Behind the Security Reports Alleging Russian Hacking
When the U.S. intelligence community released two reports claiming that Russia had targeted the U.S. election with influence campaigns and cyberattacks, it sparked a maelstrom of debate over the legitimacy of the vote. According to a veteran of the intelligence community, however, the reports show a departure in how agencies typically verify information and appear to carry a political motive.
A close examination of the reports shows they are factually hollow, rely on filler content, and contain information that might sound impressive on the surface, but essentially describes run-of-the-mill intelligence operations conducted by many countries—the United States included.
“People shouldn’t be interfering in our elections. In an ideal world that’s true, but in the real world everyone does that,” said Drew Berquist, a veteran of the intelligence community and founder of security-focused website OpsLens.
“I know it’s appalling to know that’s going on, but that’s how it is,” he said.
For example, ahead of the 2008 U.S. presidential race, the Chinese regime was accused of hacking campaign emails of both John McCain and Barack Obama. These attacks, while taken seriously, were broadly written off as typical intelligence gathering by a foreign government to understand the policies of each campaign.
“If you’re looking at just this in general, it’s pretty accurate to say that’s just intelligence gathering,” he said.
While this year’s intelligence reports focused solely on Russia, a complete list of foreign influencers would be “certainly longer than one country,” Berquist said. Notably, even leaders in the European Union were publicly condemning Trump and his policies, which similarly amounts to attempting to influence a foreign election.
Thin on Details
The first report on Russian interference was released by the FBI and Department of Homeland Security (DHS) on Dec. 29, 2016, with a disclaimer that it “does not provide any warranties of any kind regarding any information contained within.” The 13-page report includes less than two pages of claims about alleged Russian cyberattacks, then jumps into what appears to be filler content broadly explaining how companies can guard against cyberattacks.
While the report fails to provide evidence, it says two hacker groups believed to be tied to the Russian government, APT28 and APT29, hacked “a U.S. political party.” It adds that “both groups have historically targeted government organizations, think tanks, universities, and corporations around the world.”
The second report was released on Jan. 6 through the Office of the Director of National Intelligence (ODNI), and collected analysis from the CIA, FBI, and National Security Agency (NSA). It claimed to be a declassified version of a “highly classified assessment” and noted it “does not and cannot include the full supporting information.” The 25-page report “assesses” that “Russian President Vladimir Putin ordered an influence campaign in 2016 aimed at the U.S. presidential election.”
The declassified report bases much of its evidence on how the Russian news outlet RT was covering the election, noting its anti-Hillary Clinton and pro-Donald Trump stance. It also notes that representatives from RT had met with Julian Assange, head of WikiLeaks, which released emails damaging to the Clinton campaign during the election. At the time, WikiLeaks had released its “Global Intelligence Files” that included emails from geopolitical intelligence company Stratfor.
In terms of offering any hard evidence for their deeper claims, both intelligence reports fail to do so and instead relied on public trust that information they are not showing publicly validates their arguments.
On Jan. 10, however, BuzzFeed released the full text of one of the main sources used in the ODNI report: an unconfirmed, indirect, 35-page dossier with provocative allegations about Trump’s dealings with Russia, allegedly collected by a former British MI6 agent who currently runs a private security business.
In a post on Twitter, Trump called the report “fake news” and a “total political witch hunt.”
Although BuzzFeed posted the report, editor-in-chief Ben Smith said, “There is serious reason to doubt the allegations,” in a memo to staff he shared via Twitter on Jan. 10. He noted the dossier contained “unverified allegations about Donald Trump and Russia” and that BuzzFeed reporters had been chasing specific claims for weeks, but were unable to verify the information.
One big question is, how did unconfirmed and bizarre claims from an indirect, third-party source serve as a foundation for an intelligence report that damaged the reputation of the president-elect, and that was released barely a week ahead of his inauguration?
The simple answer, according to Berquist, is that the reports were politically motivated.
“It’s become overly politicized, and [intelligence officials] are using anything they can, whether the information is open source, or—like that dossier—to include information that shouldn’t be there. But that’s how it’s being done now,” he said.
With politically motivated intelligence gathering, he said, “people aren’t willing to seek out the full picture, and if they do get it, they’re not willing to share it because it doesn’t go with the story.”
Berquist said the reports show a significant departure from how the intelligence agencies used to find and verify information. He noted there used to be a stronger vetting process. He said that in the past, if an attack did occur, the intelligence community wouldn’t act based on just rumors. They would talk to their sources on the ground and do all they could to get a clear picture. “You don’t just jump the gun,” he said.
Berquist said this shows a type of “shapeshifting that’s going on” in the intelligence community, where heads of intelligence departments are stepping out of their roles to get involved in surface politics. CIA chief John Brennan “shouldn’t be out there feuding with President-elect Trump,” he said.
“Your job is just to collect vetted, strong intelligence, and let policymakers decide right, wrong, or the difference,” he said, referring to Brennan.
“Why do you care what BuzzFeed says, or Politico, or even the most trusted news source in the world? You’re the intel team. You go out and vet it, and run your own sources,” he said. “You don’t just publish it based on your current feelings.”