Should Americans Trust the Intelligence Community on Russian Hacking?
By Frank Parlato
The US Intelligence Community has concluded with ‘high confidence’ that hacks which led to leaks of emails of the Democratic National Committee (DNC) and Clinton Campaign Manager John Podesta were orchestrated by the Russian government.
In analytics, “high confidence” is defined as an assessment deemed very likely to be true yet carries with it the possibility of being in error.
For instance, in 2002, the US Intelligence Community concluded with “high confidence” that Iraq was “expanding its chemical, biological, nuclear and missile programs.” After lives were lost, taxpayer money spent, a nation destabilized, and American multinational corporations enriched, it was found to be false.
In concluding with ‘high confidence’ that Russia hacked the DNC computer server, the Intelligence Community relied on the private cyber security company retained by the DNC.
FBI cyber special agents did not access the DNC server.
FBI Director James Comey explained to the Senate Intelligence Committee in an open session on Russian interference in the U.S. presidential election on January 10, 2017 that the FBI made “multiple requests at different levels,” to DNC officials to allow their agents to access its server but were rebuffed.
The FBI “ultimately” reached an agreement with the DNC that CrowdStrike, a “highly respected private company,” would get access and “share” what it found with investigators, Comey said.
DNC Deputy Communications Director Eric Walker told BuzzFeed News that the DNC provided the FBI with “all of the information uncovered by CrowdStrike — without any limits.”
Walker contradicted Comey in one respect, saying, “The FBI never requested access to the DNC’s computer servers.”
Based in Irvine, California, CrowdStrike Inc. was launched in 2012.
CrowdStrike’s CTO and cofounder, Dmitri Alperovitch was born in 1980 in Moscow and expatriated to the US in his teens. His father was a Russian nuclear physicist.
In 2015, Google Capital, now renamed CapitalG, led a $100 million investment in CrowdStrike bringing the startup company onto the world stage of cyber security and pioneering the controversial field of cyber sleuthing or hacker attribution.
Google was the Clinton campaign’s largest corporate contributor.
CrowdStrike’s Alperovitch is a nonresident senior fellow of the Atlantic Council, a ‘think tank’ involved in the field of international affairs which has been accused of providing its donors access to government officials and publishing reviews that suit the agenda of its donors.
Headquartered in Washington DC, the Atlantic Council, whose budget spiked from $2 million to $21 million in a decade, is funded in part by United Arab Emirates, Lebanese billionaire Bahaa Hariri, US State Department, NATO, Kingdom of Bahrain, the Turkish Ministry of Energy & National Resources, the Ukrainian World Congress, The Blackstone Group, weapons manufacturers Lockheed Martin, Raytheon, Northrop Grumman, oil companies ExxonMobil, Shell, Chevron, BP, Ukrainian billionaire Victor Pinchuk who donated $10 million to the Clinton Foundation, and The Ploughshares Fund, which is financed by George Soros’ Open Society Foundation.
In 2013, the Atlantic Council awarded Hillary Clinton it’s Distinguished International Leadership Award.
CrowdStrike was paid more than $200,000 by the DNC.
Within two hours of starting their investigation of the DNC computer server, in May 2016, CrowdStrike attributed the hack to two “Russian espionage” groups they named Cozy Bear and Fancy Bear, who are “some of the best adversaries out of all the numerous nation-state, criminal and hacktivist/terrorist groups.”
According to CrowdStrike, Cozy Bear is operated by cyber spies with the FSB, the Russian equivalent of the CIA, while Fancy Bear was linked to the GRU, Russia’s military intelligence service.
“Their tradecraft is superb… and the extensive usage of ‘living-off-the-land’ techniques enables them to easily bypass many security solutions they encounter,” wrote Alperovitch, adding that the Russian hackers constantly switched tactics to maintain a stealth presence inside the DNC network and used built-in Windows tools to avoid resorting to malicious code that might trigger alerts.
“They flew under the radar,” Alperovitch said.
Despite Fancy Bear and Cozy Bear’s stealthy capabilities, CrowdStrike detected clues: Metadata files written in Cyrillic [Russian alphabet]; Emails using the Russian email service Yandex; Data exfiltrated to an IP address associated with an earlier hack attributed to Russian Intelligence; Operations conducted during business hours in Moscow and dormant during Russian holidays. And remnants of malware dubbed Agent-X, which CrowdStrike said only Russian Intelligence possessed.
