US Gov't Officially Accuses Russia Of Hacking... Question Is What Happens Next

from the this-is-unlikely-to-end-well dept

It's been quite a crazy Friday, and in the midst of it all, the US government finally came out with an official accusation that Russia is behind various hack attacks concerning the US election:
The U.S. Intelligence Community (USIC) is confident that the Russian Government directed the recent compromises of e-mails from US persons and institutions, including from US political organizations. The recent disclosures of alleged hacked e-mails on sites like DCLeaks.com and WikiLeaks and by the Guccifer 2.0 online persona are consistent with the methods and motivations of Russian-directed efforts. These thefts and disclosures are intended to interfere with the US election process. Such activity is not new to Moscow—the Russians have used similar tactics and techniques across Europe and Eurasia, for example, to influence public opinion there. We believe, based on the scope and sensitivity of these efforts, that only Russia's senior-most officials could have authorized these activities.
The same report says that they don't (yet) have enough information to also accuse Russia of the recent hacks on state election computers:
Some states have also recently seen scanning and probing of their election-related systems, which in most cases originated from servers operated by a Russian company. However, we are not now in a position to attribute this activity to the Russian Government.
But they also stick with the party line that actually hacking the election would be difficult:
The USIC and the Department of Homeland Security (DHS) assess that it would be extremely difficult for someone, including a nation-state actor, to alter actual ballot counts or election results by cyber attack or intrusion. This assessment is based on the decentralized nature of our election system in this country and the number of protections state and local election officials have in place. States ensure that voting machines are not connected to the Internet, and there are numerous checks and balances as well as extensive oversight at multiple levels built into our election process.
Of course, people have been pointing the finger at Russia over these hacks for a while, and according to various reports there's been widespread debate within the Obama administration about making a public accusation. There are two main issues here:
  1. Attribution for computer attacks is really really difficult. No one knows for sure, and there are ways to spoof where attacks come from. There does appear to be quite a lot of evidence pointing back at Russia for these hacks, so it does seem like a safe bet. But that doesn't mean it's definitely them. It would be nice if people gave actual confidence values when they make statements like these, but no one in politics ever does that these days.
  2. The much bigger question is what comes next. There are political benefits and costs to naming Russia. But the big thing here is that by naming Russia, it gives the US government more leeway to do something in response. And, as we warned many months ago, this is a horrifically bad idea. It will only escalate matters and make things worse overall.
As I noted just the other day, cybersecurity should be a defensive game. Going offensive is really, really dangerous, because things will get worse, and we really don't know what the capabilities of the other side(s) truly are. Focus on protecting critical infrastructure, not on some meaingless symbolic strike back.

But, of course, in this day and age, people seem to feel that every action requires some sort of reaction, and in a computer security realm, that's just stupid. But it seems to be where we're inevitably heading. The cybersecurity firms will get wonderfully rich off of this. But almost everyone will be less safe as a result.

Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    Anonymous Coward, 7 Oct 2016 @ 8:46pm

    Pot calling kettle black

    and

    a good offence is the best defence


    Mayhaps

    reply to this | link to this | view in chronology ]

    • icon
      Padpaw (profile), 8 Oct 2016 @ 1:05am

      Re: Pot calling kettle black

      until it ends in nuclear fire worst case. When it comes to a corrupt government versus another corrupt government all bets are off.

      reply to this | link to this | view in chronology ]

    • icon
      ECA (profile), 8 Oct 2016 @ 12:00pm

      Re: Pot calling kettle black

      I was going to say that..
      Every analysis I look at has MORE hacking being sent by our own Gov. then we are getting..
      You would THINK they would Learn something, LIKE.. setting up BS sites, and not installing ANYTHING REAL on gov. sites..

      reply to this | link to this | view in chronology ]

    • identicon
      Andy, 8 Oct 2016 @ 9:24pm

      Re: Pot calling kettle black

      Exactly what i was thinking , America is guilty as hell for attacking other countries and using hacking as a major tool in there box of tricks. Now that they are getting the same treatment that they are guilty of they cry foul.

      American politicians are just as guilty of crimes as Russia is and both deserve each other, the problem is that if they have a war they will end up using nukes and destroying us all.

      reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 10 Oct 2016 @ 5:18am

      Re: Pot calling kettle black

      ...consistent with the methods and motivations of Russian-directed efforts.

