{"id":76908,"date":"2016-08-01T12:00:47","date_gmt":"2016-08-01T11:00:47","guid":{"rendered":"https:\/\/www.transcend.org\/tms\/?p=76908"},"modified":"2016-07-28T16:18:36","modified_gmt":"2016-07-28T15:18:36","slug":"if-russian-intelligence-did-hack-the-dnc-the-nsa-would-know-snowden-says","status":"publish","type":"post","link":"https:\/\/www.transcend.org\/tms\/2016\/08\/if-russian-intelligence-did-hack-the-dnc-the-nsa-would-know-snowden-says\/","title":{"rendered":"If Russian Intelligence Did Hack the DNC, the NSA Would Know, Snowden Says"},"content":{"rendered":"<p><a href=\"https:\/\/www.transcend.org\/tms\/wp-content\/uploads\/2016\/07\/0726_snowden.jpg\" ><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-76909\" src=\"https:\/\/www.transcend.org\/tms\/wp-content\/uploads\/2016\/07\/0726_snowden-1024x521.jpg\" alt=\"FRANCE-EU- US- RUSSIA-POLITICS-INTELLIGENCE-ESPIONAGE-SECURITY\" width=\"600\" height=\"305\" srcset=\"https:\/\/www.transcend.org\/tms\/wp-content\/uploads\/2016\/07\/0726_snowden-1024x521.jpg 1024w, https:\/\/www.transcend.org\/tms\/wp-content\/uploads\/2016\/07\/0726_snowden-300x152.jpg 300w, https:\/\/www.transcend.org\/tms\/wp-content\/uploads\/2016\/07\/0726_snowden-768x390.jpg 768w, https:\/\/www.transcend.org\/tms\/wp-content\/uploads\/2016\/07\/0726_snowden.jpg 1383w\" sizes=\"auto, (max-width: 600px) 100vw, 600px\" \/><\/a><\/p>\n<p><em>26 Jul 2016 &#8211; <\/em>As my colleague Glenn Greenwald <a target=\"_blank\" href=\"https:\/\/www.wnyc.org\/story\/glenn-greenwald-adversarial-free-press\/\" >told WNYC<\/a> on Monday [25 Jul] while there may never be conclusive evidence that the Democratic National Committee was hacked by Russian intelligence operatives to extract <a target=\"_blank\" href=\"https:\/\/wikileaks.org\/dnc-emails\/\" >the trove of embarrassing emails<\/a> published by WikiLeaks, it would hardly be shocking if that was what happened.<\/p>\n<p>\u201cGovernments do spy on each other and do try to influence events in other countries,\u201d Glenn noted. \u201cCertainly the U.S. government has <a target=\"_blank\" href=\"http:\/\/www.nytimes.com\/2006\/07\/06\/us\/06wyatt.html?_r=0\" >a very long and successful history<\/a> of doing exactly that.\u201d<\/p>\n<p>Even so, he added, given the ease with which we were misled into war in Iraq by false claims about weapons of mass destruction \u2014 and <a target=\"_blank\" href=\"https:\/\/twitter.com\/tinyrevolution\/status\/757963459837526016\" >the long history of Russophobia<\/a> in American politics \u2014 it is vital to cast a skeptical eye over whatever evidence is presented to support the claim, made by Hillary Clinton\u2019s aide Robby Mook, that this is all part of a Russian plot to sabotage the Democrats and help Donald Trump win the election.<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">Clinton campaign manager on DNC leak: Experts say &quot;Russians are releasing these emails&quot; to help Trump <a target=\"_blank\" href=\"https:\/\/twitter.com\/hashtag\/CNNSOTU?src=hash&amp;ref_src=twsrc%5Etfw\" >#CNNSOTU<\/a> <a target=\"_blank\" href=\"https:\/\/t.co\/GwJhloosPs\" >https:\/\/t.co\/GwJhloosPs<\/a><\/p>\n<p>&mdash; CNN Politics (@CNNPolitics) <a target=\"_blank\" href=\"https:\/\/twitter.com\/CNNPolitics\/status\/757200262285123584?ref_src=twsrc%5Etfw\" >July 24, 2016<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>The theory <a target=\"_blank\" href=\"https:\/\/www.buzzfeed.com\/miriamelder\/welcome-to-the-russian-game-its-embarrassing-its-dirty-and-i?utm_term=.maDWZy9wx#.id0geQypM\" >gained some traction<\/a>, particularly among Trump\u2019s detractors, in part because the candidate has seemed obsessed at times with reminding crowds that Russian President Vladimir Putin once said <a target=\"_blank\" href=\"https:\/\/youtu.be\/5xwuVjgMfU4\" >something sort of nice<\/a> about him (though not, <a target=\"_blank\" href=\"https:\/\/twitter.com\/politico\/status\/694259701828210695\" >as Trump falsely claims<\/a>, that the American is \u201ca genius\u201d). Then last week, Trump\u2019s campaign staff watered down a pledge to help Ukraine defend its territory from Russian-backed rebels and the candidate <a target=\"_blank\" href=\"http:\/\/www.nytimes.com\/2016\/07\/22\/us\/politics\/donald-trump-foreign-policy-interview.html?