It has been quite chaotic over the last couple weeks, what with the remarkable and depressing international, national, professional and personal threats to good order and discipline. One of my more mundane challenges has been to port over Microsoft Office Outlook to manage my calendar and incoming messages from a different computer network.
I don’t understand how it all works, though with detailed instructions, I think I have got the desktop and laptop machines to communicate. I would hate to have my emails subject to exploitation by competitive entities. Just Friday, as I was about to unscramble the smtp and POP settings, the hacker umbrella group Wikileaks dumped 19,000 emails stolen from the Democratic National Committee.
Embarrassing is the most modest description of the disclosure of confidential political information.I am not going to get into that- there is plenty of stuff to look at if you wish to delve into the inner workings of one of the campaign juggernauts. I am sure there are equally squalid musings on the servers of the GOP folks, and I am equally confident we will see them at whatever the most opportune moment might be for whoever is responsible.
I was talking to my best friend this morning on a crappy phone line, and we agreed this is the most depressing political line-up on both sides of the chasm since Millard Fillmore’s campaign. I will not break my longstanding policy of staying out of it in the public forum. But this one has some interesting implications, particularly if the disclosure is from a cyber operation run by our former opponent and second place-finisher in the Cold War.
In 2014, cybersecurity company FireEye discovered a nasty piece of malware called HAMMERTOSS. In the wake of the successful STUXNET attack on the air-apped Iranian nuclear centrifuges, this new malware blended a sophisticated spearfishing effort with commonly used social media.
Information Week’s Kelly Jackson Higgins broke it down this way: “The attackers automatically rotate Twitter handles daily for sending commands to infected machines, and use images embedded with encrypted command information and then upload stolen information to cloud storage services, for example. They also recruit legitimate web servers that they infect as part of the command and control infrastructure.”
This nasty bit of business was developed by a group called “APT 29,” for advanced persistent threat. The forensics of the exploit sounded a lot like the hunt for the Moonlight Maze hackers almost twenty years ago.
I was working at Langley at the time, and this was the first real demonstration of what Charlie Allen, the Deputy Director for Collection, darkly termed “nation state” involvement. He worked that case hard for months.
I am not aware that Charlie got any direct attribution about who was the perpetrator in the case, though the external details were familiar. First, of course was the target and the sort of data that was stolen. Then there was the other external information, like APT 29 appeared to take Russian holidays off, their work hours seemed to align with the time zone that includes Moscow and St. Petersburg. And they are very good indeed, which suggests the backing of a nation-state.
That is hardly a case of solid attribution, which is the biggest problem for cyber warriors, which is to identify exactly who it is you intend to go to war with. There are many state actors in the business, after all, including the ones you hear about and the ones you don’t.
Anyway, the impact of this leak is clearly intended to influence an American Presidential election. I am deeply opposed to that sort of behavior by anyone, foreign or domestic, but if we cannot prove beyond a reasonable doubt exactly who is responsible, I am not sure what can be done about it. Should we declare war on Mr. Putin? Suppose it was the Chinese?
As you recall, HAMMERTOSS was inserted into the unclassified (I hope) email systems at State, the White House and the Joint Staff in the Pentagon along with the DNC. So really, the question is not so much about whether Debby liked Bernie, or whether sharp-elbowed politics are practiced in our Babylon By the Potomac.
The question is more along the lines of what else do they have? What sort of dirt is out there with which we will be horrified? And when are we going to find out?
Copyright 2016 Vic Socotra
www.vicsocotra.com