Is that all there is?!?
So the Department of Homeland Security and the FBI finally released a 13-page report on the Russian hacks.
My response to this Earth-shattering report is best summed up by Peggy Lee.
First of all, let's remember what the original claim was.
“We identified advanced methods consistent with nation-state level capabilities including deliberate targeting and ‘access management’ tradecraft,” Crowdstrike’s co-founder Dmitri Alperovitch wrote in his blog post.
"Advanced methods" and "nation-state level capabilities".
It sounds impressive. Something involving teams of hackers and server farms.
"This was a conscious effort by a nation-state to attempt to achieve a specific effect.”
Calling Bruce Willis.
So what exactly were these "advanced methods" with "nation-state level capabilities"?
I'm sure they involved something really complicated that only a James Bond villain could invent.
The initial hackers sent e-mails that appeared to come from legitimate websites and other Internet domains tied to U.S. organizations and educational institutions, according to the report. Those who were fooled into clicking on the “spearphishing” e-mails provided a foothold into the Democratic National Committee -- although the party organization wasn’t identified by name in the report -- and key e-mail accounts for material that would later be leaked to damage Hillary Clinton in her losing campaign against Trump....
Then, a second wave came in the spring of 2016. Hackers working for Russia’s military intelligence service, the GRU, and dubbed “Advanced Persistent Threat 28” or APT 28, infiltrated the DNC’s networks through more spearphishing e-mails, the report said.
Ah, yes. “Spearphishing”.
That's proof! Why absolutely no one has those kinds of "nation-state level capabilities"...except...maybe...
Bored Suburban Teenagers!
Are you fucking shitting me! Spearphishing!
Is this all you've got!
Maybe not even that! Consider the broad disclaimer at the beginning of the report.
"this report is provided “as is” for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service referenced in this advisory or otherwise."
This doesn't inspire confidence.
So let's make it sound more impressive.
“These actors set up operational infrastructure to obfuscate their source infrastructure, host domains and malware for targeting organizations, establish command and control nodes, and harvest credentials and other valuable information from their targets," the report said.
Translated: they "spoofed" their IP addresses and set up a cheap LAMP server to infect clients, receive and process the data.
Both are things even I could do if I wanted to.
Intelligence experts noticed the weaknesses of this report too.
Cyber-security experts have also weighed in. The security editor at Ars Technica observed that “Instead of providing smoking guns that the Russian government was behind specific hacks,” the government report “largely restates previous private sector claims without providing any support for their validity.” Robert M. Lee of the cyber-security company Dragos noted that the report “reads like a poorly done vendor intelligence report stringing together various aspects of attribution without evidence.” Cybersecurity consultant Jeffrey Carr noted that the report “merely listed every threat group ever reported on by a commercial cybersecurity company that is suspected of being Russian-made and lumped them under the heading of Russian Intelligence Services (RIS) without providing any supporting evidence that such a connection exists.”
This is just pathetic.