Three Things to Know
- A trove of stolen CIA documents released by Wikileaks this week included a catalogue of malware developed by other countries, including Russia, that Wikileaks claimed could facilitate “false flag” attacks that appear as though they were carried out by another country.
- Predictably, Kremlin-controlled web sites and conspiracy theorists lost no time touting this as “evidence” that the CIA, not Russia, hacked the DNC.
- This leads some to speculate that Russia, who has the most to gain from shifting suspicion away from itself, could be behind the Wikileaks dump this week.
False Flags
Perhaps the biggest news to come out the Wikileaks dump of thousands of pages of purported Central Intelligence Agency documents about the agency’s hacking operations isn’t that it has the capabilities to turn phones and TV sets into microphones. Cybersecurity experts have known about that for years.
The big news was a Wikileaks tweet that the CIA can conduct “false flag” attacks using malware embedded into computers. A false flag attack is one in which the instigator diverts suspicion to another country or entity. According to Wikileaks, a collection of malware employed by other countries could facilitate such attacks by leaving forensic fingerprints that point investigators towards, say, Russian intelligence agencies rather than Langley.
@Wikileaks: “CIA steals other groups virus and malware facilitating false flag attacks”
As the Daily Dot noted: “All of this immediately gave rise to a new conspiracy theory: the CIA must have hacked the Democratic National Committee itself and blamed Russia. The website Sputnik International, which is owned and operated by the Russian government, was happy to entertain this theory, as was the ‘citizen journalism’ website Russia Insider, which asserted that any evidence of hacking that points to Russia ‘must now be dismissed as either fake or meaningless.’”
And maybe that was the point of the Wikileaks dump – to sow confusion and point fingers for the DNC hack and other attempts to influence the 2016 elections at the CIA rather than Russia. This is all speculation, but there are multiple signs that suggest Russia could be behind both the DNC hack, and the Wikileaks dump as well.
Russia’s Long History of ‘Active Measures’ Operations
For half a century, Russian intelligence agencies have conducted on-and-off operations aimed at disrupting Western democracies known as “active measures.” In the intelligence community’s report on Russian influence in the 2016 elections, the former Director of National Intelligence (DNI) James Clapper noted: “During the Cold War, the Soviet Union used intelligence officers, agents of influence, forgeries, and press placements to disparage candidates perceived as being hostile to the Kremlin . . .”
Starting under President Putin – who it should never be forgotten is a former KGB officer – the Russians expanded that effort to include cyber warfare in the former of hacking, leaking hacked files and phishing operations against government officials, political figures, journalists and think tank executives.
Clapper stated, “By their nature, Russian influence campaigns are multifaceted and designed to be deniable because they use a mix of agents of influence, cutouts, and false-flag operations.”
The Russians did not just try to influence the 2016 elections (whether they did or not is something that only history can determine), but they also did so during the 2014 Ukrainian crisis. Russian intelligence service likely are involved in this year’s French and German elections as well. Witness the false reports in Russian media about German women being raped by refugees, or the near daily drip of news stories about scandals that affect the French far right and right presidential candidates, neither of whom would not be hospitable to the Kremlin.
Nothing New
Matthew D. Green, a cryptology expert at Johns Hopkins University told the Washington Post, “The idea that the CIA and NSA can hack into devices is kind of old news. Anyone who thought they weren’t was living in a fantasy world.” Green’s right. There have been numerous press reports about the potential for devices hooked up the Internet, including baby monitors, being converted into covert listening posts. It can be assumed that these are all vulnerabilities of which a sophisticated state intelligence service could take advantage.
The NSA demonstrated this possibility in a 2011 cybersecurity briefing to congressional staff meant to convince staff traveling overseas of the need for security. An NSA official, using his laptop, secretly activated an iPhone in the audience to record the presentation and play it back to the astonished of staffers. It was a dramatic way of showing the way the devices can be used to spy on the owner.
Why Some Suspect Russia
Nicholas Weaver, a computer security researcher at the University of California at Berkley, was quoted in the Washington Post as saying that the CIA documents “were taken in February or March 2016.” That date is very significant. The reason is that, according to Clapper, “The General Staff Main Intelligence Directorate (GRU) probably began cyber operations aimed at the US election by March 2016.” This bears repeating: The CIA documents were handed over to Wikileaks at precisely the same time the Russians started their campaign to influence the elections.
Ties between Russia and Wikileaks have long been suspected. Susan Hennessy, a former NSA lawyer now at the Brookings Institution said, “There is a lot of circumstantial evidence of the links between Assange and Russia. It’s certainly not a coincidence that Russian military intelligence selected WikiLeaks as a distribution platform for its Democrats hack.”
Clapper again: “We assess with high confidence that the GRU [Russian military intelligence] used . . . Wikileaks to release” information “obtained in cyber operations [hacks] publicly and in exclusives to media outlets.” The DNI reports that “Moscow most likely chose Wikileaks because of its self-proclaimed reputation for authenticity . . . . The Kremlin’s principal propaganda outlet RT (formerly Russia Today) has actively collaborated with Wikileaks.”
Those who choose to believe that Wikileaks is not in bed with Russian intelligence agencies, should consider that among the first people to vouch for the Wikileaks was none other than Edward Snowden, who intelligence officials strongly believe is a Russian agent. In a tweet issued within hours of the Wikileaks dump Snowden, who is now living in Moscow, said what the documents were “genuinely a big deal. Looks authentic.”
Wikileaks was heavily involved in Snowden’s case as well. One of the people who helped Snowden escape to Russia was Sarah Harrison, a Wikileaks editor. “When the U.S. charged him under the Espionage Act . . . an extradition order was sent to Hong Kong,” an article in Vogue notes. “But it came too late: Before anybody made a move to capture him, Edward Snowden—led by Sarah Harrison—had quietly boarded a flight to Moscow and basically vanished.”
The ‘Deep State’ Plot
James Lewis, senior vice-president at the Centre for Strategic and International Studies and an expert on cyber security, speculated to The Guardian that the motive behind the leak could be to underpin the false flag narrative of the Trump camp. “This might be one explanation for the leaks – it’s data to build a case that the Russian interference and connections are a secret ‘deep state’ plot, as the false flag bits in WikiLeaks ‘shows’” Lewis said.
Why else would Russian intelligence want to dump thousands of pages of CIA documents onto the Web? A clue may be found in a throw-away paragraph of a Washington Post article: “The FBI has spent years investigating Wikileaks, and authorities are eager to figure out whether it has recruited a well-placed source from the U.S. government.” A former intelligence official was quoted as saying, if the Wikileaks documents came from the CIA, “there’s going to another major mole hunt.”
People unfamiliar with CIA history will ask what does the unnamed intel official mean by “another?” James Angleton ran the CIA’s counter espionage program. A CIA publication about Angleton notes that, starting in the 1960s and for roughly the next 10 years, he “embarked on counterproductive and sometimes harmful efforts to find moles [within the CIA] . . .” To put it more bluntly, Angleton tore the agency apart.
Perhaps there were two purposes behind the Wikileaks tweet: First to throw suspicion of the source of the DNC hack off the Russians and onto the CIA; and, second, to have the CIA and other U.S. intel agencies chase their tails for years in a mole hunt while the Russians and their allies do what they want.
—
The author is a former U.S. government investigator.