White House Kicks Russian Diplomats Out Of The Country, Releases Preliminary Report On Russian Hacking With More To Come

from the escalation-time dept

As was widely expected, the White House officially announced its response to claims of Russian interference in our election process, and the “response” is basically kicking 35 Russian diplomats out of the country. Russia admittedly suggested it will do the same. The announcement also includes adding some entities to the official list of “Specially Designated Nationals and Blocked Persons.” Somewhat incredibly, now added to that list is the FSB, which is the modern incarnation of the KGB. What’s incredible about this was that it took until now for this to happen. With this, the administration also issued an executive order expanding on a previous executive order from last year, enabling it to take these actions.

Somewhat ridiculously, the new executive order just shows the full new order, and doesn’t call out what changes were made from the original. So I went through and did a diff on the two executive orders myself. The first major change is an additional first line of who can be sanctioned. While the original had a description of what types of people could be sanctioned for cybersecurity violations, that same sanction has been bumped down to the 2nd item, and the new first item is:

the persons listed in the Annex to this order

Hmmm. That feels unfortunately close to an “enemies list.”

The second major change is the addition of this action which can get you sanctioned to a long list of reasons:

tampering with, altering, or causing a misappropriation of information with the purpose or effect of interfering with or undermining election processes or institutions;

Yup. Remember, we noted already that interfering with “election systems” was not previously listed as a sanctionable offense. Now it is. That was to be expected.

Along with this report, Homeland Security and the FBI also (finally) released something of a “Joint Analysis Report” about the alleged Russian interference. The only major revelation in there is that the US government is referring to this hacking program as “GRIZZLY STEPPE.”

This Joint Analysis Report (JAR) is the result of analytic efforts between the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI). This document provides technical details regarding the tools and infrastructure used by the Russian civilian and military intelligence Services (RIS) to compromise and exploit networks and endpoints associated with the U.S. election, as well as a range of U.S. Government, political, and private sector entities. The U.S. Government is referring to this malicious cyber activity by RIS as GRIZZLY STEPPE.

Previous JARs have not attributed malicious cyber activity to specific countries or threat actors. However, public attribution of these activities to RIS is supported by technical indicators from the U.S. Intelligence Community, DHS, FBI, the private sector, and other entities. This determination expands upon the Joint Statement released October 7, 2016, from the Department of Homeland Security and the Director of National Intelligence on Election Security.

This activity by RIS is part of an ongoing campaign of cyber-enabled operations directed at the U.S. government and its citizens. These cyber operations have included spearphishing campaigns targeting government organizations, critical infrastructure entities, think tanks, universities, political organizations, and corporations leading to the theft of information. In foreign countries, RIS actors conducted damaging and/or disruptive cyber-attacks, including attacks on critical infrastructure networks. In some cases, RIS actors masqueraded as third parties, hiding behind false online personas designed to cause the victim to misattribute the source of the attack. This JAR provides technical indicators related to many of these operations, recommended mitigations, suggested actions to take in response to the indicators provided, and information on how to report such incidents to the U.S. Government.

Other than that, the report really doesn’t tell us much more than was already reported in the past by various cybersecurity outfits, about the supposed infiltration by two hacking groups — called APT28 and APT29 (APT: Advanced Persistent Threat) that people say are connected to the Russian government. There is a nifty graphic, though:

The report also posts the YARA signature of the malware that was used (and encourage security folks to check for matching YARA signatures on their systems), and highlights (as was already known) that most of the “hacking” involved spearphishing (directly targeting individuals and tricking them into giving up passwords, with fake password reset requests).

The report does not add much to prove that it was actually the Russians behind this, though everyone insists that’s now the consensus view. The NY Times notes that “a more detailed report on the intelligence… will be published in the next three weeks,” which certainly could reveal more details. But… of course… “much of the detail — especially evidence collected from “implants” in Russian computer systems, tapped conversations and spies ? is expected to remain classified.” In other words, for those who are still skeptical that it was Russia, don’t expect them to be convinced by any of this.

