeaks is that journalists and others should take care to examine statements made around it to ensure that they’re reporting accurately on the contents.
Top photo: Shadows are cast on the wall at the CIA headquarters in Langley, Va., in 2011.
This is it…
NSA “Project Dragnet Master Database”
Hiring Brian William’s jr turned bomb-threatener coincidental
But
Now it’s staff writing bizarre CIA apologetics (infiltrated?)
HR policy Recommendation: EXTREME VETTING needed
SOS GLenn
The issue of False Flag attacks–of whatever type–is a taboo one that most of the American media are very eager to dismiss or discredit.
This includes supposed “independent” or “investigative” media like The Intercept, which incidentally is funded and backed by Ebay founder Pierre Omiydar.
After all, if the United States and its spook agencies like the CIA can stage false flag cyber attacks to blame other countries, it raises the question of what many people consider to be the Mother-Of-All American false flag attacks: Sept. 11th.
Questioning 9-11 is the true third rail of US politics and will predictably bring down a torrent of accusations about “conspiracy theories” or “fake news.”
Asserting that 9-11 was an American false flag operation is the ultimate Thought Crime in the Land of the Free.
Karma is such a bitch. The stunning hubris would be to think – and I am sure that our IC does not – that we have the best damn hackers in the world. And that what we do to others will not come back and bite us.
The most dangerous thoughts are that cyber-threats are a closed loop.
When will the Orange admin put on paper what constitutes an act of war in cyberspace?
It eluded the Obama admin, so I am certain that Agent Orange cannot imagine “how complicated” National Security is.
This Kim person has went out of their way to write a piece protecting the CIA and the Intercept has published it.
Yes that’s true Skip. Especially given Snowdens assessment of the wanton brazen and egregious criminality these Vault 7 disclosures represent l. Pieces like this from the CIA stenographic apologists (in Glenn’s pub of all places :-() is a slap in the face to the very journalists who inspired the formation of the Intercept IMHO.
Skip, Christian C Holmer, and Joe below,
Reverse engineering ring a bell with any of you?
The hubris to think that other people cannot do to us what we do to them?
I hope the agencies spend a lot of time wondering about unintended consequences.
This is a funny fake news story
Man, reminds me of netcat and nmap, which was actually featured in The Matrix. Oh yeah and the cult of the dead cow, the name of their “RAT” escapes me. LOL, the good old days…
One question…why would Russia turn over hacked info to Russia when the entire point of hacking is to gain leverage over opponents? So, Russia hacks a foreign government then says, “Instead of using this info to our utmost advantages and for our allies, we will just send it to a website for the entire world to see?” In my lifetime i have never known Russia to act that way. They are professionals. i doubt very seriously they would throw it into public view and give away any edge they believe they gained from hacking the info in the first place. Its the media that deals in emotions like embarrassment. Professionals want every edge they can get and never ever share anything without a fight first.
Well, that was the entire point, and they hacked the DNC server, not the government itself. The official theory is that it was a psychological operation; they wanted to influence the election and undermine Clinton, so they released embarrassing information in a manner calculated to do so. How else would damaging, though not frankly illegal, emails in regards to the internal workings of the DNC be used for maximum effect? Whether they may have “kompromat” on anyone else is an open question.
My interpretation of CIA’s Kryptos K4, originally shared hours before first Snowden disclosures: “The Truth Shall Set You Free”:
https://twitter.com/BerlinClock/status/840148575518580736
Background story:
https://theintercept.com/2017/02/28/the-new-yorkers-big-cover-story-reveals-five-uncomfortable-truths-about-u-s-and-russia/?comments=1#comment-364729
On a quest to set whistleblowers free.
#Kryptos #BerlinClock
Kind Regards
Jacob “Nabucco” Price
When does the government actually REALLY do an investigation on the Dem’s phony “Russian hacking” meme……..vs. just taking DNC-contractor CrowdStrike’s word for it…….????
When………???
When does the FBI get to forensically analyze DNC servers that were purportedly “hacked”……….???
When………???
Dem’s “Russian hacking” meme is a total house of cards, and journalists are 100% stupid for taking DNC/CrowdStrike’s word for it.
They (CrowdStrike) were paid for “attribution” services, and the head of CrowdStrike is a big anti-Russia Ukrainian who hates Putin’s Russia. No bias there………….huh ?
CrowdStrike was sponsored with $100mm in capital from Google, signed off by CEO Schmidt. Google’s CEO is a huge Hillary supporter…….!!!
Are you Democrat serious about sticking with this “Russian hacking” meme………..cuz Congress will get their teeth into the Obama/Lynch attempts to get Title III and then (after that was shot down) FISA warrants to allow six agencies to probe the Trump operations, campaign, and virtually anyone considered “connected to it”……..Congress will get their teeth into this JOKE of any investigation by our much “vaulted” intelligence services whereby they take CrowdStrike’s word WITHOUT any internal investigation of their own knowing full well CrowdStrike is the DNC paid internet security vendor who was paid by the DNC to “determine who hacked the DNC”……..?
Dems will be exposed on a MASSIVE scale in short order for being treasonous, criminal conspirators, who just made Watergate look like playing in a sandbox………..!!!!!!!
There’s also the possibility of limited hangout material used to track leakers. How does anyone know?
so, we give contractor A this material, and contractor B that material, sit back and wait to see what shows up on TI or Wikileaks.
Does anyone know the Intercept commenter called “Wnt”? Awhile back they asked for a link to proof of NSA editing Wikipedia- pass this along if they are available:
in re: Elizabeth Blandra, and Wikipedia entries edited by the NSA/ other agency:
https://en.wikipedia.org/w/index.php?title=Talk:NSA_electronic_surveillance_program&redirect=no
While that article is correct about UMBRAGE, it’s misassociating it with the claim of forensics obfuscation.
