The So Far Non-Existent Vulkan Leaks
MEDIA, 3 Apr 2023
31 Mar 2023 – The Guardian, Washington Post and Der Spiegel have today published “bombshell” revelations about Russian cyber warfare based on leaked documents, but have produced only one single, rather innocuous leaked document between them (in the Washington Post), with zero links to any.
Where are these documents and what do they actually say? Der Spiegel tells us:
This is all chronicled in 1,000 secret documents that include 5,299 pages full of project plans, instructions and internal emails from Vulkan from the years 2016 to 2021. Despite being all in Russian and extremely technical in nature, they provide unique insight into the depths of Russian cyberwarfare plans.
OK. So where are they?
Ten different media houses have cooperated on the leaks, and the articles have been produced by large teams of journalists in each individual publication.
The Guardian article is by Luke Harding, Stilyana Simeonova, Manisha Ganguly and Dan Sabbagh. The Washington Post Article is by Craig Timberg, Ellen Nakashima, Hannes Munzinga and Hakan Tanriverdi. The Der Spiegel article is by 22 named journalists!
So that is 30 named journalists, with each publication deploying a large team to produce its own article.
And yet if you read through those three articles, you cannot help but note they are (ahem) remarkably similar.
From Der Spiegel:
“These documents suggest that Russia sees attacks on civilian critical infrastructure and social media manipulation as one-and-the-same mission, which is essentially an attack on the enemy’s will to fight,” says John Hultquist, a leading expert on Russian cyberwarfare and vice president of intelligence analysis at Mandiant, an IT security company.
From the Washington Post:
“These documents suggest that Russia sees attacks on civilian critical infrastructure and social media manipulation as one and the same mission, which is essentially an attack on the enemy’s will to fight,” said John Hultquist, the vice president for intelligence analysis at the cybersecurity firm Mandiant
From the Guardian:
John Hultquist, the vice-president of intelligence analysis at the cybersecurity firm Mandiant, which reviewed selections of the material at the request of the consortium, said: “These documents suggest that Russia sees attacks on civilian critical infrastructure and social media manipulation as one and the same mission, which is essentially an attack on the enemy’s will to fight.”
Note that it is not just the central Hultquist quote which is the same. In each case the teams of thirty journalists have very slightly altered a copy-and-pasted entire paragraph.
In fact the remarkable sameness of all three articles, with the same quotes and sources and same ideas, makes plain to anybody reading that all these articles are taken from a single source document. The question is who produced that central document? I assume it is one of the “five security services”, which all of the articles say were consulted.
Revealingly all three articles include the comprehensively debunked claim that Russia hacked the Clinton or DNC emails. They all include it despite the fact that none of the three articles makes the slightest attempt to connect this allegation to any of the leaked Vulkan documents, or to provide any evidence for it at all.
The casual reader is led to the conclusion that in some way the Vulkan leak proves the Clinton hack – despite the fact that no evidence is adduced and in fact, on close reading, none of the articles actually makes any claim that there is any reference at all to the Clinton hack in the Vulkan documents, or any other kind of evidence in them supporting the claim.
That all three teams of journalists independently decided to throw in a debunked claim, unrelated to any of the leaked material they are supposedly discussing, is not very probable. Again, they are plainly working from a central source that highlights the Clinton nonsense.
The Washington Post does actually deign to give us a facsimile of one page of one of the leaked emails, which does indeed appear to reference cyberwarfare capabilities to control or disable vital infrastructure.
But the problem is they are showing us page 4 of a document, devoid of context. Why no link to the whole document? We can see it is about research into these capabilities, but presumably the whole document might reveal something about the purpose of such research – for example, is it offensive or to develop defence against such attacks?
I am always suspicious of leaks where the actual documents are kept hidden, and we only know what we are told by – in this case – a propaganda operation which, even on the surface of it, involves western security services, US government funded “cyber security firms”, and Microsoft and Google.
When Wikileaks releases documents, they actually release the whole documents so that you can look at them and make up your own mind on what they really say or mean. Such as, for example, the Vault 7 release on CIA Hacking Tools.
My favourite Vault 7 revelation was that the CIA hackers leave behind fake “fingerprints”, including commands in Cyrillic script, to create a false trail that the Russians did it. Again you can see the actual documents on Wikileaks.
I have no reason to doubt that Russia employs techniques of cyber warfare. But I have absolutely no reason to believe that Russia does so any more than Western security services.