On June 14, CrowdStrike posted a report online that stated the DNC server had been hacked by “sophisticated” Russian state hackers. The news was reported around the world.
The following day, Guccifer 2.0, an online entity, whose persona is a Romanian hacktivist dedicated to fighting totalitarian and global industrial interests, including the fabled “Illuminati”, wrote on a blogsite, “Worldwide known cyber security company CrowdStrike announced that the Democratic National Committee (DNC) servers had been hacked by “sophisticated” hacker groups.
“I’m very pleased the company appreciated my skills so highly))) But in fact, it was easy, very easy…. any other hacker could easily get access to the DNC’s servers.”
Guccifer 2.0 posted several DNC documents and said, “The main part of the papers, thousands of files and mails, I gave to Wikileaks. They will publish them soon. I guess CrowdStrike customers should think twice about company’s competence. Fuck the Illuminati and their conspiracies!!!!!!!!! Fuck CrowdStrike!!!!!!!!!”
CrowdStrike wrote in response that it “stands fully by its analysis [that] Russian intelligence” hacked the DNC network.
The US Intelligence Community has concluded with “high confidence” that Guccifer 2.0 is operated by Russian Intelligence, but have to date not publicly disclosed what technical evidence led to this assessment.
Following the Guccifer 2.0 claims, Fidelis Cybersecurity and Mandiant, a cyber-forensics firm owned by FireEye, confirmed that samples of Agent-X they were given by CrowdStrike was similar or identical to malware linked to hacks attributed to Fancy Bear and/or Cozy Bear.
But Jeffrey Carr, of the cyber security company, Taia Global Inc., said Agent -X is not exclusively possessed by Russia, and that Ukrainian hackers ‘RUH8’, which self-identifies with Pravy Sektor, a Ukrainian Nationalist group that seeks war with Russia also has the malware.
An American cybersecurity company, ESET, reportedly was able to obtain the source code for X-Agent for the Linux OS with a compilation date of July 2015.
“If an American security company has [Agent X] you can be certain other people do, too,” Carr said.
James Scott, senior fellow at the Washington-based Institute for Critical Infrastructure Technology, said that other malicious actors could mimic procedures of Fancy Bear and Cozy Bear.
The online publication Ars Technica suggested that while the hack could be Russian Intelligence, it was possible the “Russian fingerprints were left intentionally by someone who has no connection to Russia, or by a Russian-speaking person with no connection to the Russian government, or any number of other scenarios. The abundance of plausible competing theories underscores just how hard it is to accurately attribute attacks online and how perilous it is to reach summary conclusions.”
Russian security investigative journalist Andrei Soldatov said “It is almost impossible to know for sure whether or not Russia is behind a hack of the DNC’s servers”.
On July 10, 2016, Seth Rich, 27, who was in charge of the DNC’s national data computer-voting turnout program, was shot twice in the back in Washington DC. The Metropolitan Police Department said he was a victim of an attempted robbery, but the gold chain around his neck, his watch, his wallet with money and credit cards and his cell phone were reportedly not taken. Some people thought his death might be related to the DNC hack.
On July 22, 2016, WikiLeaks published more than 19,000 emails of seven leaders of the DNC. The emails showed leaders of the party privately favored Hillary Clinton over her opponent Bernie Sanders, while publicly claiming the party operated on democratic principles.
Other embarrassing emails showed insincere fundraising tactics, dirty tricks, and name calling. Because of the leaked emails, four DNC leaders resigned: National Chairman Debbie Wasserman Schultz, CEO Amy Dacey, CFO Brad Marshall and Communications Director Luis Miranda.
Shortly after the release of the emails, the founder of WikiLeaks, Julian Assange, said the “source [of the leaks] is not the Russian government and it is not a state party.”
He said, “Circumstantial evidence that some Russian, or someone who wanted to make them look like a Russian, was involved” was “not the case for the material that we released.”
In August, Assange announced a $20,000 reward for information about the murder of DNC computer specialist Seth Rich.