They do have the ability to alter source code in real time, thus theoretically allowing them to make reverse-engineering and forensics recovery more difficult; this means they CAN leave behind fake fingerprints as seen here: https://archive.is/lQEhJ
This is the completely unrelated UMBRAGE document: https://archive.is/91wa3
This is quite shocking coming from The Intercept, as they’re usually pretty thorough and rarely screw up this badly.
Kim Zetter concludes that the “bottom line” here is that “journalists and others should take care to examine statements made around them to ensure they’re reporting accurately on the contents.”
Although the comments here show a small dose of the acrimony that is an element of our current political internet zeitgeist, I must say that the comments on the whole are very good.
I rarely see a main article at a reputable site so completely destroyed by the comments section as Zetter is here, and especially on exactly the point that Zetter called the “bottom line.”
Alarm goes off at 6:00 AM for any Intercept writer except Glenn Greenwald.
“Let’s see, what we can write about today to undermine Trump,” says the writer, perusing the internet. “Oh damn! Wikileaks dumps on CIA! Might have info that damages the very carefully constructed Trump-is-a-Russian-agent house of cards!! Well, we obviously can’t have that. Let’s write an article that pretends the CIA would NEVER do something like that! And claim that there is nothing at all to see here, so quit looking. .. Note to self: Tomorrow, start working on new article about Trump’s secret server, insinuate new and grave information, refocus public on conspiracy, get their minds far away from pesky details like Wikileaks.”
I’ll admit that I did not read the documents as thoroughly as you.
However, why would you expect the CIA to explicitly detail an effort to frame Russia in these documents? I dont think WL is implying that they had anything to do with the DNC hack. But i think its fair to say that they were implying that CIA has the capabilities to commit such an act.
I agree that no one should be jumping to conclusions. But the documents detail that the CIA is capable of committing such acts if they choose. And it is nice of you to assume that they arent up to anything nefarious. But as we’ve learned in history, if you have that much power with virtually no oversight, why wouldn’t you they full advantage of these capabilities?
Along with the conspiracy theory that the CIA brought down the Twin Towers, the idea that the CIA framed Russia for the breech of the DNC computer is remarkably idiotic. However, in ten years this same conspiracy theory will still be making the rounds. The CIA framed poor (Assad-supporting) Russia! The “deep state” manipulated the democratic process for nefarious reasons like inventing a new enemy, defense spending or impeaching Trump. That’s what the deep state does you know. We are all just puppets on a string.
Anti-Americanism is so rampant that even having a former KGB spy at the helm in Russia is ignored to promote a conspiracy theory – like it is beyond Putin to hack the DNC and turn over the emails to WikiLeaks to influence an important election for Russia. You can certainly see why the same suspects below the line are so unhappy with this article or as Holmer describes Mr. Zetter: “russophobic Anti Wikileaks Tenor exhibited by recent Firstlook hire”. Kim Zetter is a sellout to everything that First Look has built!
Below the line commentors like Holmer, sillyputty, photosymbiosis prefer conspiracy theories over facts. This is exactly why Ms. Zetter made it as plain as day that there is no evidence from the documents released so far that the CIA used this to frame Russia – or anyone else for that matter. Nothing like details to ruin a good conspiracy theory. You are a sellout Ms Zetter!
Craig’s wrong.
I think the actual “conspiracy theory” is that the DNC hired the private firm Crowdstrike to frame Russia for the release of DNC emails by Wikileaks, which was more likely due to a DNC insider (a leak, not a hack). This is why they refused to let the FBI examine their servers.
There are also basic issues why the DNC hack wasn’t “Russia helping Trump” – Trump was far from winning the Republican primary at the time, and if anything, the DNC release helped Sanders by exposing the dishonest sleazy activities of the DNC, the Clinton campaign, and their corporate media partners.
Yes, the Obama administration later released (Oct 7, 2016) claims that Russia was responsible for “interfering in US elections.” For all the gory details on that claim, which looks like election-related propaganda more than anything else, see:
https://www.wordfence.com/blog/2016/12/russia-malware-ip-hack/
So: there’s no solid evidence that the DNC wikileaks emails came from an external hack, not an internal leak; and while one could concoct a story that Russian intelligence used old Ukrainian malware to hack the DNC just as the CIA might have, there’s no evidence for either story.
The one issue craigsummers seems incapable of thinking about is that the malware development group in the CIA (where all these documents come from) would not have records of how the malware was used – but given the nature of the malware, it seems okay to speculate about what it could be used for, doesn’t it?
And that’s the problem with this article: it claims that Wikileaks was stating a fact about the uses of this malware, when Wikileaks was clearly just pointing out the potential uses. So it’s a lame hit piece.
And Mandiant (FireEye) and Fidelis were in on the conspiracy!? After all, they corroborated Crowdstrike’s work. Now I will grant you this, the U.S. Government has simply not provided enough direct evidence to demonstrate the level of Russian involvement in the hack. However, to ignore that the intelligence community and three private security competitors reached a similar or same conclusion cannot just be dismissed. Also important, there isn’t really compelling counter-narrative out there. For example, does anybody really believe anymore that this was the work of the Guccifer 2.0 persona?
Yes, FireEye is funded by InQTel. Did you not know this?
http://venturebeat.com/2009/11/18/cias-in-q-tel-funds-fireeye-anti-botnet-security-firm/
I’m hoping this is sarcasm …
I don’t trust any so-called ‘security’ company that is funded by the CIA. Especially when it comes to FireEye and certain other ‘security’ firms I know of.
Sorry Nate, but this attitude of mine comes from personal, professional experience.
What about Fidelis though?
http://www.threatgeek.com/2016/06/dnc_update.html
No apologies are necessary; distrusting organizations associated with the CIA, even if unfairly, is probably a safe thing. But are there other private security firms or experts casting doubt on the analysis of Crowdstrike, Mandiant, Fidelis, and others?
Not that I know of. But I wouldn’t put any faith in Mandiant.