_r=0\" >told the <em>New York Times<\/em><\/a> he would not necessarily honor the NATO treaty commitment that requires the United States military to defend other member states from a direct attack by Russia.<\/p>\n<p>Since Trump\u00a0has refused to release his tax returns, there are also questions about whether or not his\u00a0businesses might depend to some extent on Russian investors. \u201cRussians make up a pretty disproportionate cross-section of a lot of our assets,\u201d Trump\u2019s son Donald Jr. told a real estate conference in 2008, <a target=\"_blank\" href=\"https:\/\/www.washingtonpost.com\/politics\/inside-trumps-financial-ties-to-russia-and-his-unusual-flattery-of-vladimir-putin\/2016\/06\/17\/dbdcaac8-31a6-11e6-8ff7-7b6c1998b7a0_story.html\" >the <em>Washington Post<\/em> reported<\/a> last month. \u201cWe see a lot of money pouring in from Russia.\u201d<\/p>\n<p>Paul Manafort, who is directing Trump\u2019s campaign and was for years a close adviser of a Putin ally, former President Viktor Yanukovych of Ukraine, <a target=\"_blank\" href=\"http:\/\/www.nytimes.com\/2016\/07\/25\/us\/politics\/donald-trump-russia-emails.html\" >called the theory<\/a> that Trump\u2019s campaign had ties to the Russian government \u201cabsurd.\u201d (On Monday, Michael Isikoff of <em>Yahoo News<\/em> <a target=\"_blank\" href=\"https:\/\/www.yahoo.com\/news\/exclusive-hacked-emails-of-dnc-oppo-researcher-point-to-russians-and-wider-penetration-154121061.html\" >reported<\/a> that a DNC researcher looking into Manafort\u2019s ties to pro-Russian politicians in Ukraine in May had been warned that her personal Yahoo email account was under attack. \u201cWe strongly suspect that your account has been the target of state-sponsored actors,\u201d the warning from the email service security team read.)<\/p>\n<p>Unhelpfully for Trump, his most senior adviser with knowledge of the world of hacking, retired Lt. Gen. Michael T. Flynn, former director of the Defense Intelligence Agency, <a target=\"_blank\" href=\"https:\/\/www.bloomberg.com\/view\/articles\/2016-07-25\/cybersecurity-experts-say-russia-hacked-the-democrats\" >told <em>Bloomberg View<\/em><\/a> that he \u201cwould not be surprised at all\u201d to learn that Russia was behind the breach of the DNC network. \u201cBoth China and Russia have the full capability to do this,\u201d he said.<\/p>\n<p>Later on Monday, Trump himself then <a target=\"_blank\" href=\"https:\/\/twitter.com\/nbcnightlynews\/status\/757670708226908161\" >attributed the attack on the DNC to<\/a> \u201cChina, Russia, one of our many, many \u2018friends,&#8217;\u201d who \u201ccame in and hacked the hell out of us.\u201d<\/p>\n<p>Since very few of us are cybersecurity experts, and the Iraq debacle is a reminder of how dangerous it can be to put blind faith in experts whose claims might reinforce our own political positions, there is also the question of who we can trust to provide reliable evidence.<\/p>\n<p>One expert in the field, who is well aware of the evidence-gathering capabilities of the U.S. government, is Edward Snowden, the former Central Intelligence Agency technician\u00a0and National Security Agency whistleblower\u00a0who exposed the extent of mass surveillance and has been given temporary asylum in Russia.