Meanwhile, Donald Trump, when asked about all of this managed to toss off his typical word salad of nothingness:

?I think we ought to get on with our lives. I think that computers have complicated lives very greatly. The whole age of computer has made it where nobody knows exactly what is going on. We have speed, we have a lot of other things, but I?m not sure we have the kind, the security we need.?

Yes, it’s true that attribution in online security is difficult, but most of that statement is completely ridiculous.

And, of course, this is all kinds of a mess. You have claims of attacks that no one wants to back up with actual details, for fear that it will reveal too much about sources and methods. You have escalation of “diplomatic responses” to counter this attack that everyone tells us was done by the Russians. You have an incoming President who basically said “how do I even computer.” None of this is good, and none of it should be okay from no matter where you sit. If we’re going to get into a fight with Russia, it would be nice if we had more evidence that “hey, someone broke into the email systems of political parties — because those organizations are bad at security.” But that doesn’t seem likely to happen.

Instead, we’re left with this weird game where we’re constantly being told “trust us” by one side and “computers confusing” by the other. That’s not comforting.

Filed Under: , , , , ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “White House Kicks Russian Diplomats Out Of The Country, Releases Preliminary Report On Russian Hacking With More To Come”

Subscribe: RSS Leave a comment
Anonymous Coward says:

Re: Re: Re:2 enough with the political shenanigans...T-bills

“Why willingly be indebted to your own enemy.”

This is a CORE reason behind the US remaining Isolationist as reasonably possible.

We should never have mixed our economic future to the degree we have now.

George Washington warned us about EVERY fucking problem we have NOW before they happened and no one listened. The real enemy are ‘Globalists’ that nasty group that seeks to bring us the TTIP, TPP, TISA and all those Foreign investor states and courts for helping businesses RULE THE WORLD through economic power.

The Rothschild’s are on target.

“The few who understand the system, will either be so interested from it’s profits or so dependant on it’s favors, that there will be no opposition from that class.”

“Give me control of a nation’s money and I care not who makes it’s laws”

Anonymous Coward says:

Re: Re: Re:4 enough with the political shenanigans...T-bills

While I get what you are trying for, you still sound like an apologist.

Greed is a vice, not an entity to be regarded with a label such as enemy… and the Globalists have that vice in exponential spades. That hole in their heart eats at them constantly. 100 million 100 billion 100 trillion… it will never be enough. Not because they ‘just’ love money and are only JUST greedy but because of the POWER it brings!

Power is the real objective… the power to tell YOU what to do be it directly or indirectly. The power to command men and women at whim so that they can stand on their backs and use them up as they require or desire.

Power achieved through wealth is infinitely more enviable and desired than power achieved through direct physical methods.

Richard (profile) says:

Re: Re: Re:5 enough with the political shenanigans...T-bills

The odd thing is that wealthy people are also covetous of the rights and possessions of people who are actually poorer than them. Witness the attitude of major rightholders to small businesses that scrape a living by using what they percieve to “their” property, often in spite of the fact that their own living is not amaged in any measurable way.

This is an article of faith of the right.

Envy of those poorer than you is infinitely more dangerous than envy of richer people because, whereas a bit more sharing would defuse the latter, there is no fix for the former without grinding the poor into the dust.

Anonymous Coward says:

Re: Re: FYI

I have made this point in the past. If those e-mails are the type that would change the outcome of an election they should absolutely be released. That is the exact reason they should be released and this is exactly the type of information that should be released. We have a right to know who we are voting for before we vote.

Claims that information that would change an election outcome shouldn’t be released is proof that the reason for the government’s secretiveness is not intended to serve the public interest. Its secretiveness is done in self interest. It has nothing to do with national security.

If the information changed the election outcomes then Russia wasn’t the one responsible for the election outcomes by releasing said information. It was the information itself that was responsible for the outcome. It was the candidate’s own doing. Blaming it on the fact that the information got out is no less than a criminal blaming the fact that they got put in jail on the fact that they got caught. No, it was their own actions of committing the crime that put them in jail. That politicians refuse to admit this is evidence of how ridiculous this whole thing is. It’s like me blaming the government for catching the criminals instead of blaming the criminals for committing their crimes in the first place.