They are a wholly owned subsidiary of FireEye. They would never disagree with their corporate parent.
That is comically cynical. How are you so certain that the employees of FireEye lack any sort of integrity? I would think that if they botched their analysis, it would significantly hurt their reputation. The federal government is not their only customer.
What you’re doing is just finding ways to disregard their analysis and conclusions.
> … there isn’t really compelling counter-narrative out there.
Oh, I think there is a pretty compelling counter-narrative that the emails were obtained through leaks.
Craig Murray, former UK ambassador to Uzbekistan, whilstleblower, and associate of Julian Assange, says flat out that WikiLeaks obtained the emails from insiders, not the Russians:
http://www.dailymail.co.uk/news/article-4034038/Ex-British-ambassador-WikiLeaks-operative-claims-Russia-did-NOT-provide-Clinton-emails-handed-D-C-park-intermediary-disgusted-Democratic-insiders.html
William Binney, the NSA whistleblower who actually developed some of the NSA’s data collection systems, and his colleagues at Veteran Intelligence Professionals for Sanity also subscribe to the “leak not hack” theory:
https://consortiumnews.com/2016/12/12/us-intel-vets-dispute-russia-hacking-claims/
I find their opinions more compelling than those of anonymous “intelligence officials”, who are basically professional liars, or analysts who were denied access to the “hacked” servers.
First of all, that Binney article is extremely weak. It is basically an argument solely based on NSA capabilities (i.e., the NSA is omnipresent and since they don’t know, it must be a leak!). The Craig Murray one on the other hand is at least much more interesting, so let’s examine:
My problems with this account: Murray got the package from an intermediary. So how does he know how the contents themselves got from the original source to the intermediary!? For all this guy knows, there could be multiple intermediaries. Secondly, I question his narrative because it has changed; specifically his explanation of how the Podesta e-mails were taken. In your linked article, he said Podesta’s files were taken from Americans with “authorized access.” However, his narrative later changed, saying that it was the U.S. intelligence community. But if it was the U.S. intelligence that stole Podesta’s emails, that wouldn’t be an example of “authorized access” but a shocking abuse and clearly illegal collection under FISA.
https://consortiumnews.com/2017/03/08/fresh-doubts-about-russian-hacking/ Specifically
So we have to weigh both sides of the hack vs. leak. If it was indeed a leak as you suggest, then why did the FBI, Crowdstrike, FireEye, and Fidelis conclude otherwise? After all, if it was a leak, why would they find digital forensic evidence of a hack? Is suggests that their conclusions are all part of a lie, or some deeper conspiracy.
Whereas if it was indeed a hack and not a leak, Mr. Murry likely could just be wrong, being intentionally or unintentionally mislead as part of a broader effort to obfuscate the real origin. If Russia did hack the contents of the DNC/Podesta, they sure as hell aren’t going to send Vlad S. Russian over to deliver the contents.
I read the FBI white paper on the alleged hacking (found here: https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&cad=rja&uact=8&ved=0ahUKEwjuov-KzszSAhXF3SYKHSWlAOYQFggaMAA&url=https%3A%2F%2Fwww.us-cert.gov%2Fsites%2Fdefault%2Ffiles%2Fpublications%2FJAR_16-20296A_GRIZZLY%2520STEPPE-2016-1229.pdf&usg=AFQjCNEUdAj_0yJBgz-wMVmwNkWWzsFfuQ&bvm=bv.149093890,d.eWE).
What they described was evidence of bog-standard malware installation that could conceivably be found on millions of compromised computers, the source of which could be any number of potential actors. The only statement attributing this activity to the published leaks was this: “The U.S. Government assesses that information was leaked to the press and publicly disclosed.”
No evidence was presented to support that assessment. The only conclusion that can be drawn is that the involvement of the Russian government in the malware installation is possible, but by no means proven.
I’m surprised you’re so dismissive of Binney’s argument. Don’t you agree that if the government had real evidence of a hack we would have seen it by now? And that if there was a hack, the government would have such evidence?
As I understand it, the FBI didn’t examine the DNC’s servers themselves. They just relied on the work of CrowdStrike, et al., so it’s not surprising they came to the same conclusion.
As for the CrowdStrike and friends reports themselves, others are less impressed by them than you:
https://medium.com/@jeffreycarr/the-dnc-breach-and-the-hijacking-of-common-sense-20e89dacfc2b#.vmt7k7mg8
(TL/DR: Their attribution isn’t to the Russian government itself but to groups they believe to be working for the GRU because they ignore data that would indicate otherwise.)
In any event, I think we’ve established that there *is* in fact an argument to be made (i.e. “compelling counter-narrative”) for a leak vs. a hack, which was my original point.
Cheers!
I like how Craig says “Deep State” in quotations.
You’re totally right Craig, there’s no such thing as the Deep State. There’s no permanent bureaucracy in Washington that has its own interests, first and foremost being maintaining funding and power of their particular institution/department/organization. And it’s totally unreasonable to believe that this seething mass of unelected bureaucrats (if they actually existed at all) drunk on taxpayer funds and power would be threatened by a President who came to power promising to “Drain the swamp.”
You’re so insightful, Craig. There is no Deep State. Just a bunch of bright-eyed worker bees eager to do the people’s bidding, for the good of the country, even if it means they’ll be out of power, out of money, and out of a job, and their department or institution will be severely diminished or eliminated.
“Deep State”… sheesh. What a riot!
LOL. How about it……!
Most people assume that Mrs. Clinton and the CIA support one another since they both like to break the law. I don’t know of any serious conspiracy theory that claims the CIA hacked the DNC server. They hate transparency, so why would they be motivated to expose the DNC’s duplicity?
If Mrs. Clinton and the DNC had nothing to hide, then they would have nothing to fear from Wikileaks publishing their e-mails. Government officials will simply have to adjust to radical transparency. Mr. Trump sends his private e-mails over Twitter for everyone to see. This makes him a model of government transparency and is the wave of the future. Why should the US government not operate with an overt agenda? They have the world’s strongest military and therefore have no need to hide their thoughts from anybody.