      Also consistent with the methods and motivations of US-directed efforts. Does that prove the US is hacking itself?

      reply to this | link to this | view in chronology ]

  • identicon
    briny, 7 Oct 2016 @ 8:51pm

    If it's important here...

    ... it's off the Internet. I really, really don't want to get caught in the cross-fire and that was even before ransomware became such a thing. This could seriously escalate with bad attribution although given the data we currently have, I'm very comfortable they have it correct.

    reply to this | link to this | view in chronology ]

    • identicon
      LAquaker, 10 Oct 2016 @ 12:01pm

      Re: If it's important here...

      Ten years ago a few Pre-Election Observers(a thing) from the Los Angeles Green Party were invited to spend an hour touring of the vote counting process at the County Recorder's Building in Norwalk, a place with more chads then all of Florida!
      Twelve 'Tally Machines' each had a 'donated' Dell computer in parallel, each using the same keyboard and mouse as the Secretary Of State 'certified' tally machine it sat under.
      A small closed room had a 6foot tall 19" rack donated by Cisco running, but the bureaucrats promised to turn off the Cisco machine on election day.
      The mother tally machine had Cat5 cables running into the t-bar ceiling tiles overhead, but the bureaucrats swore the boards they were jacked into were not actual 'LAN' modems, but something elce. Two of the four walls of the 4,000sqft room were second-floor external glass walls.

      reply to this | link to this | view in chronology ]

  • identicon
    Unanimous Cow Herd, 7 Oct 2016 @ 9:44pm

    Keep calm..

    and embrace the suck!

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 7 Oct 2016 @ 11:53pm

    Our government knows where Jimmy Hoffa is too.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 8 Oct 2016 @ 12:41am

    he hacked me client

    war is the answer

    said no live person

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 8 Oct 2016 @ 5:17am

      Re: he hacked me client

      Actually .. fwiw - it was said, by more than one politician, that a hack attack upon the us would result in a real world conflict.

      reply to this | link to this | view in chronology ]

  • icon
    Padpaw (profile), 8 Oct 2016 @ 1:04am

    Somehow I think the US government's defense "its not an international crime when we do it" will not hold any weight to Russia.

    Especially since they keep getting exposed for intentionally hacking foreign governments so much.

    reply to this | link to this | view in chronology ]

  • icon
    Peter (profile), 8 Oct 2016 @ 4:07am

    Such activity is not new to [Washington]—the [Americans] have used similar tactics and techniques across Europe and Eurasia [- in fact, across the entire world], for example, to influence public opinion there. We believe, based on the scope and sensitivity of these efforts, that only [America]'s senior-most officials could have authorized these activities.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 8 Oct 2016 @ 5:19am

      Re:

      "senior-most officials could have authorized these activities."

      Senior positions at a TLA - possibly, in the administration ... direct knowledge is less likely.

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 8 Oct 2016 @ 4:15am

    Notice they never said the information was false. Oh the horrors of Russia telling Americans the truth! Albeit an edited version.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 8 Oct 2016 @ 4:51am

    Is somebody preparing the ground to declare the election results invalid?

    reply to this | link to this | view in chronology ]

  • icon
    roebling (profile), 8 Oct 2016 @ 5:15am

    Democrat PSA--Propaganda Surrogate Announcement

    reply to this | link to this | view in chronology ]

  • identicon
    Capt ICE Enforcer, 8 Oct 2016 @ 5:54am

    No hack possible.

    Listen my fellow Americans, and residents, and foreigners here either legally or overstayed uour visit because the US is a great place to live. The voting machines can not be hacked due to separate unique hard coded admin passwords being separate for each state. For instance in Alaska the admin rights password is Alaska123, which will not work in Alabama where that password is Alabama123. It is a full proof, hack proof password.

    So rest assured the system is safe

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 8 Oct 2016 @ 6:01am

    Just what we need. A pissing match between the US government's script kiddies and the Russian script kiddies. This time both groups are backed by governments armed with nuclear weapons.

    Someone needs to point out that no matter who wins the pissing contest, at the end of the day, you still have to live with a lot of piss all over the darpet.

    reply to this | link to this | view in chronology ]

  • identicon
    Capt ICE Enforcer, 8 Oct 2016 @ 6:06am

    Fair treatment

    Well when the US hacked numerous computers and launched cyber weapons nobody counter attacked us. So we should offer the same courtesy as the rest of the world and focus on defense rather than attack attack attack mentality. Otherwise someone may just get upset enough to push some buttons and shut down our critical infrastructure. Which would suck cause I like running water and power.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 8 Oct 2016 @ 6:46am

      Re: Fair treatment

      Hillary gave a speech to the Veterans a while back (no one showed up so it didn't get much press) but she stated that as POTUS she would respond to cyberhacks with a military response.

