empire watch, latest, United States
Comments 8

US Intel Vets issue statement disputing Russia Hacking Claims

from Consortium News

As the hysteria about Russia’s alleged interference in the U.S. election grows, a key mystery is why U.S. intelligence would rely on “circumstantial evidence” when it has the capability for hard evidence, say U.S. intelligence veterans.

Veteran Intelligence Professionals for Sanity

MEMORAMDUM

Allegation of Hacking Election are Basless

A New York Times report on Monday alluding to “overwhelming circumstantial evidence” leading the CIA to believe that Russian President Vladimir Putin “deployed computer hackers with the goal of tipping the election to Donald J. Trump” is, sadly, evidence-free. This is no surprise, because harder evidence of a technical nature points to an inside leak, not hacking – by Russians or anyone else.

Monday’s Washington Post reports that Sen. James Lankford, R-Oklahoma, a member of the Senate Intelligence Committee, has joined other senators in calling for a bipartisan investigation of suspected cyber-intrusion by Russia. Reading our short memo could save the Senate from endemic partisanship, expense and unnecessary delay.

In what follows, we draw on decades of senior-level experience – with emphasis on cyber-intelligence and security – to cut through uninformed, largely partisan fog. Far from hiding behind anonymity, we are proud to speak out with the hope of gaining an audience appropriate to what we merit – given our long labors in government and other areas of technology. And corny though it may sound these days, our ethos as intelligence professionals remains, simply, to tell it like it is – without fear or favor.

We have gone through the various claims about hacking. For us, it is child’s play to dismiss them. The email disclosures in question are the result of a leak, not a hack. Here’s the difference between leaking and hacking:

Leak: When someone physically takes data out of an organization and gives it to some other person or organization, as Edward Snowden and Chelsea Manning did.

Hack: When someone in a remote location electronically penetrates operating systems, firewalls or any other cyber-protection system and then extracts data.

All signs point to leaking, not hacking. If hacking were involved, the National Security Agency would know it – and know both sender and recipient.

In short, since leaking requires physically removing data – on a thumb drive, for example – the only way such data can be copied and removed, with no electronic trace of what has left the server, is via a physical storage device.

Awesome Technical Capabilities

Again, NSA is able to identify both the sender and recipient when hacking is involved. Thanks largely to the material released by Edward Snowden, we can provide a full picture of NSA’s extensive domestic data-collection network including Upstream programs like Fairview, Stormbrew and Blarney. These include at least 30 companies in the U.S. operating the fiber networks that carry the Public Switched Telephone Network as well as the World Wide Web. This gives NSA unparalleled access to data flowing within the U.S. and data going out to the rest of the world, as well as data transiting the U.S.

In other words, any data that is passed from the servers of the Democratic National Committee (DNC) or of Hillary Rodham Clinton (HRC) – or any other server in the U.S. – is collected by the NSA. These data transfers carry destination addresses in what are called packets, which enable the transfer to be traced and followed through the network.

Packets: Emails being passed across the World Wide Web are broken down into smaller segments called packets. These packets are passed into the network to be delivered to a recipient. This means the packets need to be reassembled at the receiving end.

To accomplish this, all the packets that form a message are assigned an identifying number that enables the receiving end to collect them for reassembly. Moreover, each packet carries the originator and ultimate receiver Internet protocol number (either IPV4 or IPV6) that enables the network to route data.

When email packets leave the U.S., the other “Five Eyes” countries (the U.K., Canada, Australia, and New Zealand) and the seven or eight additional countries participating with the U.S. in bulk-collection of everything on the planet would also have a record of where those email packets went after leaving the U.S.

These collection resources are extensive [see attached NSA slides 1, 2, 3, 4, 5]; they include hundreds of trace route programs that trace the path of packets going across the network and tens of thousands of hardware and software implants in switches and servers that manage the network. Any emails being extracted from one server going to another would be, at least in part, recognizable and traceable by all these resources.

The bottom line is that the NSA would know where and how any “hacked” emails from the DNC, HRC or any other servers were routed through the network. This process can sometimes require a closer look into the routing to sort out intermediate clients, but in the end sender and recipient can be traced across the network.

The various ways in which usually anonymous spokespeople for U.S. intelligence agencies are equivocating – saying things like “our best guess” or “our opinion” or “our estimate” etc. – shows that the emails alleged to have been “hacked” cannot be traced across the network. Given NSA’s extensive trace capability, we conclude that DNC and HRC servers alleged to have been hacked were, in fact, not hacked.

The evidence that should be there is absent; otherwise, it would surely be brought forward, since this could be done without any danger to sources and methods. Thus, we conclude that the emails were leaked by an insider – as was the case with Edward Snowden and Chelsea Manning. Such an insider could be anyone in a government department or agency with access to NSA databases, or perhaps someone within the DNC.