“……..Why should the US government not operate with an overt agenda?……”
Do you know how many far left wing journalists that would put out of work, Benito?
I have no problem with someone highlighting the self-evident fact that there was no direct evidence the CIA used the information uncovered with this latest release to frame anyone.
I do, however, have a problem where any author inserts there own opinions into any article and assigns that opinion to another party without a shred of evidence at all.
In this case, the author, saying that the CIA documents that Wikileaks released “seems intended to shed doubt on the U.S. government’s attribution of Russia in the DNC hack…” is assigning a motive to Wikileaks that exists only in that authors mind.
Why is that a problem? Because, as you say, there was no direct evidence in this release that the CIA used it to frame anyone, and the author’s insertion of that claim is, as I said, poor reasoning and poor journalism, as it adds no value for the readers, in fact it muddies the waters, instead, making the entire article more suspect in the process.
Simply put, this article confused things more than clarified for the reasons I stated – and I would, and have, stated similar objections here on other occasions, regardless of the author or subject matter.
With regards to your claim that I prefer conspiracy theories over fact: please retract that comment in your reply, or provide evidence for the specific conspiracy theory in this case that you think I fancy.
Sillyputty
How many journalists make a living at trying to expose US motives – or blaming the US for a certain geopolitical result? Of course the reason for this is because of a long history of US interference in the affairs of other countries for geopolitical reasons. It’s generally not without basis, but it might be false. In reality, Assange has been his own worst enemy for exposing his motivation for the release of emails to damage Clinton, in particular, and the US, in general (despite his denials). Ms. Zetter did not provide the background in this article which might have led her to make that opinion which (in my opinion) is right on the money. Assange has a solid background of anti-American and anti-Hillary statements. Greenwald more or less did the exact same thing with the coup in Brazil (“After Vote to Remove Brazil’s President, Key Opposition Figure Holds Meetings in Washington”):
The lack of evidence did not keep Greenwald from making that statement which was based on previous US behavior in South America. In the same way, Ms. Zetter had an opinion on the motive for WikiLeaks. You might not like it, but it is based on previous statements and interviews with Assange. She did not make it up.
So in that respect, the initial quote in my reply is exactly what was intended by Assange. Of course, that might not be his only motive. The “intended result” is all over the internet (Fresh Doubts about Russian ‘Hacking’ https://consortiumnews.com/2017/03/08/fresh-doubts-about-russian-hacking/):
That was an article by Robert Parry at ConsortiumNews. Or this article at “Wired”:
Just the suggestion that the CIA possibly could be behind the hack is meant to sow doubt in the public, but it is just a conspiracy theory until more evidence surfaces. That was at least part of the motive for Assange – like it or not.
Fair enough I’ll take it back.
Thanks.
“Fair enough I’ll take it back.
That’s refreshing, despite (or perhaps because of) the one hell-of-a-lot of hand waiving it took you to finally get there.
The takeaway from the recent Wikileaks release is this:
1. Hacking fingerprints can obviously be manipulated.
2. The assessment by Crowdstrike et al. (based upon the presence of such fingerprints on the DNC servers) – that Russian intelligence services are responsible for the malware installation – must be considered merely as ‘possible’ and not at all ‘proven.’
Craig,
Recent Firstlook hires (plural).
Fair enough, but that includes Ms. Zetter, tight?
The Wikileaks dump merely shows, and purports to show, that almost anyone, including the CIA, had the capability to make it look like Russia had done it. The idea that the CIA actually used that capability and framed Russia is YOUR (and the author’s) “conspiracy theory”, and not the Wikileaks’. So, first you posit your own conspiracy theory and then you tear down Wikileaks for providing no evidence for it. Hilarious.
I don’t really understand it either. Is it simply the desire to frame the US intelligence services as the villain? Hatred of the US political establishment? It’s not that I’m not skeptical of the CIA, blindly trusting the US intelligence community to serve as a paragon of honesty and transparency. I just don’t think the Russian version (such as the former KGB officers that make up the Russian oligarchy and are now multi-billionaires) is deserving of such trust either. I mean, I do get that it’s not proven, beyond any doubt whatsoever, that the Russian government was behind it.
I see, you’re ready to fully accept that Russia interfered in US elections (still Unproven, not for lack of trying) but the idea that CIA could have tried to blame the Russians, no.
Enjoy the koolaid
Haha, what a “piece”! First you make a false claim about what the Wikileaks dump purports to show (proof that CIA framed Russia for the hacking) and then you tear Wikileaks down for not really doing what you falsely say they set out to do. Hilarious. The leaks merely show, and purport to show, that almost anyone, including the CIA, had the ability to make it look like the Russians had done it, that’s all; something any reasonable person would have known all along. (Oh and just fyi, nobody needs to prove that Russia DIDN’T do the hacking; those making the claim that it did need to prove that it DID.)
Ned’s right.
so the wikileaks CIA documents aren’t evidence for an actual plan as an agency to frame Russia but they do show the ability to frame countries and persons.
They also show CIA’s ability to get beyond encryption (if your phone was targeted for whatever reasons and broken into and taken over) as well as to use your appliances and televisions as remote listening devices.
What they can do are allowed to do and justify doing in the name of US security is the same as other developed countries but also what they know how to do can be done by anyone in the name of any purpose or reason.
This has nothing to do with “intelligence”, the gathering of knowledge and information to combat “terrorism” – and with the democracy and the constitution not at all, that police state out of control, Stasi and Big Brother pure. The masters of the masters can still swear so many oaths that these weapons are directed only against “ultra-evil” and will never be used against their own citizens. Citizens meanwhile know better!