      After decades of the US hacking the planet she just opened up the door for any country to respond to our cyber aggression with a show of force. I've already retrofitted one of my wells with an old school hand pump and will be starting a food plot in the spring. Dark days ahead if she gets elected.

      reply to this | link to this | view in chronology ]

    • icon
      Padpaw (profile), 8 Oct 2016 @ 1:42pm

      Re: Fair treatment

      they deliberatly picked on weaker targets than themselves. A bully can only be a bully if he beats up smaller people than himself. The moment he starts picking on someone of equal or larger size he is in for a fight.

      reply to this | link to this | view in chronology ]

    • identicon
      Wendy Cockcroft, 11 Oct 2016 @ 5:26am

      Re: Fair treatment

      Can we make this First Word, please?

      reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 11 Oct 2016 @ 11:25am

      Re: Fair treatment

      "push some buttons and shut down our critical infrastructure"

      Three mile island, Chernobyl and Fukashima were not caused by natural disasters or hackers. They were caused by failures in management. Typically as a result of executives cutting corners, and relying on "nerd harder" as a means of making their bonus.

      Who needs state actors when you have domestic malevolent ignorance?

      The unfortunate truth is that if the engineer at Fukashima who said "gee whiz, it doesn't matter how many generators you have if they are ALL UNDER FUCKING WATER", had been taken seriously lives could have been saved. And you know he was there. He's always there. That is why he gets hired.

      Once you've been around the block, you've seen shit like this happen. I cringe every time. Typically some frat boy middle manager laughing at one of his charges, who's trying in vain to save that managers job and the company a lot of money.

      And I know that HRC is exactly that kind of boss. I know because I see her laugh at people who have genuine convictions that are often very similar to the convictions she tries to sell as her own.

      Drone me bitch. I've seen you before. You're not getting my vote.

      --A former Democrat in the Commonwealth of Virginia

      reply to this | link to this | view in chronology ]

  • icon
    hmayle (profile), 8 Oct 2016 @ 6:08am

    I have one word for the US government : Stuxnet

    reply to this | link to this | view in chronology ]

    • identicon
      Jim, 8 Oct 2016 @ 7:02am

      Re:

      Wrong government, it was proven to be some other government strongly allied with the US government. Take off the Rose colored glasses and re read the past.

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 10 Oct 2016 @ 5:29am

        Re: Re:

        Wrong government, it was proven to be some other government strongly allied with the US government.

        Link to this "proof", please.

        Take off the Rose colored glasses and re read the past.

        You mean "re-write" history, my little shill friend?

        reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 8 Oct 2016 @ 6:34am

    It would be nice,

    if there was some integrity to the U.S. intelligence reports. I would LIKE to think something other than:

    "Gee, I guess Clinton finally sealed the deal. I wonder whether it will be a 5% or 10% budget increase?"

    You have to ask: How many of the exploits used, were known to the NSA and never disclosed to the software companies responsible for them? Every indicator, is probably most of them.

    So who's on who's side? How can they be on the United States, when they willfully neglect known exploitation of the Constitutional rights of the American people, and in many cases facilitate abuses against those rights?

    So even if the Russian DID do what their accused of, ultimately the responsibility is domestic. "If you see something say something." Snowden saw something, and he said something, and now he is a political refugee.

    The only "them vs. us" issue in the United States, requires no military intervention. In fact the Posse Comitatus act specifically restricts it.

    reply to this | link to this | view in chronology ]

  • identicon
    Unanimous Cow Herd, 8 Oct 2016 @ 8:35am

    $%#@!

    The idiots in charge are going to get us all killed. WTF can we do to stop these morons?

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 10 Oct 2016 @ 5:32am

      Re: $%#@!

      The idiots in charge are going to get us all killed. WTF can we do to stop these morons?