Anonymous Coward says:

Re: Re: Re: FYI

The Clinton campaign at one point discussed openly releasing all the emails they believed might have been hacked so as to beat Wikileaks. Clinton also asked why all government emails excedpt those obviously dealing with classified/natsec matters should not anyway be public as a matter of course. There were at the time (during the campaign) media reports with attribution attesting these discussions occurred but of course the matter got little attention in the middle of the sound&fury of the campaign.

It is a subject worthy of being raised again with Trump in power – why not openly dump all government emails along with associated policy documents, papers, cttee hearing reports and so on & so on?

Thad (user link) says:

Re: Re: Re: FYI

It’s a bit more complicated than that, I think.

Are the e-mails news? Yes. Were they in the public interest? Yes.

Were they leaked by unauthorized sources? Yes. Did some of those sources intentionally choose the DNC and the Clinton campaign, rather than the RNC or the Trump campaign, as a deliberate choice, intending to swing the outcome of the election? Most likely. Did those sources include a foreign government? Maybe. Is all that in the public interest too? Yes.

It’s not either-or. There’s no logical contradiction in thinking that Hillary Clinton and her campaign behaved unethically and that Russian propagandists manipulated the election on behalf of the candidate they favored.

Anonymous Coward says:

Re: Re: Re:2 FYI

“Did some of those sources intentionally choose the DNC and the Clinton campaign, rather than the RNC or the Trump campaign, as a deliberate choice, intending to swing the outcome of the election? Most likely.”

and there were many revelations about Trump as well that Clinton supporters put out to try and discredit his campaign. Like the locker room recordings. Those revelations were chosen to swing the elections just as well. It happens on both sides.

“There’s no logical contradiction in thinking that Hillary Clinton and her campaign behaved unethically and that Russian propagandists manipulated the election on behalf of the candidate they favored.”

But to the extent that the elections were influenced by leaks it’s not Russia’s fault. Russia didn’t do anything wrong. There was nothing wrong with leaking the information. It’s the fact that the candidates had something to hide that could change how voters vote that’s the problem. The problem is with Hillary, if she lost due to the leaks it’s only her own fault, she shouldn’t have been involved in stuff in ways that voters disagree with in the first place. We have a right to know who we are voting for.

Anonymous Coward says:

Honestly right now based on anecdotal evidence from these news reports (so completely worthless when it comes to taking action) I side that Russia was behind the hacks or sponsored the hacks in some way.

Separately: According to news reports, Russia has now come back effectively saying “We are going to do no retaliation until we see how friendly Trump is to us”. Based on past remarks, I think it will be fairly friendly. But I imagine that it will end up just being a rebuke of Obama’s actions.
I doubt even Trump is dumb enough to reverse the actions and let the banned officials back in the country, but he has surprised me before with how much he is willing to back Russia.

Anonymous Coward says:

Obamy has been whipped like a cur

Some diplomat… Obama has been shown up by that dipshit Putin time and time again…

This is YOUR so called MAN democrats! And you wonder why your spineless “agents” did not get elected this time around? A less democratic nation is SCHOOLING YOU… the DEMOCRATS! This joke of a presidency will not end soon enough. Now I get to sit around and watch the “Twitter Troll” work on the mess that Obama left behind. Remember you losers… you are more responsible for the Trump victory than the republicans and you are too stupid to even understand why!

Putin’s Response to Olbamy Boy:

“We regard the recent unfriendly steps taken by the outgoing US administration as provocative and aimed at further weakening the Russia-US relationship. This runs contrary to the fundamental interests of both the Russian and American people. Considering the global security responsibilities of Russia and the United States, this is also damaging to international relations as a whole.

As it proceeds from international practice, Russia has reasons to respond in kind. Although we have the right to retaliate, we will not resort to irresponsible ‘kitchen’ diplomacy but will plan our further steps to restore Russian-US relations based on the policies of the Trump Administration.