As a 25 year veteran of the IC with at least one tour at NSA, let me assure the author that if you had to guess between false flag and re purposing, he should put his money on the former. The IC and the FBI started looking at Trump’s colleagues, close associates last summer. When the nabobs couldn’t get candidate Trump’s name past a warrant judge, they used surrogates – and bingo!
Any relation to William Donovan?
The Intercept has matured. Had this news happened a year ago, I can imagine Mr. Greenwald ranting that CIA hoarding of software vulnerabilities makes attack vectors available to malignant actors and endangers the security of US industry and government.
So it’s nice to read an article about how these leaks demonstrate what a wonderful job the CIA is doing, reusing code to boost productivity, meeting deadlines and saving the US taxpayer lots of money. Even Mr. Summers, an inveterate critic of The Intercept’s journalism, is cheering the article. The CIA is often unfairly maligned as part of the ‘Deep State’ by conspiracy theorists. In reality, they are subject to rigorous oversight by elected officials, just like all the other intelligence agencies, and are doing their job protecting freedom and democracy, while saving the taxpayer money. It is nice to see that some news media appreciate this and are able to counteract the reporting of organizations with an agenda, like Wikileaks.
Assange said Thursday the CIA has “lost control of its entire cyber weapons arsenal.”
“This is an historic act of devastating incompetence to have created such an arsenal and stores it all in one place and not secure it,” he said.
Senate Armed Services member Ben Sasse (R-Neb.) responded to Assange’s press conference with a statement Thursday.
“Julian Assange should spend the rest of his life wearing an orange jumpsuit. He’s an enemy of the American people and an ally to Vladimir Putin.
http://thehill.com/policy/cybersecurity/323150-wikileaks-to-give-info-on-cia-hacking-techniques-to-tech-companies
I sympathize with you Benito: it’s tough when one’s political church undergoes a major renovation. A more expansive congregation can result in more diverse views. Yuck. If only we could clone 10 Glenn Greenwalds, all of TI’s opinions would be uniform and interchangeable; we wouldn’t have to face such scary cognitive dissonance!
10 Glenn clones. Not a bad idea. How do we proceed Nate?
I don’t think you’re going to like the first step…
I suppose you’re right. The Intercept does a lot of good journalism and they need to balance that with some bad journalism. However, I’m not that enthusiastic since it seems, subjectively, that producing bad journalism, while a worthwhile goal to increase diversity, should not be The Intercept’s highest priority.
From your comment one would deduce that CIA is a a charity and Wikileaks a sort of Spectre
And yet any idiot worth they weight in gold would use code and leave traces to misdirect.
Another non story by the Intercept. The CIAs job is to LIE.
Sorry, but I just don’t buy this.
Hang On .. This Reminds Me Of The ODNI Report ..
You Are Assigning Motive./s .. Moreover
You Are Assigning Motive/s In Benefit Of Known Liars
.
How Do You Assign Motives To People Who Lie ?
If everyone uses the same code then how were those 18 government agencies so certain it was the Russians using Russian code to hack the DNC and not someone else?
The Iron Net has been lifted enough to reveal the contents of Vault 7. How many more breaches will it take before The Big Bamboozle is revealed for all to see and
the Deep State is sapped of its illegitimate powers ?
[[[ The Iron Net has been lifted enough to reveal the contents of Vault 7. How many more breaches will it take before The Big Bamboozle is revealed for all to see and the Deep State is sapped of its illegitimate powers ? ]]]
When YOU realize that “The Intercept” has operatives like Matthias Schwartz who have or have not realized who is writing their paycheck….
https://theintercept.com/2017/03/08/cias-new-digital-innovation-division-cant-seem-to-keep-its-own-secrets/
https://theintercept.com/staff/mattathiasschwartz/
Mattathias Schwartz is a national security reporter for The Intercept. He has served as a contributing writer at the New York Times Magazine, a staff writer at The New Yorker, and is currently a term member at the Council on Foreign Relations. I
Better headline:
“Wikileaks files show the CIA maintaining a library of found-in-the-wild malware to save time when setting up made-to-order untraceable (or false flag) hacking operations”
Close. But shorter still.
Hmm… let’s see.
Headline: “Wikileaks reveals a CIA trove of found-in-the-wild malware”
Subheading: “Documents indicate the rogue malware can be rapidly reconfigured for specific operational needs, from unattributable hacking to false flag attacks on targeted computers and phones.”
This is also too long.
The CIAs Collection of International Rogue Malware Exploits (UMBRAGE) Allow CIA Hackers to Mask and Misattribute CIA Attacks to China Iran etc.
“Attempting To Diffuse Conspiracy Theories, The Intercept Instead Creates More”
I appreciated this article. Thanks.
The only possible explanation for this article is that like Bezos, Omidyar has a contract with the CIA.
Wait a sec, let me get this straight, you’re saying that this CIA program gives them the tools to do a false flag operation trying to frame Russia but since there are no explicit “mea culpas” in the so-far released docs, that means the CIA hasn’t done it?
If it shows that they can do it, it is good enough for me that they have done it. They don’t need to spell it out. To deny it is like saying: “Well, the CIA has overthrown democracies around the world, aided and armed terrorists, bombed civilians, spied on innocent US citizens, NOOOO,…doing a false flag operation against Russia is WAAAYYY overboard!”
This could be part of a Steve Martin and Dan Akroyd Two Wild and Crazy Guys bit.
The CIA. Same as it ever was
“Well, the CIA has overthrown democracies around the world, aided and armed terrorists, bombed civilians, spied on innocent US citizens, NOOOO,…doing a false flag operation against Russia is WAAAYYY overboard!”
Ms. Zetter
Thanks for some honesty in your reporting.
Specifically?
Sillyputty
Personally, I liked the part where Ms. Zetter indicated there was no evidence to suggest that the CIA was running false flag operations (which seems likely that they would show up in one form or another). WikiLeaks specifically brought up Russia which was more than a hint by the Russian-bot (-bought), Assange. Clearly, Assange is trying to obfuscate the connection between the DNC hack and Russia. I also like how she brought in a cyber-security expert to confirm her analysis:
“………Robert Graham, CEO of Errata Security, agrees that the CIA documents are not talking about framing Russia or other nations…….”
