Donald Trump finally believes Russia hacked the DNC

*That* secret dossier is just the latest twist in an extraordinary story.

Donald Trump finally believes Russia hacked the DNC

It's been an extraordinary couple of weeks in the ongoing media tornado that US President-Elect Donald Trump finds himself in - related to just who hacked the US Democratic Party, and released swathes of confidential email correspondence to WikiLeaks.

At the very tail end of 2016, the United States kicked out 35 Russian intelligence officers - seemingly in response to the Kremlin's alleged involvement in the attacks.

At the same time, the FBI and US Department of Homeland Defense published a report into what it described as "Russian military cyber activity".

Apt28 apt29

The report makes a good read, if you want to know how to better protect your business from spearphishing attack, or avoid having your vulnerable webservers co-opted into assisting hacking campaigns.

But where it fails, in the eyes of many independent computer security experts, is in providing any technical evidence that points towards Russia being behind the attacks.

As we described in a recent episode of Smashing Security, attributing attacks reliably is very difficult - and it's quite possible that the United States intelligence agencies have more in the way of convincing evidence that they simply cannot share publicly for understandable operational reasons.

Yes, in my opinion it probably was an attack orchestrated by Russia. But wouldn't it be nice to know for sure?

So our eyes lit up when we heard that intelligence chiefs were briefing Donald Trump with more information about what they knew about the attacks.

Sure enough, the Director of National Intelligence (DNI) released the catchily-titled much meatier report last Friday, entitled "Background to 'Assessing Russian Activities and Intentions in Recent US Elections' The Analytic Process and Cyber Incident Attribution".

In that declassified report, based upon the information the FBI, CIA and NSA shared with Donald Trump at their meeting, the agencies described with confidence their belief that the Russian government "aspired to help President-elect Trump's
election chances when possible by discrediting Secretary Clinton and publicly contrasting her unfavorably to him."

There was little doubt it seemed, in the minds of America's intelligence agencies, that the Russian government's fingerprints were all over the hack:

"The General Staff Main Intelligence Directorate (GRU) probably began cyber operations aimed at the US election by March 2016. We assess that the GRU operations resulted in the compromise of the personal e-mail accounts of Democratic Party officials and political figures. By May, the GRU had exfiltrated large volumes of data from the DNC."

The report went on to suggest that the Russian government went on to use sites like DNCLeaks, WikiLeaks and a hacker persona using the name "Guccifer 2.0" to spread information stolen from DNC staff's email accounts.

Again, no smoking gun is presented in this report - but clearly the intelligence chiefs believed there was serious Russian meddling during the US election. That's not to say the electoral voting machines themselves were hacked, but suggestions are made damage was done to Hillary Clinton's campaign which served Trump well.

And now, this week, things have got really salacious.

At the end of October last year, Mother Jones reported that a veteran spy had collated a dossier containing "explosive" information about close ties between Trump, his campaign team and Russia.

The story went largely unnoticed until CNN published an article on Monday, claiming that Trump and outgoing President Barack Obama had been presented with a two-page summary of the allegations, alongside the declassified report on alleged Russian interference in the US election.

CNN's story (which did not go into lurid detail) was the push that BuzzFeed needed to publish the full unexpurgated dossier, acknowledging that the document contained unverified allegations and a number of errors.

Part of dossier

Trump was apoplectic, describing the media stories as a "witchhunt".

As I tweeted at the time, the dossier was sensational and (in some ways) entertaining to read. But it had been circulating amongst the media and political figures for some time.

No-one had been able to verify whether what the dossier actually claimed was true or not, and it would be a mistake to rush into believing that it was necessarily accurate.

Of course, that didn't stop many on social media (I admit it, me included) having some fun with some of the dossier's more lurid elements, and spawning hashtags like #watersportsgate.

My advice is that we should be cautious about jumping to conclusions. It wouldn't take a lot of effort to write a sensational dossier about a political figure filled with scandalous accusations about him and his colleagues. What's much more effort is confirming whether the allegations have a basis in truth. And that's something that the media have not yet managed to do.