<\/p>\n<p>\u201cIf Russia hacked the #DNC, they should be condemned for it,\u201d <a target=\"_blank\" href=\"https:\/\/twitter.com\/Snowden\/status\/757573436059287552\" >Snowden wrote<\/a> on Twitter on Monday, with a link to <a target=\"_blank\" href=\"https:\/\/www.washingtonpost.com\/world\/national-security\/fbi-director-offers-new-evidence-to-back-claim-north-korea-hacked-sony\/2015\/01\/07\/ce667980-969a-11e4-8005-1924ede3e54a_story.html\" >a 2015 report<\/a> on the U.S. government\u2019s response to the hacking of Sony Pictures. In that case, he noted, \u201cthe FBI presented evidence\u201d for its\u00a0conclusion that North Korea was responsible for the hacking and subsequent release of internal emails. (The FBI is now investigating the breach of the DNC\u2019s network, which officials <a target=\"_blank\" href=\"http:\/\/www.thedailybeast.com\/articles\/2016\/07\/25\/fbi-suspects-russia-hacked-dnc-u-s-officials-say-it-was-to-elect-donald-trump.html\" >told the <em>Daily Beast<\/em><\/a> they first made the committee aware of in April.)<\/p>\n<p>What\u2019s more, Snowden added, the NSA has tools that should make it possible to trace the source of the hack. Even though the Director of National Intelligence usually opposes making such evidence public, he argued, this is a case in which the agency should do so, if only to discourage future attacks.<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">Evidence that could publicly attribute responsibility for the DNC hack certainly exists at <a target=\"_blank\" href=\"https:\/\/twitter.com\/hashtag\/NSA?src=hash&amp;ref_src=twsrc%5Etfw\" >#NSA<\/a>, but DNI traditionally objects to sharing.<\/p>\n<p>&mdash; Edward Snowden (@Snowden) <a target=\"_blank\" href=\"https:\/\/twitter.com\/Snowden\/status\/757577131912208384?ref_src=twsrc%5Etfw\" >July 25, 2016<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">Without a credible threat that USG can and will use <a target=\"_blank\" href=\"https:\/\/twitter.com\/hashtag\/NSA?src=hash&amp;ref_src=twsrc%5Etfw\" >#NSA<\/a> capabilities to publicly attribute responsibility, such hacks will become common.<\/p>\n<p>&mdash; Edward Snowden (@Snowden) <a target=\"_blank\" href=\"https:\/\/twitter.com\/Snowden\/status\/757578400915660802?ref_src=twsrc%5Etfw\" >July 25, 2016<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">To summarize: the US Intel Community should modernize their position on disclosure. Defensive capabilities should be aggressively public.<\/p>\n<p>&mdash; Edward Snowden (@Snowden) <a target=\"_blank\" href=\"https:\/\/twitter.com\/Snowden\/status\/757579983653072896?ref_src=twsrc%5Etfw\" >July 25, 2016<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>Another former insider with knowledge of American and Russian intelligence capabilities, Michael McFaul, the U.S. ambassador to Russia from 2012 to 2014, agreed that it should be possible for the U.S. to present proof if Russia was, in fact, responsible for the attack.<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">I assume that the US counterintelligence agencies have been investigating Russian theft of DNC emails. Hope they tell us results soon.<\/p>\n<p>&mdash; Michael McFaul (@McFaul) <a target=\"_blank\" href=\"https:\/\/twitter.com\/McFaul\/status\/757313667574534144?ref_src=twsrc%5Etfw\" >July 24, 2016<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">As U.S. voter, I&#39;m appalled by Russian meddling, want it investigated &amp; stopped. As long-time analyst of Russia, Im impressed; they&#39;re good<\/p>\n<p>&mdash; Michael McFaul (@McFaul) <a target=\"_blank\" href=\"https:\/\/twitter.com\/McFaul\/status\/757327076525350912?ref_src=twsrc%5Etfw\" >July 24, 2016<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>While we wait to see if the NSA will take its most famous former employee\u2019s advice, it is worth reading <a target=\"_blank\" href=\"https:\/\/motherboard.vice.com\/read\/all-signs-point-to-russia-being-behind-the-dnc-hack\" >a thorough review of the evidence produced so far<\/a>, compiled for Motherboard by Thomas Rid, a professor at King\u2019s College London who has charted <a target=\"_blank\" href=\"https:\/\/www.amazon.co.uk\/Cyber-War-Will-Take-Place\/dp\/1849042802\/ref=pd_sim_sbs_14_2?ie=UTF8&amp;dpID=51QHppn5nDL&amp;dpSrc=sims&amp;preST=_AC_UL160_SR102%2C160_&amp;psc=1&amp;refRID=HP9F6NFPQBTSFV4T2W2C\" >the use of hacking for espionage<\/a>.<\/p>\n<p>As Rid explains, the attribution of the DNC hack to Russian intelligence agents was first suggested on June 15 by CrowdStrike, the cybersecurity firm hired by the Democrats to investigate the possible breach of their\u00a0system in May.