The diplomats who are returning to Russia will spend the New Year’s holidays with their families and friends. We will not create any problems for US diplomats. We will not expel anyone. We will not prevent their families and children from using their traditional leisure sites during the New Year’s holidays. Moreover, I invite all children of US diplomats accredited in Russia to the New Year and Christmas children’s parties in the Kremlin.

It is regrettable that the Obama Administration is ending its term in this manner. Nevertheless, I offer my New Year greetings to President Obama and his family.

My season’s greetings also to President-elect Donald Trump and the American people.

I wish all of you happiness and prosperity.”

Anonymous Coward says:

Re: Re: Obamy has been whipped like a cur

The facts are fairly evident and abundant in the news right now in fact, if you need THAT much hand holding to figure them out then I am afraid there is no assistance for you friend!

But I can tell you the point, though I am certain that you will not get it.

The point is that Democrats cause the very things they claim to wish to solve or prevent. You guys have never met a solution that causes more trouble than it solves that you did not love!

Anonymous Coward says:

Re: Re: Re:2 Obamy has been whipped like a cur

Perhaps you folks don’t understand…

Go do the work for yourself. If you have the time to pay my comments any finger time, you can google, yahoo, or just plain look at history and current events to figure it out.

But here is a freebee! Had this been Trump doing this, it is pretty clear that you crybabies would be filling the streets with rivers to crocodile tears. Obama’s behaviors with several other states like Iran, China, and Cuba are very revealing. Obama would rather dick with Trump and use the Nation to do it with. No man can be a worthy leader and do this!

Anonymous Coward says:

Re: Obamy has been whipped like a cur

Please provide independent and unbiased evidence where Obama was actually “schooled”. A PR from Putin really does not count since that is inherently biased and just words on a page. Actions count far more than that.

Also provide any evidence that Trump will be tougher on Putin than Obama in any way.

Anonymous Coward says:

Re: Re: Re: Obamy has been whipped like a cur

I doubt that. It seems that Trump is willing to bow to anyone who will stroke his ego or fill his wallet.
I believe he is generally antagonistic to Putin. But I also believe that Putin has many, many, many pieces of leverage over Trump that he can use to force Trump to capitulate.

All Putin needs to do is tell Trump that his next building project in Russia will be very profitable if he capitulates or that Trump will never be able to build in Russia again if he does not.

Anonymous Coward says:

Re: Re: Re:2 Obamy has been whipped like a cur

Why do you doubt it? Trump has already proven it.

But you are right about Trump’s ego problem. The real question is how much is that Ego going to benefit or harm us? Trump has already made it clear he will take a financial loss over his business ideals where his ego is concerned so that question is more, does Russia/Putin rub him the wrong or right way and when?

Anonymous Coward says:

Re: Re: Obamy has been whipped like a cur

“Please provide independent and unbiased evidence where Obama was actually “schooled”.”

Ha ha ha… this is why you cannot be educated.

‘Unbiased’ does not and will NEVER exist. Do yourself a favor and stop now because you are not worth educating until you understand that nothing comes without a bias.

And I am independent, so that request has already been fulfilled. I dislike both parties along with Obama and Trump, so it is likely I am less biased than most of you, but that still does not make me unbiased!

In fact, I am the type of truth everyone hates because I attack all stupidity even my own when I happen upon it or when it is legitimately pointed out. This pisses an enormous amount of people off including myself. It’s okay, it does suck to be alone, but it is better than grazing in the same pasture as the rest of you sheep.

Think of me as being more like Mark Twain in that he was a misanthrope. I generally dislike people because you cannot prevent yourselves from becoming hive minded. You join groups and cheer for teams while bashing others for the very things you do yourselves.

At the end of the day, all rule of law is decided by either the majority or those with power. All law is one man’s or group of people enforcing their believe on another group. Be it secular or religious it is all the same.

You need to find a holodeck or something where you can live our your juvenile fantasy of wanting unbiased information.