During an interview with Dutch TV’s Nieuwsurr, Assange said: Whistleblowers go to significant efforts to get us material and often significant risks. There was a 27-year old [Seth Rich] that works for the DNC who was shot in the back… murdered.. for unknown reasons as he was walking down the street in Washington.
Host: That was just a robbery, wasn’t it?
Assange: No. There’s no finding.
Host: What are you suggesting?
Assange: I am suggesting that our sources take risks and they become concerned to see things occurring like that.
Host: But was he one of your sources, then?
Assange: We don’t comment on who our sources are.
Host: But why make the suggestion?
Assange: Because we have to understand how high the stakes are in the United States and that our sources face serious risks… that’s why they come to us so we can protect their anonymity.
Host: But it’s quite something to suggest a murder… that’s basically what you’re doing.
Assange also spoke with TV reporter Megyn Kelly.
Assange said, “We’re not saying Seth Rich’s death is necessarily connected to our publication, that’s something that has to be established – but if there’s any question about a source of WikiLeaks being threatened people can be assured that this organization will go after anyone who may have been involved in some kind of attempt to coerce or possibly in this case kill a potential source.”
Assange associate, former British Ambassador Craig Murray also claimed the emails were not leaked by Russians, but that a Democratic insider met him in Washington DC and gave him the data.
Murray said, “Neither of the leaks came from the Russians. The source had legal access to the information. The documents came from inside leaks, not hacks.”
On October 7, WikiLeaks began releasing the emails of John Podesta, Clinton’s campaign manager.
The cybersecurity company SecureWorks concluded Fancy Bear hacked the account.
On December 9, 2016, the CIA told U.S. legislators the U.S. Intelligence Community concluded with “high confidence” the Russian government was behind the Podesta hack.
The content of the emails revealed, among many embarrassing missives, the inner workings of the Clinton campaign, the Clinton Foundation, and the content of some of her paid speeches to moneyed interests which were in contradiction with her campaign platform.
After Hillary Clinton lost the election, President Obama called for a review of the intelligence relating to the DNC hack. On Jan. 6, The Office of the Director of National Intelligence released a 25-page report on Russia’s role in influencing the US election.
The unclassified report left out all technical evidence that Russia hacked the DNC or Podesta. In its “Scope and Sourcing” section, the report explains evidence does exists, but can’t be declassified.
Instead the report focused on motive: “Russia’s goals were to undermine public faith in the US democratic process, denigrate Secretary Clinton, and harm her electability and potential presidency,” the report reads without explaining how Intelligence judged the motives of Russia. “We further assess Putin and the Russian Government developed a clear preference for President-elect Trump. We have high confidence in these judgments.”
In March 2017, WikiLeaks released “Vault 7?, a trove of documents claimed to be leaked from the CIA.
Vault 7 suggests the CIA has the capability to leave electronic trails to “misdirect attribution” by leaving false cyber fingerprints. With a library of foreign malware and foreign hacking tools, the CIA could plant Russian, Chinese, Iranian or other hackers’ fingerprints to make the hacker appear to be from a country other than the hacker’s true nation. The CIA neither confirmed nor denied the Vault 7 documents were authentic.
The release led to questions about the detection of clues by CrowdStrike.
The Russian “fingerprints” on the alleged DNC hacking attacks – such as Agent-X, Cyrillic letters, the Russian email, the IP address, were now touted as possible counterevidence of Russian hacking.
CrowdStrike’s original report touted the superb skills of the Russian hackers. As it stood, the DNC was hacked by one of the most sophisticated, diabolical foreign intelligence services, who clumsily left Russian clues that led to their identification.
At the March 20 House Intelligence Committee hearing on Russian interference in the US elections, FBI Director Comey said that Russia did this deliberately and were “counting on us [The Intelligence Community] to amplify it by telling the American people what we saw and freaking people out about how the Russians might be undermining our elections successfully.”
Comey explained the motive: Russians “hated” Clinton and “wanted to harm her and thought they might have a chance to help Mr. Trump. And then later, they concluded that Mr. Trump was hopeless and they would focus then on just trying to undermine Secretary Clinton.”