<\/p>\n<p>Last month, one of the firm\u2019s founders, Dmitri Alperovitch, explained\u00a0in <a target=\"_blank\" href=\"https:\/\/www.crowdstrike.com\/blog\/bears-midst-intrusion-democratic-national-committee\/\" >a detailed technical analysis<\/a> of their findings that CrowdStrike discovered \u201ctwo separate Russian intelligence-affiliated adversaries present in the DNC network in May.\u201d<\/p>\n<p>The groups, he added, are so familiar to the investigators from previous attacks that they have acquired commonly used nicknames in the security industry. One, \u201cCozy Bear\u201d or \u201cAPT 29,\u201d had been inside the committee\u2019s network for about a year; a second, \u201cFancy Bear,\u201d also called \u201cAPT 28,\u201d breached the system in April.<\/p>\n<p style=\"padding-left: 30px;\"><em>We\u2019ve had lots of experience with both of these actors attempting to target our customers in the past and know them well. In fact, our team considers them some of the best adversaries out of all the numerous nation-state, criminal and hacktivist\/terrorist groups we encounter on a daily basis. Their tradecraft is superb, operational security second to none and the extensive usage of \u201cliving-off-the-land\u201d techniques enables them to easily bypass many security solutions they encounter. In particular, we identified advanced methods consistent with nation-state level capabilities including deliberate targeting and \u201caccess management\u201d tradecraft \u2014 both groups were constantly going back into the environment to change out their implants, modify persistent methods, move to new Command &amp; Control channels and perform other tasks to try to stay ahead of being detected.<\/em><\/p>\n<p>Cozy Bear is the group that \u201csuccessfully infiltrated the unclassified networks of <a target=\"_blank\" href=\"http:\/\/www.thedailybeast.com\/articles\/2015\/04\/08\/obama-to-putin-stop-hacking-me.html\" >the White House<\/a>, <a target=\"_blank\" href=\"http:\/\/www.cnn.com\/2015\/03\/10\/politics\/state-department-hack-worst-ever\/\" >State Department<\/a>, and <a target=\"_blank\" href=\"https:\/\/www.theguardian.com\/technology\/2015\/aug\/06\/us-military-joint-chiefs-hacked-officials-blame-russia\" >U.S. Joint Chiefs of Staff<\/a>\u201d last year, Alperovitch noted. Fancy Bear, he added, has \u201cbeen linked publicly to intrusions into the <a target=\"_blank\" href=\"https:\/\/next.ft.com\/content\/668a131e-1928-11e6-b197-a4af20d5575e\" >German Bundestag<\/a> and <a target=\"_blank\" href=\"http:\/\/www.bbc.com\/news\/world-europe-33072034\" >France\u2019s TV5 Monde<\/a> TV station in April 2015.\u201d<\/p>\n<p>Readers with a high level of technical competence can parse the clues explained fully in Alperovitch\u2019s blog post, but he also noted a surprising fact: that the two groups thought to be affiliated with rival Russian intelligence agencies \u2014 the successor to the Soviet-era KGB, known as the FSB, and the GRU, a military intelligence service \u2014 appeared unaware of each other\u2019s activities.<\/p>\n<p>\u201cWe have identified no collaboration between the two actors, or even an awareness of one by the other,\u201d Alperovitch observed. \u201cInstead, we observed the two Russian espionage groups compromise the same systems and engage separately in the theft of identical credentials.\u201d<\/p>\n<p>One day after this initial attribution of the attack to Russian intelligence was made public by CrowdStrike and the DNC, someone using the pseudonym Guccifer 2.0, in reference to the Romanian hacker who famously <a target=\"_blank\" href=\"http:\/\/gawker.com\/5982694\/hacker-exposes-bush-family-emails-photos-and-george-w-bushs-amazing-self-portraits\" >uncovered<\/a> George W. Bush\u2019s secret career as a painter of selfies, started publishing documents stolen from the committee\u2019s servers on <a target=\"_blank\" href=\"https:\/\/guccifer2.wordpress.com\/\" >a WordPress blog<\/a> set up that day, and taunting the security experts <a target=\"_blank\" href=\"https:\/\/twitter.com\/GUCCIFER_2\" >on Twitter<\/a>.