Did Putin's Hacking Place Trump In The Oval Office? No One Will Ever Admit It... Or Will They?

One thing that "has been decided," apparently, is that no one in a position of authority is ever going to undermine the U.S. electoral system by admitting the Kremlin really hacked the election itself-- like the shitty very hackable electronic voting machines. The entire national security establishment always, always claimed the Russians didn't tamper with the voting results. But, as I've said all along, they didn't know what they were talking about. An exhaustive report at The Intercept yesterday-- based on a Top Secret leaked document (that resulted in the immediate arrest of the leaker, 25 year old Reality Leigh Winner)-- proves the Russians could have done plenty-- which makes me think they probably did switch a few key counties for Trump. (Putin, of course, denied everything to Megan Kelly. Question: does Vladimir Putin lie as much as Trump? Answer: Yes-- or even more.)

Short version: According to the purloined document, the GRU (Russian Military Intelligence, so, not random "patriots") "executed a cyberattack on at least one U.S. voting software supplier and sent spear-phishing emails to more than 100 local election officials just days before last November’s presidential election... [part of] a months-long Russian intelligence cyber effort against elements of the U.S. election and voting infrastructure."

The report indicates that Russian hacking may have penetrated further into U.S. voting systems than was previously understood. It states unequivocally in its summary statement that it was Russian military intelligence, specifically the Russian General Staff Main Intelligence Directorate, or GRU, that conducted the cyber attacks described in the document:

Russian General Staff Main Intelligence Directorate actors … executed cyber espionage operations against a named U.S. company in August 2016, evidently to obtain information on elections-related software and hardware solutions… The actors likely used data obtained from that operation to … launch a voter registration-themed spear-phishing campaign targeting U.S. local government organizations.

...The NSA analysis does not draw conclusions about whether the interference had any effect on the election’s outcome and concedes that much remains unknown about the extent of the hackers’ accomplishments. However, the report raises the possibility that Russian hacking may have breached at least some elements of the voting system, with disconcertingly uncertain results.

...The NSA has now learned, however, that Russian government hackers, part of a team with a “cyber espionage mandate specifically directed at U.S. and foreign elections,” focused on parts of the system directly connected to the voter registration process, including a private sector manufacturer of devices that maintain and verify the voter rolls. Some of the company’s devices are advertised as having wireless internet and Bluetooth connectivity, which could have provided an ideal staging point for further malicious actions.

As described by the classified NSA report, the Russian plan was simple: pose as an e-voting vendor and trick local government employees into opening Microsoft Word documents invisibly tainted with potent malware that could give hackers full control over the infected computers.

But in order to dupe the local officials, the hackers needed access to an election software vendor’s internal systems to put together a convincing disguise. So on August 24, 2016, the Russian hackers sent spoofed emails purporting to be from Google to employees of an unnamed U.S. election software company, according to the NSA report. Although the document does not directly identify the company in question, it contains references to a product made by VR Systems, a Florida-based vendor of electronic voting services and equipment whose products are used in eight states [California, Florida, Illinois, Indiana, New York, North Carolina, Virginia, and West Virginia].

The spear-phishing email contained a link directing the employees to a malicious, faux-Google website that would request their login credentials and then hand them over to the hackers. The NSA identified seven “potential victims” at the company. While malicious emails targeting three of the potential victims were rejected by an email server, at least one of the employee accounts was likely compromised, the agency concluded. The NSA notes in its report that it is “unknown whether the aforementioned spear-phishing deployment successfully compromised all the intended victims, and what potential data from the victim could have been exfiltrated.”

...[T]he hackers apparently got what they needed. Two months later, on October 27, they set up an “operational” Gmail account designed to appear as if it belonged to an employee at VR Systems, and used documents obtained from the previous operation to launch a second spear-phishing operation “targeting U.S. local government organizations.” These emails contained a Microsoft Word document that had been “trojanized” so that when it was opened it would send out a beacon to the “malicious infrastructure” set up by the hackers.