Maybe that will change, but for the moment that’s what I liked about this article. I’m not sure where the CNN quote came from, however.
Thanks.
There’s no evidence of any kind in these documents about what specific operations the malware tools were used in. That’s because they’re apparently from a CIA malware development group, not from a CIA operational group that uses the malware in specific operations.
As I noted, it may be easier to understand if one thinks about a group within the CIA that provides handguns, sniper rifles, explosives, etc. for covert and paramilitary operations. And suppose part of their group specializes in providing foreign-made weapons obtained “in the wild” that have their serial numbers removed. Yes, such weapons could be used in false flag coup or terror attacks (for example, delivered to ISIS) where the US government really didn’t want the weapons to be traced if captured. But the people stockpiling the weapons – the equivalent of the CIA malware development group in this analogy – they would have no idea what specific operations the weapons would be used for.
This is called “comparmentalization” and is standard practice in intelligence agencies and I really don’t understand why it has to be explained over and over again.
With all of the stolen documents, there should be some reference for using umbrage for a false flag operation. Where is the smoking gun photo? How many times have I heard that the CIA has no “proof” that Russia hacked the DNC and turned over the emails to WikiLeaks to help get Trump elected? Now we have a trove of documents from the CIA which indicates that the CIA could have used this in the DNC hack – or other operations. The author of this article simply stated that nothing has been found in the documents so far to indicate that the CIA uses this information for false flag operations. Where is the beef photo?
(1) This is not a leak from any operational division of the CIA. It’s from the “Engineering Development Group”. Of course this group wouldn’t be privy to the operations where their malware was being used. That’s not what the documents cover, is it?
(2) Wikileaks notes that a collection of found-in-the-wild malware could be used for false flag attacks and other hacking efforts that could not be traced back to the CIA. Look at their press release:
This is certainly true. But is this what the above article by Zetter claims?
This is a rather deceptive restatement of what Wikileaks said in it press release, isn’t it?
(3) The CIA has a long history of using such diversionary tactics, rather famously in “Operation MERLIN”, which James Risen wrote about (and was persecuted by the US government for writing about), a covert operation involving transfer of nuclear weapons blueprints to Iran.
The overall problem is much larger; the CIA is an agency that cooperated on cooking up lies about WMDs in Iraq for the Bush Administration, ran torture programs for the Bush Administration, coordinated drone assassinations for the Obama Administration, engages in political and economic espionage with no clear national security need, and has demonstrated a consistent mix of recklessness and incompetence for many years, as with the arming of ISIS and Al Qaeda terrorist groups in Syria.
Yes, it is a deceptive interpretation of the WikiLeaks statement, but certainly not detached from reality when it comes to the political motivation of Assange.
Now you can see what is behind this release of Umbrage – to sow doubt. Of course, we should never expect anything like that from an ex KGB agent, right?
Well it sounds like finding another guy’s wife in the wild, “borrowing” her to produce offspring because having a family of your own can be time consuming and expensive. Time for a paternity test?
Also it’s just basic common sense that this is bollocks. The CIA wanted to hack DNC/Podesta to derail Hillary and help Trump win, then blame it on the Russians to whom Trump and members of his campaign and administration have deep ties? All while helping to connect the dots between them to show collusion? It doesn’t gel. All this is is noise and distraction to muddy the waters, confuse and bewilder in efforts to make the Trump/Russia collusion story go away.
I would be surprised if the CIA didn’t know how to falsely implicate Russian hackers. OTOH since the corporate media seem willing to believe anything told to them by anonymous CIA sources, without any supporting evidence whatsoever, it hardly seems necessary.
nice the intercept acts as a mouthpiece for the cia. shame on you!
Glenn? Mona? PropOrNot?
This is the authors contention, not Wikileaks.
This is not what Wikileaks said. This is what the author should say, Because it’s what the docs explicitly show. Why the author would want to infer that Wikileaks said this is unclear.
Translation: The author isn’t the only one confused. Now the readers are.
Go on.
Not “appears to say.” The document only says this: The CIA…collects and maintains a substantial library of attack techniques ‘stolen’ from malware produced…”
Why the author would want to infer that Wikileaks said this is unclear.
You infer many other things. Why stop now?
One would think that inferring things without evidence would fall into this category.
Yours is an excellent post, Sillyputty. In an odd way, it pretty much buries the headline too.
Thank you thank you. The Intercept has such open loathing for Assange as well as professional jealously because the whistle blowers keep going to WikiLeaks where ALL of the documents they risk so very much to liberate are published as opposed to a tiny fraction – maybe it’s a trust issue with them. Why would any whistle blower allow someone, claiming high authority because…well…journalism (self defined) the power to prevent the public from knowing what is in the documents he/she liberated?
Ody’s gang might have to milk a few more drops from the NSA stash next year if the “See something leak something” logo cannot convince enough whistleblowers to risk their lives for nothing.
Heartening to see others recognizing this for the vanity project it is.
In Edward Snowdens case he handed the NSA docs off to Glenn and Laura (among others) based on their independent minded journalistic integrity.
Then Glenn, Laura and Jeremy justifiably threatened by TPTB with the criminalization of and even prosecution for their intrepid journalism struck a deal with Omyidar ensuring themselves deep pockets for potential litigation with elements of the deep state and a guarantee of journalistic independence. Given the recent wholly counterintuitive (In Glenn’s house? Are you kidding me?) Russophobic Anti Wikileaks Tenor exhibited by recent Firstlook hires it’s pretty clear Sam, Micah, John, Jon, Robert and Kim dishonor in word and actions the very nonpartisan journalistic integrity we so highly prize Glenn for in the first place.