Anonymous Coward says:

Re: Re: Obamy has been whipped like a cur

passive aggressive still breaks just as much shit.

Wearing a nice face while talking down to people might be a little more sinister don’t you think? If the only objective is to just be be more condescending than the other, then I can honestly say democrats have that over the republicans.

but at the end of the day, it will always be the grunt work… the boots in the mud and crud that gets the real work done!

If you are so foolish as to believe you can remain clean and without offense in regards to discourse then you live in a fantasy, which is all too common for all of the everyone gets a trophy for participation snowflakes!

You guys are acting like I am the first one to cause offense, when it was Bamy that went tits up first!

Anonymous Coward says:

Re: Re: Re: Obamy has been whipped like a cur

Condescension is still an insult.

passive aggressive still breaks just as much shit.

Quite the whiny bitch you are, aren’t you? Complaining about being insulted while saying If you are so foolish as to believe you can remain… or Ha ha ha… this is why you cannot be educated.

Seriously, just fuck off.

Anonymous Coward says:

How the heck can the elections even be ‘hackable’ in the first place? Why are they connected to the Internet? We never had this problem in the past.

I know the answer to that. It’s a very simple and petty answer. The answer is that if the outcome of the elections are not the intended outcome they can just blame it on hackers. This is why this problem won’t ever be fixed.

EducateDontBerate says:

Fireside message time

Time for the president to sit down in front of that cozy fire, call the broadcast media up and tell them to air a public message and explain what computer security is using the government’s definition.

It might shock a lot of people how insecure their lives really are and how few corporations that handle their data outside of the banks really put stock into securing systems in real time – For consideration both the RNCC and DNCC are corporations…

Anonymous Coward says:

Re: Fireside message time

In reality this nation is so divided ideologically no matter what he says the needle won’t move at all.

Even if there is verified proof. Even if the administration gives direct evidence for independent verification. Even if Putin himself said he did it and would do it again. Even if there is simultaneously as the chat a Red Dawn style invasion by Putin on American soil — A significant number of the opposing party would immediately denounce the evidence as false and political maneuvering just because Obama said it.

Anonymous Coward says:

It’s a decent parting FU to the Trump Administration. This is something they have to repeal as opposed to fail to enact. I think the rights growing infatuation with the religiously conservative white supremacist policies of Russia will have to be made more clear. If that’s going to be the case going forward, so be it, but the administration should have to own it.

Tin Samuel says:

Much ado about nothing

Let’s be clear about something. The DNC is an NGO. They are not part of the government. The RNC is also an NGO. Neither has any amount of meaningful power in 1. How elections are conducted, and 2. the methods and mechanisms that conduct said elections.

Unless the definition of tampering with elections has been radically expanded to include NGO’s, there is no cause or reason to believe that Russia has “interfered with elections.”

Nobody’s even making the allegation that the systems of the election were hacked, tampered with, or even that the information that Russia allegedly posted to WikiLeaks was tampered with.

Exposing a candidate’s own words is not tampering with elections. It’s journalism. The only reason we’re appalled by it is because we haven’t seen journalism in this country for decades. And if Russia is indeed behind it, we should be thanking them.

JMT says:

Re: Much ado about nothing

Russian agents hack both parties.
Russian agents prefer Trump as president, as that would strengthen their world position.
Russian agents realise only damaging Democrat emails, the subjects of which become major focal points for the election campaigns.

Sorry but that’s not ‘journalism’, that’s basically social engineering to attempt to swing more votes to your preferred candidate. Do you really think there was absolutely nothing newsworthy in the Republican info taken?

You’d expect this from an opposition party, but not another country. Your third paragraph is completely correct, because it turns out they didn’t need to do any of those things to get the desired result.

kehvan (profile) says:

Wait a sec, isn't this supposed to be Techdirt?

You guys are technically savvy, right?