<\/p>\n<p>Guccifer 2.0, who claims to be a Romanian who dislikes Russians, <a target=\"_blank\" href=\"http:\/\/gawker.com\/this-looks-like-the-dncs-hacked-trump-oppo-file-1782040426\" >told my colleague Sam Biddle<\/a> that he or she had carried out the attack with no help from anyone else, just to expose \u201call those illuminati that captured our world,\u201d and had provided hacked documents to WikiLeaks.<\/p>\n<p>However, several analysts pointed out that there is evidence in the metadata that copies of the DNC documents posted online by Guccifer 2.0, starting with an opposition research dossier on Trump, appear to have been processed on a computer with Russian language settings. Parsing the documents on Twitter, the blogger Davi Ottenheimer and an information security analyst who writes as @pwnallthethings pointed out that copies of the stolen documents uploaded to WordPress rendered the hacker\u2019s username, Iron Felix, in Cyrillic characters, and gave error messages for links in Russian.<\/p>\n<p>https:\/\/twitter.com\/pwnallthethings\/status\/743197064843104257?ref_src=twsrc%5Etfw<\/p>\n<p>https:\/\/twitter.com\/daviottenheimer\/status\/743199165459529728?ref_src=twsrc%5Etfw<\/p>\n<p>Doubts were also cast over Guccifer 2.0\u2019s identity by his or her apparent lack of fluency in Romanian in <a target=\"_blank\" href=\"https:\/\/motherboard.vice.com\/read\/why-does-dnc-hacker-guccifer-20-talk-like-this\" >an online chat<\/a> with Lorenzo Franceschi-Bicchierai of Motherboard.<\/p>\n<p>Despite Guccifer 2.0\u2019s claims, CrowdStrike\u2019s attribution to the previously known Russian groups was supported by subsequent research last month from two rival network security firms: Fidelis Cybersecurity and Mandiant.<\/p>\n<p>\u201cWe performed an independent review of the malware and other data (filenames, file sizes, IP addresses) in order to validate and provide our perspective on the reporting done by CrowdStrike,\u201d Michael Buratowski, a Fidelis senior vice president, explained in <a target=\"_blank\" href=\"http:\/\/www.threatgeek.com\/2016\/06\/dnc_update.html\" >a detailed technical analysis<\/a>. The firm\u2019s conclusions supported the attribution to the two well-known Russian groups. Among other factors, Buratowski noted, \u201cthe malware samples were conspicuously large\u201d and \u201ccontained all or most of their embedded dependencies and functional code.\u201d<\/p>\n<p>\u201cThis is a very specific modus operandi less sophisticated actors do not employ,\u201d he argued.<\/p>\n<p>A Mandiant researcher, Marshall Heilman, <a target=\"_blank\" href=\"https:\/\/www.washingtonpost.com\/world\/national-security\/cyber-researchers-confirm-russian-government-hack-of-democratic-national-committee\/2016\/06\/20\/e7375bc0-3719-11e6-9ccd-d6005beac8b3_story.html\" >told the <em>Washington Post<\/em><\/a> he agreed that the malware and associated servers were consistent with those previously used by the two Russian groups.<\/p>\n<p>Another American cybersecurity firm, ThreatConnect, <a target=\"_blank\" href=\"https:\/\/www.threatconnect.com\/guccifer-2-all-roads-lead-russia\/\" >reported<\/a> on Tuesday that it had uncovered evidence that \u201cGuccifer 2.0 is using the Russia-based Elite VPN service to communicate and leak documents\u201d to reporters.<\/p>\n<p>The suspicion that the raid of the DNC servers might have been carried out by Russian intelligence was unsurprising to some experts, as <em>Wired<\/em>\u2019s <a target=\"_blank\" href=\"https:\/\/www.wired.com\/2016\/06\/hack-brief-russias-breach-dnc-trumps-dirt\/\" >Andy Greenberg reported<\/a>, given that the FBI warned <a target=\"_blank\" href=\"http:\/\/www.newsweek.com\/campaign-2008-secrets-mccain-gambles-palin-85079\" >both Barack Obama and John McCain in 2008<\/a> that their campaign computer systems had been breached by foreign hackers, most likely from Russia or China.