The NSA assessed that this phase of the spear-fishing operation was likely launched on either October 31 or November 1 and sent spear-fishing emails to 122 email addresses “associated with named local government organizations,” probably to officials “involved in the management of voter registration systems.” The emails contained Microsoft Word attachments purporting to be benign documentation for VR Systems’ EViD voter database product line, but which were in reality maliciously embedded with automated software commands that are triggered instantly and invisibly when the user opens the document. These particular weaponized files used PowerShell, a Microsoft scripting language designed for system administrators and installed by default on Windows computers, allowing vast control over a system’s settings and functions. If opened, the files “very likely” would have instructed the infected computer to begin downloading in the background a second package of malware from a remote server also controlled by the hackers, which the secret report says could have provided attackers with “persistent access” to the computer or the ability to “survey the victims for items of interest.” Essentially, the weaponized Word document quietly unlocks and opens a target’s back door, allowing virtually any cocktail of malware to be subsequently delivered automatically.

According to Williams, if this type of attack were successful, the perpetrator would possess “unlimited” capacity for siphoning away items of interest. “Once the user opens up that email [attachment],” Williams explained, “the attacker has all the same capabilities that the user does.” Vikram Thakur, a senior research manager at Symantec’s Security Response Team, told The Intercept that in cases like this the “quantity of exfiltrated data is only limited by the controls put in place by network administrators.” Data theft of this variety is typically encrypted, meaning anyone observing an infected network wouldn’t be able to see what exactly was being removed but should certainly be able to tell something was afoot, Williams added. Overall, the method is one of “medium sophistication,” Williams said, one that “practically any hacker can pull off.”

The NSA, however, is uncertain about the results of the attack, according to the report. “It is unknown,” the NSA notes, “whether the aforementioned spear-phishing deployment successfully compromised the intended victims, and what potential data could have been accessed by the cyber actor.”

...At a December press conference, President Obama said that he told Russian President Vladimir Putin in September not to hack the U.S. election infrastructure. “What I was concerned about in particular was making sure [the DNC hack] wasn’t compounded by potential hacking that could hamper vote counting, affect the actual election process itself,” Obama said. “So in early September, when I saw President Putin in China, I felt that the most effective way to ensure that that didn’t happen was to talk to him directly and tell him to cut it out and there were going to be serious consequences if he didn’t. And in fact we did not see further tampering of the election process.”

Yet the NSA has now found that the tampering continued. “The fact that this is occurring in October is troubling,” said one senior law enforcement official with significant cyber expertise. “In August 2016 warnings went out from the FBI and DHS to those agencies. This was not a surprise. This was not hard to defend against. But you needed a commitment of budget and attention.”

The NSA document briefly describes two other election-related Russian hacking operations. In one, Russian military hackers created an email account pretending to be another U.S. election company, referred to in the document as U.S. company 2, from which they sent fake test emails offering “election-related products and services.” The agency was unable to determine whether there was any targeting using this account.

In a third Russian operation, the same group of hackers sent test emails to addresses at the American Samoa Election Office, presumably to determine whether those accounts existed before launching another phishing attack. It is unclear what the effort achieved, but the NSA assessed that the Russians appeared intent on “mimicking a legitimate absentee ballot-related service provider.” The report does not indicate why the Russians targeted the tiny Pacific islands, a U.S. territory with no electoral votes to contribute to the election.

...All of this taken together ratchets up the stakes of the ongoing investigations into collusion between the Trump campaign and Russian operatives, which promises to soak up more national attention this week as fired FBI Director James Comey appears before Congress to testify. If collusion can ultimately be demonstrated-- a big if at this point-- then the assistance on Russia’s part went beyond allegedly hacking email to serve a propaganda campaign, and bled into an attack on U.S. election infrastructure itself.

Whatever the investigation into the Trump campaign concludes, however, it pales in comparison to the threat posed to the legitimacy of U.S. elections if the infrastructure itself can’t be secured. The NSA conclusion “demonstrates that countries are looking at specific tactics for election manipulation, and we need to be vigilant in defense,” said Schneier. “Elections do two things: one choose the winner, and two, they convince the loser. To the extent the elections are vulnerable to hacking, we risk the legitimacy of the voting process, even if there is no actual hacking at the time.”

Throughout history, the transfer of power has been the moment of greatest weakness for societies, leading to untold bloodshed. The peaceful transfer of power is one of the greatest innovations of democracy.

“It’s not just that [an election] has to be fair, it has to be demonstrably fair, so that the loser says, ‘Yep, I lost fair and square.’ If you can’t do that, you’re screwed,” said Schneier. “They’ll tear themselves apart if they’re convinced it’s not accurate.”