Well, if so, then I’d think you know and understand the basics of phishing scams and computer security, and so holes in this story are obvious… For instance…

Isn’t anyone going to tear apart those ridiculous multistep flow charts the Dept. of Homeland Security put out? Those flowcharts actually obscure the simplicity of a phishing scam, making it seem as if it’s complicated and high tech. It isn’t. It’s just an email socially engineered to convince the recipient that it’s a legitimate email, which then leads the recipient to install malicious software.

Isn’t anyone going to point out it was the idiocy of John Podesta and DNC staff who compromised their email server? After all, they fell for these phishing scams, which most everyone who has email must contend, and in falling for these scams they compromised their own security. Republicans didn’t do it to them, Trump didn’t do it to them, and if Russians had anything to do with it, it’s by virtue of the fact there are phishing rings run out of Russia.

And isn’t anyone going to point out it was Hillary’s own actions that lead to her email server fiasco? Hillary Clinton quit as Secretary of State in 2012, and kept her homebrew secret email server secret another 2 years until the New York Times stated the obvious, emails between Hillary and DoS staff wasn’t between two .gov email addresses, but between clintonemail.com and a .gov. Did Trump force Hillary to do this too?

If you are going to believe all this hook, line and sinker, then it was seem the Russians and Trump would have to been planning this thing for at least four years.

Anonymous Coward says:

Re: I have the answer

You claim there is no proof while others claim there is, what do you say to them?


Even if the attack(s) came from a Russian address space, addresses can be spoofed – also it could have been routed thru a russian proxy. Is this the reason you claim there is no proof or are you claiming there was no attack at all ever?

Anonymous Coward says:

So Congress is concerned about foreign intrusion into the Federal government huh?

Considering that Citzens United v. FEC made it possible for multinational corporations with foreign interests to finance their campaigns, I would think the concern would be that Congress _IS_ a foreign intrusion into government.

Of course the most obvious question when hearing all this bullshit, is “Is it the first time? How frequently does this actually happen?”

And the way you know that the unholy trinity of cabal news is just three outlets for the same propaganda feed, is that none of them ask that question.

But for anyone who would like to know the answer, it is this:

It isn’t the first time, or even the tenth that one or more state agencies has been seriously compromised by state actors over the Internet. While these events are largely forseeable and preventable, they go unprevented. The reason is the same reason that massive consumer computer fraud isn’t prevented.

The banks make their bones on the juice. They don’t give a fuck who robs who, as long as it creates a higher transaction count. And this basic dynamic is the fundamental purpose of EEE, and why good technologies get raped, while bad ones get proginated by billion dollar companies.

And yeah, I have the tech to know what time it is. But it really is pointless to discuss this at that level. It would be like standing on the deck of the Titanic and clapping for the violinists. It won’t stop the boat from sinking.

What the Russians did or didn’t do is irrelevant. The fact that this is only being talked about now, after more than a decade of criminally negligent infosec management, is telling. Regardless of whether there is a problem, these guys aren’t interested in solving it. If anything things will be made worse by the increased intrusion by malevolent narcissists into matters of engineering.

What MAY happen, is these jerkoffs stir up such a hornets nest that they create a national imperative, (as they are wont to do) and it results in a whole lot of Americans dying in one of a variety of foreign shit holes. IMHO that is what McCain is up to. More camera time for him, more lead shot into America’s sons.

If their intent or understanding was genuine in any way, they would just shut the fuck up, and start some anti-trust legislation. Because that moves more shit out of the way of this problem, than anything else.

Anonymous Coward says:

Seth Rich

Why is the left wing media treating the “Russia did it” as fact without proof? To me the timing of the murder of DNC Director of Voter Expansion Data Seth Rich at the same time of the first leaks was a little too coincidental. “Robbers” in DC that don’t steal anything from the victim? Not very believable to call him a robbery victim if nothing was stolen.

Wikileaks offered $20k for information leading to the identity of the killer while the DNC “honored” Seth Rich with a bike rack.

Doesn’t add up to Russia Russia Russia. More like a leak from inside the DNC. And we are all being fed this bullshit by the MSM, while Obama signs away the First Amendment to the US Constitution.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...