During the hearing, FBI Director Comey put the spotlight on Trump and his Republican associates when he said the FBI will investigate “any links between individuals associated with the Trump campaign and the Russian government and whether there was any coordination between the campaign and Russia’s efforts.”
Three of Trump’s allies have been identified as possible targets: Trump’s former campaign chairman Paul Manafort, Carter Page, a foreign policy adviser to the campaign, and longtime Trump friend and adviser, Roger Stone.
The case against Stone appears to rely entirely on comments Stone made during the campaign and a twitter exchange with Guccifer 2.0 after the DNC emails were published on WikiLeaks.
US Rep Adam Schiff (D-Calif.) laid out the case against Stone at the House Hearing.
He said, “In the middle of August, [Stone] communicates with the Russian cutout Guccifer 2.0, and authors a Breitbart piece denying Guccifer’s links to Russian intelligence.”
In trying to make a case against Stone, US Rep. Schiff added, “[I]n August, Stone does something truly remarkable, when he predicts that John Podesta’s personal emails will soon be published.”
Actually, Schiff was imprecise.
On August 5, Stone wrote an article published in Breitbart entitled “Dear Hillary: DNC Hack Solved, So Stop Blaming Russia.” In it Stone argues there is no actual proof that Guccifer 2.0 was a Russian cutout and that Guccifer 2.0 is likely the Romanian hacktivist he claims to be.
After posting the Breitbart story to his website, Stone tweeted out a link to his 100,000-plus followers, adding, “Roger Stone shows Russians didn’t hack Hillary.”
Stone said his entire communications with Guccifer 2.0 was via Twitter and does not discuss plans for hacking or leaking. The exchange took place after the DNC leaks were released.
The exchange is as follows:
On August 12, in response to Stone’s Breitbart story, Guccifer 2.0 tweeted to Stone, “thanks that u believe in the real #Guccifer2.”
On August 13, the twitter account of Guccifer 2.0 was suspended because Guccifer 2.0 published the private phone numbers and email addresses of Democrats in the House of Representatives.
On August 13 Stone tweeted “Guccifer 2.0” a “HERO.”
On Aug. 14, after Guccifer 2.0’s twitter was reinstated, Stone sent a private twitter message to Guccifer 2.0 saying he was “delighted” the account was reinstated, adding, “Fuck the state and their MSM [mainstream media] lackeys.”
Guccifer 2.0 wrote back, “wow. thank u for writing back, and thank u for an article about me!!! do u find anything interesting in the docs i posted?”
Stone replied “How the election can be rigged against Donald Trump.”
On August 16, Stone tweeted a link to a story he wrote about how the presidential election could be “rigged against Donald Trump” through manipulation of electronic voting machines.
On August 17, Stone messaged Guccifer 2.0, “Please retweet how the election can be rigged against Donald Trump.” Guccifer 2.0 replied, “paying u back” then retweeted Stone’s tweet.
On Aug. 17, Guccifer 2.0 privately messaged Stone, “I’m pleased to say that u r great man. and i think I gonna read ur books. please tell me if i can help u anyhow. it would be a great pleasure to me.”
Stone did not respond to ask for help. Guccifer 2.0 then sent some information about how Democrats try to win voters and asked Stone’ opinion. Stone replied casually that it was “pretty standard” political strategy.
That concluded their communications.
In addition to the twitter exchange, Stone’s public statements are what Schiff claimed is evidence of collaboration between Stone and Russian hackers.
Here are the germane dates and substance of his public statements:
On August 10 Stone said in a speech in Miami, “I actually have communicated with Assange. I believe the next tranche of his documents pertain to the Clinton Foundation, but there’s no telling what the October surprise may be.”
On Aug. 12, Stone predicted on the #MAGA podcast that he believed Assange has emails deleted by Clinton aides Huma Abedin and Cheryl Mills.
On Aug. 15, Stone told World Net Daily he communicated with Assange and predicted that the forthcoming material will be related to the Clinton Foundation.
On Aug. 16, Stone told radio host Alex Jones he has “backchannel communications” with Assange who has “political dynamite” on the Clintons.
On Aug. 18, Stone said in an interview on C-SPAN he’s been in touch with Julian Assange “through an intermediary—somebody who is a mutual friend.” WikiLeaks tweeted in response to Stone’s appearance, “We are happy to hear true information from everyone. But so far, we have not heard from Mr. Stone.”