So what did Putin get for his efforts? First and foremost a dysfunction, stressed-out America coming apart at the seams and incapable of leading the free world. Writing for USAToday this morning, Nicholas Burns, a former under secretary of State serving in both Democratic and Republican administrations, showed how Trump is delivering Putin's #1 policy objective-- wrecking the U.S. alliance with Europe.

And Mark Warner (D-VA) says the report from The Intercept doesn't even get to how much the Russians were meddling with the electoral process all over the country (not just in those 8 states). He said the extent of the Russian attacks were much broader than has been reported-- and that the hacking is on-going. (June 20, for example, is the date of the special election in GA-06 and the state's voting system was hacked, probably at Putin's orders though the Georgia Republican Party doesn't seem in the slightest bit concerned and refuses to use paper ballots to insure election integrity.)

America and Europe are experiencing their most significant crisis in decades. President Trump’s recent visit to NATO and the EU was the least successful of any U.S. president in seven decades, exposing deep ideological divisions and a widening gulf of trust across the Atlantic. Last weekend’s terrorist attacks in London had the same effect. Trump repeatedly criticized London Mayor Sadiq Khan for telling citizens not to be alarmed by the attacks, when Khan actually said they should not be alarmed by a heavy police presence. Trump’s tweets did not go down well in stoic Britain, where the World War II maxim, “keep calm and carry on,” still holds.

The policy differences alone are profound. European leaders want a historic free trade agreement with America, but Trump’s nationalist economic strategy led him to reject it. German Chancellor Angela Merkel is determined to maintain tough EU and U.S. sanctions on Russia over its occupation of Ukraine. Trump appears more interested in a rapprochement with Russian President Vladimir Putin. The chasm is deepest and most emotional on climate change. Trump’s announcement that America will pull out of the historic 2015 Paris Agreement is deepening distrust among European citizens and their governments, which consider it an urgent priority.

When I served as U.S. ambassador to NATO, America had a bruising argument with France and Germany over the Iraq War in 2003. We buried the hatchet eventually by joining forces in Afghanistan and negotiating a nuclear deal with Iran. We knew the NATO alliance was worth preserving. Trump has downplayed the importance of those longstanding ties-- according to Politico, even to the point of removing from his prepared speech an affirmation of NATO's Article 5, the commitment by member nations to defend one another.

That is why the current crisis is far more threatening to the long-term future of the alliance than past disagreements. Trump’s ambivalence about NATO and skepticism about the EU are seen by European leaders as an open break with 70 years of U.S. commitment to the continent.

The heart of the problem is Trump’s view of Europe, and Germany in particular, as an economic competitor rather than a strategic partner. This is a sea change in American attitudes towards Europe. All of Trump’s predecessors dating to President Truman have prized Europe’s political and military alliance with America. Trump’s boorish behavior in Brussels and his intemperate tweets criticizing Merkel (and now Khan) have only reinforced the doubts about him in Europe.

If Trump sticks to this course, there will be real costs for the United States. Europe remains our leading trade partner and the most important investor in the U.S. economy. The 27 European members of NATO remain the largest group of U.S. allies in the world. On nearly every important U.S. global priority, Europe is a key partner. We need the United Kingdom, France and Germany to persuade Iran to adhere to the 2015 nuclear deal. Trump may soon ask Europe to contribute additional troops to NATO’s Afghan mission. The U.S. fight against the Islamic State of Iraq and Syria will be seriously undermined without British and French support. America needs NATO allies to hold the line against Putin’s territorial ambitions in Eastern Europe.

...Trump’s bull-in-a-china-shop approach has backfired. He would do better to push the allies in private but acknowledge publicly that the majority of them actually increased defense spending after Putin’s annexation of Crimea in 2014. All, including Germany, have pledged to reach the 2% target by 2024. Pushing on this open door would have been more effective than lecturing leaders such as Merkel in an election year... Trump’s bumbling Europe strategy could turn out to be one of the most significant U.S. foreign policy failures of the post-World War II era.

And exactly why Putin took-- and is still taking-- the risks he took to put Trump in the White House-- and to keep him in power.

photo by N. Ohanian