In fact there is some indication in this Vulkan information that Russian cyber warfare capability is less advanced than Western. With absolutely zero self-awareness of the implications of what they are saying, Luke Harding and his team at the Guardian tell us that:
One document shows engineers recommending Russia add to its own capabilities by using hacking tools stolen in 2016 from the US National Security Agency and posted online.
It is, of course, only bad when the Russians do it.
The fact there is virtually no cross-referencing to the Snowden or Vault 7 leaks in any of the publications, shows this up for the coordinated security service propaganda exercise that it is.
But there are numerous examples given of various hacks alleged to be committed by Russian security services, with no links whatsoever to any document in the Vulkan leaks, and in fact no evidence given of any kind, except for multiple references to allegations by US authorities.
The Washington Post article has the best claim to maintain some kind of reasonable journalistic standard. It includes these important phrases, admissions notably absent from the Guardian’s Luke Harding led piece:
These officials and experts could not find definitive evidence that the systems have been deployed by Russia or been used in specific cyberattacks
The documents do not, however, include verified target lists, malicious software code or evidence linking the projects to known cyberattacks.
Still, they offer insights into the aims of a Russian state that — like other major powers, including the United States — is eager to grow and systematize its ability to conduct cyberattacks with greater speed, scale and efficiency.
The last quote is of course the key point, and the Washington Post does deserve some kudos at least for acknowledging it, which is more than you can say for the Guardian or Der Spiegel. Even the Washington Post, having acknowledged the point, in no way allows it to affect the tone or tenor of its report.
But in truth there is no reason to doubt that the Russian state is developing cyberwarfare capabilities, and there is no reason to doubt that commercial companies including Vulkan are involved in some of the sub-contracted work.
But exactly the same thing is true of the United States, the United Kingdom, or any major Western nation. Tens of billions are being poured into cyberwarfare, and the resources deployed on it by NATO states vastly outnumber the resources available to Russia.
Which puts in perspective this large exercise in anti-Russian propaganda. Here are some key facts about it for you:
Taking the Guardian, Washington Post and Der Spiegel articles together:
- Less than 2% of the articles consist of direct quotes from the alleged leaked documents
- Less than 10% of the articles consist of alleged description of the contents of the documents
- Over 15% of the articles consist of comment by western security services and cyber warfare industry
- Over 40% of the articles consist of descriptions of alleged Russian hacking activity, zero of which is referenced in the acutal Vulkan leaks
We get to see one page of an alleged 5,000 leaked, plus a couple of maps and graphics.
It took 30 MSM journalists to produce this gross propaganda. I could have done it alone for them in a night, working up three slightly different articles from what the security services have fed them, directly and indirectly.
I can see the attraction of being a “journalist” shill for power, it has been very easy money for the mucky thirty.
Craig John Murray (born 17 Oct 1958) is a Scottish author, human rights campaigner, journalist, and former diplomat for the UK Foreign and Commonwealth Office. Between 2002 and 2004, he was the British ambassador to Uzbekistan during which time he exposed the violations of human rights by the Karimov administration. He was Rector of the University of Dundee from 2007 to 2010 and was jailed for eight months for contempt of court in 2021.
Tags: Corporate Media, Cyberwar, Journalism, Journalistic Ethics, Mainstream Media MSM, Russia
DISCLAIMER: The statements, views and opinions expressed in pieces republished here are solely those of the authors and do not necessarily represent those of TMS. In accordance with title 17 U.S.C. section 107, this material is distributed without profit to those who have expressed a prior interest in receiving the included information for research and educational purposes. TMS has no affiliation whatsoever with the originator of this article nor is TMS endorsed or sponsored by the originator. “GO TO ORIGINAL” links are provided as a convenience to our readers and allow for verification of authenticity. However, as originating pages are often updated by their originating host sites, the versions posted may not match the versions our readers view when clicking the “GO TO ORIGINAL” links. This site contains copyrighted material the use of which has not always been specifically authorized by the copyright owner. We are making such material available in our efforts to advance understanding of environmental, political, human rights, economic, democracy, scientific, and social justice issues, etc. We believe this constitutes a ‘fair use’ of any such copyrighted material as provided for in section 107 of the US Copyright Law. In accordance with Title 17 U.S.C. Section 107, the material on this site is distributed without profit to those who have expressed a prior interest in receiving the included information for research and educational purposes. For more information go to: http://www.law.cornell.edu/uscode/17/107.shtml. If you wish to use copyrighted material from this site for purposes of your own that go beyond ‘fair use’, you must obtain permission from the copyright owner.