Right-Wing And “Alt-Right” Media Mischaracterize VOA Report To Lie About Russian Hacking

Right-wing media are attacking CrowdStrike, the cybersecurity firm that in June 2016 “was the first to link last year’s hacks of Democratic Party computers to Russian actors,” in an attempt to discredit the intelligence community’s conclusion that Russia interfered in the 2016 election to aid President Donald Trump. In fact, CrowdStrike’s apparently erroneous findings are in reference to a different example of Russian hacking, and have no bearing on the U.S. intelligence community’s conclusions, which have independently “identified Russian officials who fed material hacked from the Democratic National Committee and party leaders to WikiLeaks.”

Voice Of America Reports That A British Think Tank Disputed Cybersecurity Firm’s Conclusion Regarding An Attack On The Ukrainian Military

VOA: The British Think Tank Disputed A December Report Asserting That “Russians Hacked Into A Ukrainian Artillery App” Done By CrowdStrike, The Same Firm That Separately Was First To Conclude Russia Interfered In The US Election. On March 23, Voice of America (VOA) reported that the International Institute for Strategic Studies (IISS), a British think tank, and “Ukraine’s military are disputing a report that the U.S. cybersecurity firm CrowdStrike has used to buttress its claims of Russian hacking in the presidential election.” According to VOA, a December 2016 report by CrowdStrike “erroneously used IISS data as proof” that “Russians hacked into a Ukrainian artillery app, resulting in heavy losses of howitzers in Ukraine’s war with Russian-backed separatists.” The article stated, “The challenges to CrowdStrike’s credibility are significant because the firm was the first to link last year’s hacks of Democratic Party computers to Russian actors.” From VOA’s March 23 report:

An influential British think tank and Ukraine’s military are disputing a report that the U.S. cybersecurity firm CrowdStrike has used to buttress its claims of Russian hacking in the presidential election.

The CrowdStrike report, released in December, asserted that Russians hacked into a Ukrainian artillery app, resulting in heavy losses of howitzers in Ukraine’s war with Russian-backed separatists.

But the International Institute for Strategic Studies (IISS) told VOA that CrowdStrike erroneously used IISS data as proof of the intrusion. IISS disavowed any connection to the CrowdStrike report. Ukraine’s Ministry of Defense also has claimed combat losses and hacking never happened.

[...]

The challenges to CrowdStrike’s credibility are significant because the firm was the first to link last year’s hacks of Democratic Party computers to Russian actors, and because CrowdStrike co-founder Dimiti Alperovitch has trumpeted its Ukraine report as more evidence of Russian election tampering.

Alperovitch has said that variants of the same software were used in both hacks.

While questions about CrowdStrike’s findings don’t disprove allegations of Russian involvement, they do add to skepticism voiced by some cybersecurity experts and commentators about the quality of their technical evidence.

The Russian government has denied covert involvement in the election, but U.S. intelligence agencies have concluded that Russian hacks were meant to discredit Hillary Clinton and help Donald Trump’s campaign. An FBI and Homeland Security report also blamed Russian intelligence services. [Voice of America, 3/23/17]

Alt-Right And Russian Outlets Pick Up, Conflate, And Mischaracterize VOA’s story

Mike Cernovich: “I Was First To Call Out CrowdStrike As A Hoax, Another Scoop!”

[Twitter, 3/28/17]

Paul Joseph Watson: “CrowdStrike Firm Which Peddled ‘Russian Hacking’ Conspiracy Theory Retracts Claims.”

[Twitter, 3/29/17]

RT America: “CrowdStrike EXPOSED: Cybersecurity Firm Behind ‘#Russia Hack’ Allegation In Damage-Control Mode.”

[Twitter, 3/29/17]

Daily Mail And Zero Hedge Run Stories On “Questions Over” CrowdStrike’s “Credibility” After Retraction

Daily Mail: CrowdStrike “Is Facing A Damaging Series Of Questions Over Its Credibility.” On April 5, the British tabloid Daily Mail published an “EXCLUSIVE” report claiming that CrowdStrike “is facing a damaging series of questions over its credibility” after the cybersecurity firm “had to retract portions of a report supporting its allegations of Russian cyberattacks.” From the Daily Mail’s April 5 report:

It was an explosive conclusion which cast a pall over the entire election: that the Kremlin was behind a hack of the Democratic National Committee which resulted in its embarrassing secrets being published.

First made in June 2016, it has overshadowed the election, transition and now presidency of Donald Trump.

And the FBI, CIA, NSA and 12 other intelligence agencies published an unprecedented joint report saying the (sic) Vladimir Putin ordered a hacking campaign to tip the election against Hillary Clinton.

But now the first expert company to make a link between the DNC hacks and the Kremlin is facing a damaging series of questions over its credibility, DailyMail.com can disclose.