Frankly, what Donald Trump might or might not get up to in hotel bedrooms isn't very important - provided no-one has it on video, and isn't planning to use it against him.

What does matter is if US electors were influenced by an interfering foreign state, if US political parties had their systems broken into by hackers backed by the same foreign power, and if Trump's presidency might be unduly influenced and compromised by - oh, let's just say it - Russia.

At least we're making some progress. In a shambolic press conference on Wednesday, Donald Trump confirmed that he did now believe Russia was behind the hacking, albeit with a caveat:

"I think it was Russia, but I think we also get hacked by other people. It's not just Russia."

I guess that's a step forward from him suggesting it could have been a 400lb hacker, sitting in his bedroom.

Secretary of state nominee Rex Tillerson appears to agree that Russian President Vladimir Putin had approved the hacks.

This is a ripping yarn, with many twists and turns, and the story doesn't seem likely to be over any time soon. One day, maybe we'll know which bits of it are true, and which are not.

Let's hope, for everyone's sake, that day isn't too far away.

Tags: , , ,

Smashing Security podcast
Check out "Smashing Security", the new weekly audio podcast, with Graham Cluley, Carole Theriault, and special guests from the world of information security.

"Three people having fun in an industry often focused on bad news" • "It's brilliant!" • "The Top Gear of computer security"

Latest episode:

, , ,

11 Responses

  1. Bob

    January 12, 2017 at 12:52 am #

    Naturally Donald Trump would say that this is nothing more than yellow journalism :-D

    I’ll get my coat… or should I say raincoat.

  2. c0mbatm0nk

    January 12, 2017 at 9:42 am #

    Light on fact, heavy on speculative association. Thus goes the world of hacking.

  3. campbell

    January 12, 2017 at 10:29 am #

    isn't this a case of Cherry picking by Trump where he gives credence to content referring to the DNC but if it implicates him then he says "Fake News" ?

  4. chinabull

    January 12, 2017 at 10:32 am #

    Matrix Management? – IF Trump changed his tune because US agencies (now?) also have a copy of that video. Pure unsubstantiated speculation, from my wild imagination. Even just the possibilities are rippling. And so the NWO begins ;-)

  5. David L

    January 12, 2017 at 3:18 pm #

    The Main Stream Media has lost almost all credibility here in the US. That last report you mentioned that Buzzfeed, then CNN put out, was riddled with falsehoods. The lawyer for one, never went to Prague, that's been firmly established since yesterday. And multiple other errors, or discrepancies in that report have been called into question. As for the intelligence community, Clapper has told bald faced lies directly to Congress on many occasions, and the rest of the leaders are still Obama's political hacks, soon to be gone. Then watch what comes out of those agencies. Obama's admin. has been one of the most politicized ever, and the UN-Justice Department one of the worst. Talk about criminal, the whole admin. are rank Hypocrites!

  6. Puti

    January 13, 2017 at 8:46 am #

    Russian had dirt on both Hillary and Trump and asked themselves. Which candidate would be worst for America? They quickly released the dirt on Hillary so Trump would win. And now Putin is stroking Trump's ego to let Trump think he's a friend. Trump's being played for a fool.

    • Harvey Lyles III in reply to Puti.

      January 13, 2017 at 2:34 pm #

      @POOT-EN-Where this this gas come from?

  7. Rodrigo Paris

    January 13, 2017 at 2:47 pm #

    Drumpf continues flip-flopping. Anything new?

  8. Chris Webb

    January 13, 2017 at 3:49 pm #

    Just a note of reassurance for whoever needs it, urine from a healthy person has anti-bacterial properties.
    But on a word of caution for fellow readers "Never eat the yellow snow.."

  9. Mike

    January 14, 2017 at 2:20 am #

    Who really cares if it was the Russian or Mickey Mouse, that hacked, the info came from. Clinton and the DNC screwed up and got caught. This business of trying to blame someone of them braking the law is getting old.

  10. John Kurzman

    January 18, 2017 at 3:11 pm #

    I can see the CNN talking heads now: First Donald said it was "a 400 pound hacker sitting in his bedroom", and now its #leakileaks in a hotel room. Wild times with the Donald.

Leave a Reply