“……..Russophobic Anti Wikileaks Tenor exhibited by recent Firstlook hires it’s pretty clear Sam, Micah, John, Jon, Robert and Kim dishonor in word and actions the very nonpartisan journalistic integrity we so highly prize Glenn for in the first place…….”
By non partisan, you mean anti-American to the core, right Christopher? If the opinion peace doesn’t quite fit neatly into your definition of “non partisan”, then it’s not worthy of the Intercept. Because every article I have read at the Intercept is partisan in one way or the other. So say what you mean Christopher rather than hide behind the idiotic concept of non partisan, OK? Even Greenwald realizes there is no such thing.
Dear Vague,
The Deep State and US Congress Are Clearly Bipartisan While You Vague
Are Clearly Bipolar.
Eh Partisano?
Excellent post
Why hasn’t Glenn Greenwald written an article about this yet? C’MON GLENN!
Thanks, Sillyputty. I just read the piece and came down here to perform the vivisection it needs and deserves, but now I won’t have to.
Kim Zetter: Up your game or find new work, or at least a different workplace. Please.
I figured I would be able to come down here into comments and get some clarifications on this strange article, and I was right. Thanks!
Not sure about the take-away? Umm…..”nothing to see here” or “there, there.”
My understanding is that the attribution on the DNC server was done by a private company, CrowdStrike, who were also responsible for setting up the server in the first place.
The DNC would be crazy if it let the US government or any of its agencies anywhere near their server. The 17 US intelligence agencies merely opined that it was probable the Russian government was monitoring the DNC server, (given the fact that they monitor the servers of all significant political parties in Russia).
[[[ WIKILEAKS FILES SHOW THE CIA REPURPOSING HACKING CODE TO SAVE TIME, NOT TO FRAME RUSSIA ]]]
I guess TI doesn’t use TOR anymore, right?
This article is highly misleading at best.
The Wikileak files DO NOT show the any operational reasons that the Umbrage development group was using found-in-the-wild code, just the developmental reasons. Let’s look at the actual wording used in the document in question:
All these files are from a development group, right? Think of that as something like a gun manufacturer / weapons dump. Say, for example, you wanted to arm a group to carry out a coup. That would be operational. If you armed them with U.S. military weapons, well, that might be a giveaway. So you might consider holding onto a large cache of foreign-made weapons which could be “rapidly combined into custom solutions.” Why? Any number of reasons. You want to make sure that serial numbers on the guns can’t be traced back to their point of origin, which might reveal who backed the coup. Or you might want to frame some other country as being behind the coup attempt.
But, as with this set of malware hacking tools, the people who build the guns and stockpile them don’t need to know what they are going to be used for. In fact, some of the Wikileaks documents explicitly state this:
Translation: “We are building weapons. Some with custom code, some with found-in-the-wild code. Our job is to optimize weapons production, to be able to produce anything that is asked of us. Period. No questions asked, and no questions are to be asked, about the end use of these weapons. That’s not our job, and anyone asking such questions is a security risk.”
In fact, nowhere in the internal CIA documents are ANY specific target countries mentioned, making this Intercept report one of the more disingenuous and deceptive articles published on this topic.
Target countries are however discussed in the Kaspersky Labs report on Equation Group (NSA apparently) hacking targets, included in the documents (notice that the domestic United States is a rather significant target, too):
https://wikileaks.org/ciav7p1/cms/files/Equation_group_questions_and_answers.pdf
Thus, when Wikileaks states that these tools could be used by the CIA to attribute cyberespionage or cyberterrorism or cyberwarfare to a third-party non-CIA group, they are correct.
Code attribution by Intelligence Services may be identifiable,but who in their right mind would trust attribution 100% I guess consensus is the standard. We live in a Clockwork Orange world. Distrusts and cynicism with institutions are off the charts, there is really no good reason;
Lets take a short walk. Man made Global Warming,trust the science? Hockey Stick sound familiar. When Science meets Politics,Science loses every time.
Rebels,insurgents,terrorists, ISIS-ISIl -Al Nusra moderate rebels, just give them American weapons and hope the less bad guys win.BTW, The Saudi gas pipeline across Syria may happen if the less bad guys win.
Tony Podesta gets millions from Russian Banks, Uranium One, Clinton Foundation on one side, Trump, Wilkileaks, and a little Sunshine on the other. Donna Brazile is a Christian woman after all. Poor Bernie,what a Schmuck.
John Brennan ,need a shower just typing that, only looking out for America,such a patriot. BTW, where is John? Everyone has Ollie Ollie in Free except John. The silence is deafening.
Got to go,need more time.
Yeas the CIA does need to save time, makes sense to me. Where do I send my money now,the Foundation is shuttered? Maybe I’ll send directly to Langley,they need more people,you know need to save time an all.
Ah, on this: “Rebels,insurgents,terrorists, ISIS-ISIl -Al Nusra moderate rebels, just give them American weapons and hope the less bad guys win”
https://www.youtube.com/watch?v=r8bwCj3lfsg
BBC: “On the trail of IS weapons in Iraq” (3 min video)
So, why not buy American weapons for ISIS and support domestic manufacting at American weapons factories? Because it just wouldn’t look good, would it, supplying a bunch of radical fanatic murderers and rapists to overthrow a foreign government with American-made weapons.
And that’s also why the CIA would want malware weapons that couldn’t be traced back to their malware development team, as with UMBRAGE.
Yes and it would save time.
[[[ Yeas the CIA does need to save time, makes sense to me. Where do I send my money now,the Foundation is shuttered? Maybe I’ll send directly to Langley,they need more people,you know need to save time an all. ]]]
IF you read a lot of the wikileaks… you’ll realize that MOST of these “paid” hackers are pretty f’n incompetent, too.
Why do authors even allude to anyone’s alleged motives?
It simply does not matter what you think these claims “seem intended” to do; and writing your mind-reading into something is poor reasoning, and poor journalism.