As for the comments to the media as to what the CIA believes, the reality is that CIA is almost totally dependent on NSA for ground truth in the communications arena. Thus, it remains something of a mystery why the media is being fed strange stories about hacking that have no basis in fact. In sum, given what we know of NSA’s existing capabilities, it beggars belief that NSA would be unable to identify anyone – Russian or not – attempting to interfere in a U.S. election by hacking.

For the Steering Group, Veteran Intelligence Professionals for Sanity (VIPS):

William Binney, former Technical Director, World Geopolitical & Military Analysis, NSA; co-founder, SIGINT Automation Research Center (ret.)

Mike Gravel, former Adjutant, top secret control officer, Communications Intelligence Service; special agent of the Counter Intelligence Corps and former United States Senator

Larry Johnson, former CIA Intelligence Officer & former State Department Counter-Terrorism Official

Ray McGovern, former US Army infantry/intelligence officer & CIA analyst (ret.)

Elizabeth Murray, Deputy National Intelligence Officer for Middle East, CIA (ret.)

Kirk Wiebe, former Senior Analyst, SIGINT Automation Research Center, NSA (ret.)

Advertisements

8 Comments

  1. Fake news-Russia hacking stories are psychological operation efforts to deflect attention from WikiLeaks revelations – 2014 Clinton email showing Saudi-Qatari money / logistics to ISIS (the most dangerous “threat to the world”), plus strong circumstantial evidence of pedophilia in Podesta emails. Notice Clinton’s awkward, erroneous attempt to tie Comet Pizza event (shot(s) fired – nobody injured) – a domestic matter – to global/”fake news”, foreign propaganda, and requiring new Orwellian laws establishing an effective Ministry of Truth. What people are witnessing is an attempt to cover up state-sponsorship of terrorism and pedophilia crimes of elites.

    Like

  2. michaelk says

    Rejoice! Rejoice! I’ve just discovered that little Bana is safe and sound. She and her entire family have been rescued from Aleppo in the nick of time, just before the Russian barbarians arrived. Who knows what their fate might have been? There have been conspiracy theories that Bana was never in Aleppo at all and her marvelous and touching tweets were written by her mother. Shame on you! As if the Guardian would ever swallow such a propaganda ruse without verification. Bana is safe and well and in Turkey, where she most certainly hasn’t been all the time.

    Like

  3. michaelk says

    What I find particularly disturbing is how quickly liberal opinion is lurching towards an almost medieval way of looking at and explaining events and the world. I’m not kidding. Putin is Satan incarnate. A non-existant and invisible army of Russian demons is all around us, hacking and influencing our lives trying to win us over by stealth to Satan/Putin’s side and our very deepest thoughts and ultimately our souls are under attack.

    And it’s all bollocks, yet one wouldn’t know this from reading the Guardian, which studiously doesn’t report the statements and evidence of real people like Assange and Murray who step into the light to back up their words. The Guardian ignores them, but chooses instead to go with the lies and partisan comments of spies talking about invisible threats and spies who don’t allow us to see the evidence for their astonishing accusations. It’s like Assange in Sweden all over again. The accusations, however unlikely, however unprovable, are accepted without the need for examination or even a trial.

    And when the House Intelligence Committee, which is supposed to have oversight, asks the CIA and the wider intelligence community to come and brief them in private about the exact nature of the accusations and the evidence that the DNC was hacked into by Russia; they are ignored and nobody will talk on the record because they could be charged with perjury if they lied to the committee. Now, even the most credulous and stupid Guardian journalist must see that this is a flashing neon sign in a dark cave that somethings wrong here. But, apparently, they don’t see it, or don’t dare see it, now the anti-Russian anti-Trump juggernaut is rolling. Step in front of that machine and it’ll roll right over you.

    It’s scary. It’s totalitarian, though of the softer liberal variety. They can now publish any bullshit, no matter how ridiculous, no matter how un-verified, without a shred of evidence, and magically (we’re back in the new-medieval again) turn fake news into truth… amazing.

    Like

    • Assange does have a credibility problem – he’s no good in bed (alledgedly!) Apparently that counts as rape in Sweden.
      Apart from that, £12m plus of our money is being well spent illegally detaining him without trial. I wonder, what benefit would that money be spent into our actual prison system? Could it have prevented the riots and possible breakdown of the system? Or am I missing the point? A G4S privatized prison industrial complex?

      Like

  4. If the consequences were not so grave, I’d call this the Clinton Chicken Coup – just how did the CIA topple as many governments as it has – by causing the opposition to laugh themselves to death?
    Of course, this is mainly for the ‘faithless electors’ of the electoral college, who vote today. They couldn’t even be bothered to brief them, which should tell you all you need to know.
    At least they got two new converts; FBI Director Comey and Director of National Intelligence Clapper – they must have developed a liking for a certain Italian dough based fast food – i dare not contemplate what ‘topping’ they prefer. #Compromised.
    All in all, does this point to the perfection of our sociocultural evolution that results in “the end of history?” I think not.

    Like

.....................

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s