from the disinformation-nation dept
Roughly a year ago you might recall that numerous outlets happily parroted claims that the DNC wasn’t hacked by Russian intelligence (as latter reports would make clear), but had somehow actually hacked itself. The theory was never particularly well cooked, though outlets like The Nation ran with it anyway, claiming that “forensic investigators, intelligence analysts, system designers, program architects, and computer scientists of long experience and strongly credentialed” had all collectively unearthed undeniable evidence that the DNC had committed cyber-seppuku.
The widely-circulated report leaned heavily on a published memo by Veteran Intelligence Professionals for Sanity (VIPS), a collection of former intelligence experts and whistleblowers like William Binney and Ray McGovern. It also leaned heavily on the input of several, anonymous, self-professed “computer forensics investigators” who, the news outlet informed readers, had “split the DNC case open like a coconut,” providing incontrovertible evidence that Russian intelligence played no role in the now-legendary breach.
But the entire claim was little more than fluff and nonsense.
As we noted at the time, The Nation story relied heavily on the allegation the stolen files must have been copied locally to USB by a DNC insider because, as The Nation claimed, “no Internet service provider was capable of downloading data at this speed” (22.7 megabytes per second). In reality, 22.7 megabytes per second was simply a 180 Mbps connection, widely available around the world at the time the DNC hack took place. That includes Romania, the country that the Russian cutout Guccifer 2.0 pretended (at the time) to have originated from.
We weren’t alone in pointing out that the story was flimsy, relied largely on cherry-picked evidence, and frequently stumbled into the realm of the “incoherent.” And it’s only gone downhill since. The Nation was forced to review the report, adding a meandering preamble to address criticism. In the year since, reports have forged a new infosec community consensus that yes, Guccifer 2.0 was GRU, and had been amusingly caught because Russian intelligence forgot to activate its VPN before logging into the bogus persona’s WordPress site on one occasion (one of several opsec errors made by Russian intel).
But at the time, any reporter that dared report on the emerging links between Russia and the hack were quickly smeared by a website custom built to try and downplay any Russian connection. The creator of the website went by the name of Adam Carter, who was broadly cited as a respected “independent researcher” in The Nation and other unskeptical reports. Carter’s website, a collection of half-cooked straw men and conspiratorial faux-technical nonsense, also took time to go after Techdirt, claiming our pretty rudimentary analysis of the theory’s principle error was “pedantic, sleazy & condescending” (thank you).
Fast forward to this week, and a new Computer Weekly report notes that Carter wasn’t much of an intelligence expert or “researcher” at all. He was, according to infosec reporter Duncan Campbell, a British IT manager and shitposter from Darlington, working in concert with U.S. trolls on a widespread online disinformation effort to downplay and discredit any and every connection between the DNC attack and Russia:
“The campaign is being run from the UK by 39-year-old programmer Tim Leonard, who lives in Darlington, using the false name ?Adam Carter?. Starting after the 2016 presidential election, Leonard worked with a group of mainly American right-wing activists to spread claims on social media that Democratic ?insiders? and non-Russian agents were responsible for hacking the Democratic Party.”
The story is long and incredibly weedy, so it’s going to be overlooked by many who lack patience or attention span during an oft-apocalyptic news cycle. But it’s definitely worth winding your way through and fully digesting to understand the sheer scope of the effort. Especially if you’re interested in understanding how incoherent internet bullshit has been industrialized and weaponized on an international scale for relatively little money.
Campbell methodically spent months tracking down Carter’s real identity, noting his tactic of pretending to be combating disinformation while actively spreading it around the internet, from his g-2.space website (which he built on the back of an employer’s server without their apparent knowledge), to the bowels of Reddit’s r/conspiracy subreddit, where he was routinely found feeding baseless conspiracy theories to the aggressively gullible. Campbell states Leonard attempted to lend credibility to the theories by co-creating a second fake identity known as “Forensicator” (also cited by media outlets as a real, but anonymous intel expert).
Campbell states that this analysis (again: bogus insight created by fake people), was then recirculated by an “independent” outlet by the name of Disobedient Media, which utilized Carter as a “technology correspondent” (they’re understandably none too happy with Campbell’s reporting). According to Campbell, Disobedient media has played more than a passing role in spreading conspiracy theories internationally, usually with the help of forged documents:
“Disobedient Media is a so-called ?independent media? site that describes ?Adam Carter? as its technology correspondent. It claims to ?bring honesty and integrity back into journalism?. The site has recycled paedophile allegations directed at Hillary Clinton and fellow democrats, and has made repeated attempts to frame murdered DNC official Seth Rich. Newspapers in France, Germany, Spain and Britain have identified Disobedient Media as an epicentre of Russian-backed attacks on Europe, using forged documents, including smears against Angela Merkel, Sadiq Khan and Emmanuel Macron.
While it’s easy to dismiss this as just some incoherent rambling by the 4chan / Qanon conspiracy set, the report notes how some of the effort’s “evidence” comically-managed to worm its way into White House policy circles. That was courtesy of William Binney, who met with CIA director Mike Pompeo at Trump’s request to dig deeper into the “DNC hacked itself” conspiracy. Nothing appears to have come of that meeting (because again, the whole DNC hacked itself theory is garbage), but it’s still worth pointing out that much of the underlying evidence was intentionally manipulated in order to deceive:
“One document ? a tip-off file obtained in June 2017 by Leonard?s site from an ?anonymous source? ? took new disinformation all the way to the White House and the CIA…The team that created Forensicator, including Leonard, gave away that they were not the real authors of the analysis when they inaccurately copied a Linux ?Bash? script they had been sent, breaking it. This suggested that they did not write, understand, or test the script before they published. Someone else had sent the script, together with the fake conclusion they wanted discovered and published ? that DNC stolen files had been copied in the US Eastern Time zone on 5 July 2016, five days before DNC employee Seth Rich was killed.”
One year later and The Nation’s original theory isn’t looking so hot, with even many of the original VIPS supporters running in the opposite direction, including Binney:
“A month after visiting CIA headquarters, Binney came to Britain. After re-examining the data in Guccifer 2.0 files thoroughly with the author of this article, Binney changed his mind. He said there was ?no evidence to prove where the download/copy was done?. The Guccifer 2.0 files analysed by Leonard?s g-2.space were ?manipulated?, he said, and a ?fabrication?.
But the damage was done, and the Brietbart, Bloomberg, Nation and other reports remain online, still widely circulated as “evidence” that the DNC hacked itself. Amusingly, many of the same people (quite justly) railing against the over-reliance on anonymous sources in stories supporting Russian involvement in the hack saw no problem amplifying this dubious report, despite the warnings that the report was leaning largely on extremely dubious, anonymous experts.
Obviously real investigators continue to dig through the aftermath of the 2016 election to determine the width and breadth of Russia’s global disinformation and hacking efforts in retribution for the Magnitsky sanctions. That process should slowly unravel which organizations and individuals were simply useful idiots, and which organizations and individuals actively coordinated their disinformation assault with the help of foreign governments.
But with questions arising about a evolved disinformation campaign on Facebook and another major internet disiformation effort operating out of Macedonia, it raises plenty of questions about just what real forensic investigators will unearth by this time next year.