      Some people look at it as "kill or get killed".

      reply to this | link to this | view in chronology ]

  • identicon
    John Mayor, 8 Oct 2016 @ 8:55am

    THE CERTAINTY OF THE UNCERTAINTY PRINCIPLE

    Well!... if one could establish that there is human cancer, and isolate its position in a given human system, it would be efficient and effective to try and take it out! Nevertheless!... I agree!... indiscriminately bombarding the cancer with radiation (i.e., or ICT hacks, with aggressive political and military acts!), may only increase metastisization of the cancer (see, http://www.greenmedinfo.com/blog/study-radiation-therapy-can-make-cancers-30x-more-malignant)!
    .
    What you want to do in the treatment of human cancer!... like ICT cancers!... is adhere to the Uncertainty Principle, in Quantum Mechanics! In fact, no Oncologist (or ICT SECURITY POLICY ANALYST, or TECHNICIAN!) anywhere in the world today, should be one, without an understanding of the Uncertainty Principle, in Quantum Mechanics!
    .
    And to sum up... the day we move to Quantum Computers, is the day the Uncertainty Principle will be REQUIRED READING!
    .
    Please!... no emails!

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 8 Oct 2016 @ 10:47am

      Re: THE CERTAINTY OF THE UNCERTAINTY PRINCIPLE

      So, what you are saying is that one changes the physical characteristics of cancer simply by observing it?

      I would like to see the data which supports this undocumented theory.

      reply to this | link to this | view in chronology ]

      • identicon
        John Mayor, 8 Oct 2016 @ 1:37pm

        Re: Re: THE CERTAINTY OF THE UNCERTAINTY PRINCIPLE

        Shhhh!... go back to sleep!... you need the rest!
        .
        Please!... no emails!

        reply to this | link to this | view in chronology ]

        • identicon
          Anonymous Coward, 8 Oct 2016 @ 2:58pm

          Re: Re: Re: THE CERTAINTY OF THE UNCERTAINTY PRINCIPLE

          Such a witty reply, but where is the data?

          reply to this | link to this | view in chronology ]

          • identicon
            John Mayor, 8 Oct 2016 @ 6:49pm

            Re: Re: Re: Re: THE CERTAINTY OF THE UNCERTAINTY PRINCIPLE

            Well!... since Independence Day, I think he's doing Stand Up Comedy Reviews! As for the Uncertainty Principle, it is... OBVIOUSLY!... beyond your reach!
            .
            Please!... no emails!

            reply to this | link to this | view in chronology ]

            • identicon
              Anonymous Coward, 9 Oct 2016 @ 11:10am

              Re: Re: Re: Re: Re: THE CERTAINTY OF THE UNCERTAINTY PRINCIPLE

              Apparently you did not understand the question, or simply refuse to answer it. This implies that communication is out of your reach.

              reply to this | link to this | view in chronology ]

    • identicon
      Capt ICE Enforcer, 8 Oct 2016 @ 11:17am

      Re: THE CERTAINTY OF THE UNCERTAINTY PRINCIPLE

      Ouch. Mind Blown!

      reply to this | link to this | view in chronology ]

      • identicon
        John Mayor, 8 Oct 2016 @ 1:46pm

        Re: Re: THE CERTAINTY OF THE UNCERTAINTY PRINCIPLE

        Sorry!... I didn't mean to blow your mind! I hope there's enough grey matter left to script a FURTHER "L-U-C-I-D C-O-M-M-E-N-T"!
        .
        Please!... no emails!

        reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 8 Oct 2016 @ 10:00am

    "There are political benefits and costs to naming Russia."

    What benefits? Serious question.

    reply to this | link to this | view in chronology ]

  • icon
    ot (profile), 8 Oct 2016 @ 10:08am

    It is worrisome to think of the unintended (or intended) consequences of making an issue of behavior by the Russians which we also do to them. interesting this finger pointing comes up as some are blaming Clinton/dnc for "fixing" the primaries. given the history of "Clinton contamination" I prefer beefing up onsite controls in our own systems. hard to believe we are mirroring the status of a banana republic re: "free" elections. in any event as we are unable militarily to close the deal against Iraq and Afghanistan in 13 short years of war I am tired or the bull krap from the military/industrial/surveillance complex.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 8 Oct 2016 @ 10:53am

    Does Obama realize how weak this makes the US look?

    Mommy, Mommy, Vladimir hit me! Waaaaah!

    What ever happened to "speak softly, and carry a big stick"?