On Aug 21: Stone tweeted that “it will soon the Podesta’s time in the barrel.”
This oft cited by Democrats Stone tweet is not a prediction of the release of leaked emails like some of his other predictions. Stone says the tweet referred to Podesta’s business dealings with Russia.
On Aug. 26, in an interview with Breitbart Radio, Stone predicted, “I’m almost confident Mr. Assange has virtually every one of the emails that the Clinton henchwomen, Huma Abedin and Cheryl Mills, thought that they had deleted, and I suspect that he’s going to drop them at strategic times in the run up to this race.”
On Aug. 29, Stone predicted on local Florida radio of Assange and the Clinton Foundation, “Perhaps he has the smoking gun that will make this handcuff time.”
Sept. 16: Stone predicted on Boston Herald Radio that he expects WikiLeaks to “drop a payload of new documents on a weekly basis fairly soon. And that of course will answer the question of exactly what was erased on that email server.”
On Oct. 1, Stone tweeted a prediction, “Wednesday @HillaryClinton is done. #Wikileaks.”
On Oct 2, Stone went on Alex Jones’s show and predicted, “I’m assured the motherlode is coming Wednesday.” He added, “I have reason to believe that it is devastating.”
On Oct 3, Stone tweeted that he was confident that “my hero Julian Assange” would soon “educate the American people.”
On October 5 Stone tweeted, “Payload coming” and included the hashtag “Lockthemup.”
October 7, WikiLeaks began to release Podesta’s emails.
As a point of fact, Stone predicted leaks that “pertain to the Clinton Foundation,” and ”emails deleted by Clinton aides Huma Abedin and Cheryl Mills.” He never predicted Podesta’s emails would be leaked.
What Stone claims he meant by Podesta’s :”time in the barrel” is coming is that Podesta’s Russian business ties is a story that he felt was ready to be told.
While Stone goes into great detail abou
t Podesta’s role in interconnected companies that suggest money laundering of Russian rubles, something which FBI agents may assess in their investigation, the short version is:
In July 2009, Podesta’s Center for Progressive America (CAP), released a study advocating for closer relations with the Russian government “through increased trade ties and an improved investment climate.”
While operating CAP, and advising Secretary of State Hillary Clinton, Podesta received some unusually large donations from shell companies with apparent Russian ties.
Podesta then joined the executive board of Joule Unlimited, a small energy company that claimed to pioneer a technology based on harnessing solar energy from photosynthetic bugs.
Other board members included senior Russian officials.
Two months after Podesta joined the board, Rusnano, a Russian government-owned joint-stock company, announced it would invest up to one billion rubles [$35 million] into Joule.
This investment was alleged to be part of a Russian scheme to move billions of weak rubles into U.S. dollars by parking them as “investments” in high-tech US companies.
While the Russian government is investing in Podesta’s businesses in 2011, he is an advisor to Hillary Clinton at the State Department.
In 2013, Podesta is named as a special counselor to President Barack Obama.
In Podesta’s financial disclosure form in 2013, he failed to disclose his shares of Joule stock, which is funded in part by the Russian government, and fails to disclose that he is on one of the three corporate boards Joule has, their Netherlands holding company.
If the case against Podesta warrants FBI scrutiny, the Russian ties of Bill and Hillary Clinton may also.
Stone points out that Clinton wasn’t always an enemy of Russia who Putin “hated.”
In 2009, The Obama administration was seeking to “reset” strained relations with Russia. His secretary of state Hillary Clinton played an important role in assisting Russian government entities in accessing U.S. capital, in seeking investments in U.S. high technology companies, and in acquiring US owned uranium.
Secretary of State Clinton spearheaded U.S. involvement in a Russian government technology initiative called Skolkovo which was planned to be the Russian equivalent of America’s Silicon Valley.
Unlike the entrepreneurial culture in California, Skolkovo would be run by Russian government officials. The head of the Skolkovo Foundation, Viktor Vekselberg, an oil and metals billionaire, and Putin confidant, was a Clinton Foundation donor.
