How the U.S. hobbled its hacking case against Russia and enabled truthers

Kevin Poulsen writes: Sometimes, in his covert influence campaign against America, Vladimir Putin need do nothing but sit back and chuckle mirthlessly while U.S. officials shoot themselves in the foot. Such was the case last week when the Department of Homeland Security and the FBI released a technical exposé of Russia’s hacking that industry experts are slamming as worse than useless—so jumbled that it potentially harms cybersecurity, so aimless that it muddies the clear public evidence that Russia hacked the Democratic Party to affect the election, and so wrong it enables the Trump-friendly conspiracy theorists trying to explain away that evidence.

“At every level this report is a failure,” says security researcher Robert M. Lee. “It didn’t do what it set out to do, and it didn’t provide useful data. They’re handing out bad information to the industry when good information exists.” At issue is the “Joint Analyses Report” released by DHS last Thursday as part of the Obama administration’s long-awaited response to Russia’s election hacking. The 13-page document was widely expected to lay out the government’s evidence that Russia was behind the intrusions into the Democratic National Committee’s private network, and a separate attack that exposed years of the private email belonging to Hillary Clinton campaign chair John Podesta.

Instead, the report is a gumbo of earnest security advice mixed with random information from a broad range of hacking activity. One piece of well-known malware used by criminal hackers, the PAS webshell, is singled out for special attention, while the sophisticated Russian “SeaDuke” code used in the DNC hack barely rates a mention. A full page of the report is dedicated to listing names that computer security companies have assigned to Russian malware and hacking groups over the years, information that nobody is asking for. [Continue reading…]

Facebooktwittermail