The Guccifer 2.0 Problem at the White House

“If they actually manipulated the integrity of one of my electoral systems, it would warrant a national security response,” he said. “But just releasing DNC emails? Welcome to the new world. I would say that’s a law enforcement matter. The ‘doxing’ of a private entity is not a national security event.” Sean Kanuck (former National Intelligence Officer for Cyber Issues, ODNI) as quoted in the Washington Post

Two things must be true in order for the White House to justify an action against the Russian government over the DNC breach and release of documents by Wikileaks; that the Russian government is responsible for both the DNC breach and the release of documents by Wikileaks. While the former is relatively easy, the latter is proving problematic according to last Friday’s Washington Post.

The Problem

Administration officials say that the breach of the DNC by itself isn’t actionable because it qualifies as political espionage; something that the U.S. engages in along with every other nation. It’s the release of the documents to Wikileaks that could be interpreted as interference in the electoral process, although even that part has been disputed by Sean Kanuck, a former high-ranking cyber official at the Office of the Director of National Intelligence (ODNI), in his quote at the top of this article.

The bottom line is that the IC isn’t convinced that the Russian government orchestrated the leak, according to the Post:

The intelligence community has high confidence that Russian intelligence services hacked the Democratic National Committee but does not have the same level of confidence that Russia then leaked stolen committee emails to the anti-secrecy group WikiLeaks, several administration officials said.

Guccifer 2.0 and Julian Assange

Guccifer 2.0 has claimed credit for both the breach and the release of documents to Wikileaks as well as The Smoking Gun, and Julian Assange has said that he ordered the release of the DNC emails right before the Democratic convention.

Keep in mind that there is zero evidence connecting the threat groups Cozy Bear and Fancy Bear to the Russian government or any of its intelligence services, that the GRU does Human Intelligence (HUMINT), not Signals Intelligence (SIGINT) work, and that no intelligence service except one run by Borat would use an outed threat group like Cozy Bear or Fancy Bear using its own country’s infrastructure to run a secret operation. That’s like the NSA’s TAO division using the now-outed Equation Group to attack the United Russia party headquarters from a U.S. server. It’s a ridiculous scenario on its face; made even moreso when you have Assange publicly claiming credit for the leak as part of his revenge campaign against Hilary Clinton.

Guccifer 2.0 is behaving like every other hacktivist who has popped a government or corporate entity’s server and made the contents public as a way of embarrassing the victim. This has happened dozens of times over the years to victims in Russia, China, the U.S., Israel, Japan, and India — to name just a few. Even if he’s a native Russian speaker, that tells us nothing about who he is, where he is, or who he works for.

Kudos to the Intelligence Community

Kudos to those in the Intelligence Community who are taking their time and not rushing to judgment on this matter. Actions taken against the government of Russia could have serious consequences for the U.S. The White House clearly knows this and is doing the responsible thing by pushing for certainty.

I wish that others would follow their lead instead of fueling the flames of Russophobia for their personal or corporate benefit.