He was not alone. Of the 28 Russian, American, and European Key Partners in Skolkovo, 17 made financial commitments to the Clinton Foundation or sponsored speeches by Bill Clinton.
Three major Clinton foundation donors, Cisco, Google and Intel invested heavily in aiding the Russians to develop Skolkovo.
In April 2014, the FBI warned American firms about dealing with Skolkovo calling it “a means for the Russian government to access our nation’s sensitive or classified research, development facilities and dual-use technologies with military and commercial applications.”
While US investors were investing in developing Russian technology that could be used for weapons and commercial enterprises, and simultaneously donating to the Clinton Foundation, Clinton aided Russia to free itself of foreign dependence on uranium.
Rosatom, the Russian State Nuclear Agency, which manages the country’s nuclear arsenal through its subsidiary ARMZ, wanted to purchase 51 percent of a Canadian uranium mining company, Uranium One in 2010, which happened to be a company Bill Clinton had longstanding ties.
In fact in 2005, Canadian mining financier Frank Giustra launched the company and traveled to Kazakhstan with Bill Clinton at his side. There with Clinton’s help, Giustra persuaded the president of Kazakhstan to sign over interests in three lucrative uranium mines controlled by the state-run uranium agency Kazatomprom.
By 2007, Giustra acquired uranium mines in Africa and Australia worth billions and his company, Uranium One, began purchasing uranium mines in the United States, becoming such a powerhouse in the United States uranium sector, that the company owned 20 percent of US uranium reserves.
Giustra donated $31.3 million to the Clinton Foundation and later held a fundraiser for the Clinton Giustra Sustainable Growth Initiative, to which he pledged $100 million.
As the company expanded into a muti-billion dollar company, Russia offered to buy a majority [51%] interest. Since uranium is a strategic asset, the sale had to be approved by a number of United States government agencies. Among the agencies that needed to sign off was the State Department headed by Hillary Clinton.
There was much to consider: The United States produces only 20 percent of the uranium it needs for industrial use and the Russians were proposing to take control of 20 percent of America’s uranium production capacity.
The authority to approve or reject the Russian control of US uranium rested with cabinet officials on the foreign investment committee, including Clinton, who, as secretary of state, had an influential voice.
During this crucial period, the chairman of Uranium One donated several million dollars to the Clinton Foundation as Hillary Clinton’s committee reviewed his deal to sell the controlling stock of Uranium One to the Russians.
In June, 2010, as Russia’s Rosatom edged closer to majority ownership in Uranium One, and awaited Hillary Clinton’s sign off on the deal to sell US uranium assets to Putin, Bill Clinton was invited to speak in Moscow. His $500,000 fee was paid by Renaissance Capital, a Russian investment bank whose capital analysts promoted Uranium One’s stock, assigning it a “buy” rating.
According to a Russian government news service, Putin personally thanked Clinton for speaking.
In October, The Committee on Foreign Investment in the United States completed its review of the deal.
Hillary Clinton signed off and the sale of the control of 20 percent of US uranium interest to Russia was completed. The deal was strategically important to Putin since up until then Russia did not produce enough uranium to meet its needs.
Rosatom’s chief executive Sergei Kiriyenko told Putin in an interview, “Few could have imagined in the past that we would own 20 percent of U.S.[uranium] reserves.”
While the US lost one-fifth of all uranium production capacity in the United States, Rosatom became one of the world’s largest uranium producers. This brought Putin closer to his goal of controlling the global uranium supply chain.
The Intelligence Community said with “high confidence” that Putin hated Hillary Clinton.
After Putin got Clinton’s help in getting her donors to develop his Russian Silicon Valley and took control of US uranium, Russia annexed Crimea, began its aggression in Ukraine and the Cold War 2 commenced.
Whether Bill and Hillary Clinton and Clinton Foundation coordination with Russia rise to the same level of FBI interest as Roger Stone’s tweets to Guccifer 2.0 about his being banned from twitter for a day, or Stone’s numerous predictions that Clinton Foundation emails or Huma Abedin’s deleted emails might one day be found and leaked, is hard to say.
Stone has concluded with “high confidence” that the Intelligence Community has its own agenda and it’s hard to rely on anything they say.
Stay tuned for part 4.