These actions, if true, (there’s a good qualifier, editor) shed doubt on the U.S. government’s attribution of Russia in the DNC hack.
WHAT?! who allowed this story to be posted?
There must be no departure from the evidence-free assertion as inerrant truth, no, gospel among the self described cognoscenti posting here..that :
1. Russia and Trump have done nothing of note, certainly not worth commenting on, much less investigating….and
2. that the all purpose deep state™ in coordination with those bastards, the Democrats, are behind every imaginable negative….and require no evidence or proof. It is prima facie fact.
Glenn.
Laughing at not with your lame sarcasm. I love it when center libs broadcast their mental state by ascribing it to others.
‘mental state’ … hilarious!
sounds like a self appointed cog’ got a little tweaked to think others are laughing at them and their trump apologia
“trump apologia” and there it is, proof you are a complete dipshit
That ruse you try where you pretend only people who
like Trump criticize Democrats? No one is buying it.
BS. I’ve read enough of the rank ideology posted on this screech board in service of Trump.
speaking of dipshits, is it your turn to run interference today? Asshole
woah RMD, quite the coup there!
Yes, since there are plenty of dopes
on this board who love their Trump, then somehow
your argument makes some kind of sense….
Actually there are plenty of different kinds of stupid here.
You are the center lib / Dem apologist kind.
“rank ideology posted in service of Trump” is another kind.
I am neither. What I say is much closer to the truth than either
of your sorry camps.
you have confirmed it! what self-congratulatory adulation. I suggest you get a room all to yourself.
grabbing ‘apologist’ and whacking me with it?
and for the Dems?
please feel at liberty to link something along those lines when you’re free from self congratulation and posing in front of your imaginary awards for truth.
take a selfie and share it with someone who cares.
I merely groan under the weight of piles of slanted horse manure wondering if anyone at this site has any interest in, you know, discussing what the fuck is happening with the psych ward and his benefactors abroad.
you game?
Re-purposing Russian code to save time seems like poor security, as that code could contain deliberately introduced security flaws. In fact, allowing your hacking software to circulate on the internet seems like poor security as well.
However, perhaps the CIA is more clever than it appears at first glance. By leaking their code to Wikileaks, the Russians now have access to the full suite of CIA hacking software. So in future, the presence of CIA hacking code on any computer will be proof that it has been infiltrated by the Russians.
Austin Powers, International Man of Mystery (imdb.com):
“Scott Evil: I just think, like, he hates me. I really think he wants to kill me.
Therapist: He doesn’t really want to kill you. Sometimes we just say that.
Dr. Evil: No actually the boy is quite astute. I really am trying to kill him, but so far unsuccessfully. He’s quite wily, like his old man. “
That last sentence is finger licking good.
Deserves to be widely disseminated,
especially before this really happens.
You heard it here first. Benito is doing prophecy.
I like to see more technical articles like this in the Intercept, very interesting all of it.
Does the headline imply that somehow it has been shown that the CIA is NOT framing Russia, rather than that no evidence has been provided that the CIA IS framing Russia?
if so…. It’s a subtle but important difference and as bevin writes below, misinfo is “beyond the public nuisance stage” now so extra care should be taken right now.
Extra care that should have been exercised by the editors who desperately rushed this naked emperor out the door.
These new leaks give me hope that Amazon’s Alexa device isn’t compromised…
Oooooooh, Intercept readers are going to just LOVE this article…
Juan Thompson threads still dead too…
https://theintercept.com/2017/03/03/statement-on-the-arrest-of-former-intercept-reporter-juan-thompson/
Umberage intended to “save CIA time and money” impersonating nation state actors.
Wikileaks told us what UMBRAGE code could do for any nation state hacker.
Kim’s “story” tells us what UMBRAGE code may or may not do not for one nation state hacker – the nation state hacker that assembled UMBRAGE code.
What wikileaks seems to be saying is that the CIA et alia use the DNA of other hackers tools in their own hacks as a way of obscuring that they are CIA hack attacks. People are pointing out that the only evidence offered to back the claims that Russia ‘meddled’ in the American election was the presence of said DNA, and rightly pointing out that the ‘evidence’ could just as easily point to the CIA being the meddlers.
You might want to examine your dismissal of that as being ‘unsubstantiated by the evidence’ if you want to avoid running the risk of having to apologize the same way those who dismissed the questioning of the ‘unquestionably proven’ claims that Iraq had WMDS minutes from launch.
When did The Intercept become an apologist for the CIA? Since a nationalist/populist assumed the presidency and they don’t like his particular brand of nationalism and neither does the deep state? Politics really does make strange bedfellows.
“What we can conclusively say from the evidence in the documents is that they’re creating snippets of code for using in other projects and they’re reusing methods in code that they find on the internet,” he told The Intercept. “Elsewhere they talk about obscuring attacks so you can’t see where it’s coming from, but there’s no concrete plan to do a false flag operation. They’re not trying to say ‘We’re going to make this look like Russia’.”
Making it “look like Russia” is an added/implied benefit of using existing Russian (or Chinese, or North Korean, or Iranian, etc etc) code and they know this.
Seriously. The Intercept is starting to become no more trustworthy than the New York Times or Buzzfeed.
Agreed. The misleading claims and repeated assertions that there is evidence of Russian involvement in the release of the Podesta and DNC emails have got beyond the public nuisance stage and are threatening to become embedded in the culture.
This article simply argues that there is nothing in the Vault 7 revelations to prove that the, non existent and unproffered evidence of Russian involvement can be dismissed on grounds other than their non existence.
And that, friends, is a non story.
A non story rushed out the door by an Intercept editorial staff desperate to
continue mainstreaming TI for Pierre (why wasn’t TI on the CIAs PropOrNot list again?) via their partial embrace of the DNCs failed Russian Narrative.
Want to save time impersonating nation state hacker?
Use their code.