Americans and their news media have displayed a great willingness to believe that the Russian government stands behind the theft and release of emails that may have helped Donald Trump win the U.S. presidential election.
They should keep in mind that, despite the “high confidence” of intelligence agencies, tracing a data breach is almost never a sure thing.
Two years ago, Sony Pictures suffered an embarrassing hack that released a trove of confidential data. After four weeks of research, the Federal Bureau of Investigation concluded that the North Korean government was responsible. An FBI press release explained that the conclusion was based partly on the fact that the malware used on Sony was similar to tools found in previous attacks attributed to North Korea.
In that case, blaming North Korea made sense. The attack was accompanied by a demand that Sony Pictures pull its film “The Interview,” a tasteless comedy depicting an effort to assassinate North Korean leader Kim Jong-un. It seems plausible that Kim might be self-absorbed enough to order a cyber attack to stop the release of an unflattering movie.
Then in February, the Bangladeshi central bank fell victim to an $81 million cyber-heist. Upon examining the tools used, security researchers discovered the same type of malware that was used against Sony Pictures, including identical encryption keys. As one security researcher explained, “If you believe North Korea was behind [the Sony Pictures] attacks, then the bank attacks were also the work of North Korea.”
Well, wait a minute. That seems a bit out of character. North Korea doesn’t have a history of conducting bank heists for financial gain, and the same attacks were attempted on other banks all around the world. Are we supposed to believe that the North Korean government was responsible for everything?
The attribution of a cyber attack to a particular nation-state often relies on the results of previous assessments, and on the assumption that those earlier assessments were correct. Problem is, there’s rarely any affirmative validation. If we correctly identify North Korea as the perpetrator of a hack, no North Korean official will come forward and say “Whoops! You got us!”
Many security experts doubted the FBI’s original assessment of the Sony hack, including one researcher who previously infiltrated Sony’s network himself. Sony Group has a long and well-documented history of network breaches across all its subsidiaries. Why did the FBI blame North Korea and not “somebody sitting in a bed someplace?”
Assessing a cyber attack is more art than science. Intelligence analysis deals with information that is often intentionally deceptive. As Central Intelligence Agency veteran Richards Heuer, Jr. explains, “The significance of information is always a joint function of the nature of the information and the context in which it is interpreted.”
This feels uncomfortable to those who want to be sure beyond a reasonable doubt. Extraordinary claims require extraordinary evidence, and the idea that a nuclear-armed state stole Democratic National Committee emails to interfere with the U.S. election is a pretty extraordinary claim. After all, multinational corporations have suffered much bigger data breaches at the hands of hackers with far fewer resources.
Unfortunately, intelligence agencies tend to avoid revealing their sources, lest they alienate their allies. As we learned from Edward Snowden’s leaked documents, the National Security Agency relies on “fourth party collection,” which entails stealing information that foreign agencies have collected on their own surveillance targets. For example, the NSA has spied on South Korea to find out what South Korea has learned from spying on North Korea.
Intelligence agencies expect people to trust them, but they also have to earn that trust. It was only last Friday that President Obama ordered a review of potential election-related hacking. While the idea of Russian meddling might fit conveniently into the collective disbelief that Donald Trump could have won the election fairly, we should probably demand more evidence before freaking out.
(c) 2016, Bloomberg View · Elaine Ou
4 Responses
This article is missing the point. Even if Russia wasn’t behind the hacking, there still remains the bigger issue looming behind this story; Donald Trumps relationship with Russia.
Putin is a thug. Trump likes him.
Putin wants to forcibly take over other lands, like he did with Crimea. Trump would likely care less.
Putin wants the powerful NATO forces out of his way, allowing him to terrorize and seize more land for Mother Russia. Trump has publicly said that he’s willing to disband NATO funding (leaving areas around Russia defenseless).
And what happened to draining the swamp? Trump is appointing all of his rich elite buddies.
Yes folks, it’s the same old same old. You thought he’d be different because he wasn’t a politician? Well, now he is a politician, so don’t hold your breath for a hero in this greedy man.
I’m still glad Hillary didn’t get in. She’s even worse. Just by the way…
Ignoring idiots like Jill Stein, the claim is that the Russians were gathering information, which is what countries do. No one is asserting they someone manipulated the vote count or stole votes.
Whether the Russians would prefer Trump is debateable. Trump favors a strong military whereas the Democrats don’t. No one knows what Trump will do in terms of foreign affairs, and Putin probably would prefer the certainty of harmless Hillary over the unknown of unpredictable Donald.
Every business man worth his position on the levels of trump or tillerson of. Exxon deal with every leader as per hacking don’t we do the same. Didn’t Barry send his operatives to usreal and give an anti isreal isreal ngo 300,000 dollars to attack bibi
Stop the non sense he won and this no different then the hanging chads
Want scandle Detroit where close to 40% of there districts have mire dem votes then people that signed in
Was this Russia too