    A great America wouldn't get mad; it would get even.

    reply to this | link to this | view in chronology ]

  • icon
    afn29129 (profile), 8 Oct 2016 @ 11:15am

    How insecure our systems really are

    Revealing just how insecure our systems really are. Egg on face USA.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 8 Oct 2016 @ 12:55pm

    Or it could just acutaly be Russia

    Or it could just acutaly be Russia and I suppose the US could just sit on their ass knowing that it was Russia until they get impossible 100% proof.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 8 Oct 2016 @ 9:33pm

    What?

    "Russia's senior-most officials"

    "senior-most" ? This is awkward use of the English language. Have they been hacked? The statement looks incredibly amateur, with no citations and awkward grammar. E.g.

    "the decentralized nature of our election system in this country"

    This country in contrast to what exactly? Mozambique? By using "OUR election system" is not "THIS country" implied?

    If they want to be taken srsly, they need to stop with the 13yr old interns.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 9 Oct 2016 @ 5:35am

    Stupid easy fix.

    There is a stupidly easy fix for this... Stop using the Internet for transport.

    The US government need only purchase dedicated data connections from the Telcos that NEVER touch the Internet. Yes, it will cost more but, it also becomes a lot harder to hack as the hacker would need a direct access point.

    reply to this | link to this | view in chronology ]

  • icon
    Paraquat (profile), 9 Oct 2016 @ 7:03am

    Windows XP, an operating system you can trust

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 9 Oct 2016 @ 11:01pm

    So, considering what the "intelligence" services do.........russia commited no crime

    Cant have it both ways self proclaimed good guys.......clean up your home, then you might, i stress, might start deserving your moral highground


    And just so theres no confusion

    Fuck all war
    Fuck all spying
    Fuck all authoritarians

    reply to this | link to this | view in chronology ]

  • identicon
    Whatever, 9 Oct 2016 @ 11:11pm

    What happens next is the US pulls Snowden out of Russia, and plant his ass in a prison. Or a bullet in his brain for turning the country over to the enemy.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 9 Oct 2016 @ 11:27pm

    It worked.......with this news ive completely forgotten about the suspiciously recent yahoo scandel, hell, with one or two more stories i might applaud that thing i didnt like before

    Love
    Sheep

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 10 Oct 2016 @ 8:15am

    Aaaaah! The Russians are interfering with our elections!

    No. That would be the FBI, by refusing to uphold their oath to enforce the law and protect the Constitution of the United States.

    Even if there was Russian disinformation, it is within the FBI's pervue to review the related documents. And if their are people preventing them from doing that, Their job is to ARREST those people.

    There is certainly enough in the public domain to bring charges. So the silence coming out of the Hoover building says all that needs to be said.

    It is not a matter of corrupting the election. That has already happened. The question now is now is how to restore the infrastructure that was instituted for the purposes of upholding the Constitution, and the electoral process.

    -- A Voter from the Commonwealth of Virginia

    reply to this | link to this | view in chronology ]

  • identicon
    Jim B., 10 Oct 2016 @ 10:46am

    Russia Accuses the US of Hacking

    Russia officially accuses the US of various hacks.

    I don't get it. How are we righteous and they aren't? Besides the US doesn't know for sure. It's all still speculation.

    reply to this | link to this | view in chronology ]

    • icon
      That One Guy (profile), 10 Oct 2016 @ 5:43pm

      Re: Russia Accuses the US of Hacking

      Because 'murica. Everything is okay when it's done in the name of Freedom(and/or 'National Security: Be Afraid')!

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 10 Oct 2016 @ 5:35pm

    "US Gov't Officially Accuses Russia Of Hacking... Question Is What Happens Next"

    A bunch of pointless finger pointing. That's all I can think of ...

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 11 Oct 2016 @ 2:36am

    Missing the Obvious

    Everyone is missing the obvious.

    Yahoo! having 500 million accounts compromised because they had government code running in the kernel as a back door is exactly why you can't allow back doors into systems.

    This is all the evidence anyone who wants to refute the government's nerd harder argument ever needs to make.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 14 Oct 2016 @ 8:06am

      Re: Missing the Obvious

      "is exactly why you can't allow back doors"

      This is a great point. If you don't mind me extending it a bit. If is fair to consider that blowing up Yahoo may have been market manipulation, rather than negligence.

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 13 Oct 2016 @ 5:42pm

    We obviously need to get Elizabeth McCord involved in this, she knows how to handle those pesky Russkies :-)

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Follow Techdirt
Techdirt Gear
Shop Now: Caution: Copyright
Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.