Cybersecurity firm CrowdStrike has had to retract portions of a report supporting its allegations of Russian cyberattacks – and is also refusing to address Congress about its findings on Moscow's election hacking. [Daily Mail, 4/5/17]

Zero Hedge: CrowdStrike’s “History Of Making Factually Untrue And Misleading Claims About Russian Hacking Creates Concerns About Their Ability To Objectively Report On Whether Or Not The DNC’s Servers Were Breached By A Foreign Actor.” The fringe financial blog Zero Hedge picked up the story on April 5, claiming that CrowdStrike’s change to its December report on Ukraine “creates concerns about their ability to objectively report on whether or not the DNC's servers were breached by a foreign actor during the 2016 elections.” From Zero Hedge’s April 5 article:

The tight relationship between Crowdstrike and a think tank which also has a long track record of promoting unproven claims about Russian hacking, their failure to account for false attribution techniques commonly used by programmers to frame other countries for hacking attacks and their history of making factually untrue and misleading claims about Russian hacking creates concerns about their ability to objectively report on whether or not the DNC's servers were breached by a foreign actor during the 2016 elections. Their association with the DNC comes at a time when the party has been attempting to craft a narrative of alleged Russian hacking to support their election bids in the upcoming 2018 U.S. midterm elections and delegitimize the victories of their political opponents in 2016. [Zero Hedge, 4/5/17]

Fox’s Brian Kilmeade: CrowdStrike Is “Now Backing Off That Claim” That Russian Intelligence Services Hacked The DNC

Fox’s Brian Kilmeade: CrowdStrike “Said The Russians Hacked Us In June Of 2016” But Is“Now Backing Off That Claim.” On the April 6 edition of Fox News’ Fox & Friends, co-host Brian Kilmeade claimed that CrowdStrike “came out and said the Russians hacked us in June of 2016, [and] are now backing off that claim,” asserting that the retraction would “stand this whole story on its head.” From the April 6 edition of Fox News’ Fox & Friends:

BRIAN KILMEADE (CO-HOST): And by the way, can I just say this, just to totally stand this whole story on its head? CrowdStrike, the first group that came out, this intel -- cybersecurity group, they came out and said= the Russians hacked us in June of 2016, are now backing off that claim.

STEVE DOOCY (CO-HOST): They're not cooperating any longer with Congress.

KILMEADE: Wow. [Fox News, Fox & Friends, 4/6/17]

These Are Two Different Reports, And U.S. Intelligence Agencies Have Independently Concluded That Russia Was Behind DNC Hack

CrowdStrike’s Potentially Erroneous Findings In Their December 2016 Report Do Not Change Conclusions In June 2016 Report That Russian Intelligence Services Hacked The DNC. According to the March 23 VOA report, CrowdStrike’s December 2016 findings were “used to buttress its claims of Russian hacking in the presidential election,” but not to prove them, and the “questions about CrowdStrike’s findings don’t disprove allegations of Russian involvement” in the hacking and theft of DNC emails. [Voice of America, 3/23/17]

DHS And ODNI In October 2016: “The U.S. Intelligence Community Is Confident That The Russian Government Directed The Recent Compromises Of Emails From US Persons And Institutions.” On October 7, he Department of Homeland Security and the Office of the Director of National Intelligence issued a joint statement declaring that the “U.S. Intelligence Community (USIC) is confident that the Russian Government directed the recent compromises of e-mails from US persons and institutions, including from US political organizations.” The statement noted that “such activity is not new to Moscow” and that “only Russia's senior-most officials could have authorized these activities.” From the October 7 statement:

The U.S. Intelligence Community (USIC) is confident that the Russian Government directed the recent compromises of e-mails from US persons and institutions, including from US political organizations. The recent disclosures of alleged hacked e-mails on sites like DCLeaks.com and WikiLeaks and by the Guccifer 2.0 online persona are consistent with the methods and motivations of Russian-directed efforts. These thefts and disclosures are intended to interfere with the US election process. Such activity is not new to Moscow—the Russians have used similar tactics and techniques across Europe and Eurasia, for example, to influence public opinion there. We believe, based on the scope and sensitivity of these efforts, that only Russia's senior-most officials could have authorized these activities. [DHS.gov, 10/7/16]

VOA: Other Private Cybersecurity Firms “Endorsed CrowdStrike’s Conclusions. The FBI And Homeland Security Report Reached The Same Conclusion.” VOA’s March 23 report noted that “an FBI and Homeland Security report also blamed Russian intelligence services” for the DNC hack and that “U.S. cybersecurity firms Fidelis and Mandiant endorsed CrowdStrike’s conclusions.” From VOA’s March 23 report:

In its report last June attributing the Democratic hacks, CrowdStrike said it was long familiar with the methods used by Fancy Bear and another group with ties to Russian intelligence nicknamed Cozy Bear. Soon after, U.S. cybersecurity firms Fidelis and Mandiant endorsed CrowdStrike’s conclusions. The FBI and Homeland Security report reached the same conclusion about the two groups. [Voice of America, 3/23/17]

Reuters: The CIA Has Identified Russian Individuals “Who Fed Material Hacked From The [DNC] And Party Leaders To WikiLeaks At The Direction Of Russian president Vladimir Putin.” According to Reuters, American intelligence officials have “identified Russian officials who fed material hacked from the Democratic National Committee and party leaders to WikiLeaks at the direction of Russian President Vladimir Putin through third parties.” Reuters noted that the hacked “material followed what was called ‘a circuitous route’ from the GRU, Russia’s military intelligence agency, to WikiLeaks in an apparent attempt to make the origins of the material harder to trace, a common practice used by all intelligence agencies.” From the January 6 report:

The CIA has identified Russian officials who fed material hacked from the Democratic National Committee and party leaders to WikiLeaks at the direction of Russian President Vladimir Putin through third parties, according to a new U.S. intelligence report, senior U.S. officials said on Thursday.

[...]

In some cases, one official said, the material followed what was called “a circuitous route” from the GRU, Russia’s military intelligence agency, to WikiLeaks in an apparent attempt to make the origins of the material harder to trace, a common practice used by all intelligence agencies, including U.S. ones.

These handoffs, the officials said, enabled WikiLeaks founder Julian Assange to say the Russian government or state agencies were not the source of the material published on his website. [Reuters, 1/6/17]