<\/p>\n<p>Some observers, like the Harvard Law professor Jack Goldsmith, who worked for President George W. Bush, <a target=\"_blank\" href=\"https:\/\/lawfareblog.com\/more-thoughts-dnc-hack\" >suggested<\/a> that such attacks might be seen as payback, given that American intelligence agencies have made aggressive use of hacking, which \u201calmost certainly extends to political organizations in adversary states.\u201d<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">7\/  Current U.S. cyber-espionage almost certainly extends to political organizations in adversary states.<\/p>\n<p>&mdash; Jack Goldsmith (@jacklgoldsmith) <a target=\"_blank\" href=\"https:\/\/twitter.com\/jacklgoldsmith\/status\/757917930042437634?ref_src=twsrc%5Etfw\" >July 26, 2016<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>As the journalist Marcy Wheeler <a target=\"_blank\" href=\"https:\/\/www.emptywheel.net\/2016\/07\/25\/nsa-and-cia-hacked-enrique-pena-nieto-before-the-2012-election\/\" >noted on her blog<\/a>, according to <a target=\"_blank\" href=\"http:\/\/www.spiegel.de\/international\/world\/nsa-hacked-email-account-of-mexican-president-a-928817.html\" >report on the Snowden documents<\/a> by Jens Gl\u00fcsing, Laura Poitras, Marcel Rosenbach and Holger Stark for <em>Spiegel<\/em>, the NSA hacked into \u201ca key mail server in the Mexican Presidencia domain within the Mexican Presidential network,\u201d during that country\u2019s 2012 election campaign, and intercepted 85,489 text messages sent by the ruling party candidate, Enrique Pe\u00f1a Nieto himself, or his associates.<\/p>\n<p>What makes the DNC breach new, however, is the fact that close to 20,000 emails and other documents \u2014 including personal information and credit card details of donors \u2014 were provided to WikiLeaks, which made them public on the eve of this week\u2019s convention. Some of the private email traffic made public, which validated complaints from the Bernie Sanders campaign that the DNC officials favored Hillary Clinton, helped to reopen wounds from the bruising primary campaign.<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">Chants of &quot;WikiLeaks&quot; and &quot;Lock her up&quot; outside the DNC convention. <a target=\"_blank\" href=\"https:\/\/t.co\/YksSfoWnKn\" >pic.twitter.com\/YksSfoWnKn<\/a><\/p>\n<p>&mdash; Philip Crowther (@PhCrowther) <a target=\"_blank\" href=\"https:\/\/twitter.com\/PhCrowther\/status\/757715166347792384?ref_src=twsrc%5Etfw\" >July 25, 2016<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>https:\/\/twitter.com\/jbarro\/status\/757679402780065792?ref_src=twsrc%5Etfw<\/p>\n<p>The role played by WikiLeaks, and the professed indifference of the group\u2019s founder, Julian Assange, to the source of the hacked documents, caused some journalists to ask if the site had allowed itself to be used as part of a post-modern dirty trick, a sort of Watergate 2.0.<\/p>\n<p>One reporter, James Surowiecki of the <em>New Yorker<\/em>, even mused about how WikiLeaks might have treated documents provided by the Watergate burglars had it been around in 1972 when the Republican operatives broke into the DNC office in that building, precisely to obtain damaging information about the party through theft and surveillance.<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">If WL had been around in &#39;72, would it have published DNC documents Watergate burglars stole and transcripts from the bugs they planted?<\/p>\n<p>&mdash; James Surowiecki (@JamesSurowiecki) <a target=\"_blank\" href=\"https:\/\/twitter.com\/JamesSurowiecki\/status\/757309581848698881?ref_src=twsrc%5Etfw\" >July 24, 2016<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>Of course, many other reporters have taken the view that the material made public by WikiLeaks is clearly newsworthy, given that it helps expose the inner workings of a largely unaccountable private political party, which plays a central and privileged role in the election of America\u2019s leaders. That is why an array of publications, <a target=\"_blank\" href=\"https:\/\/theintercept.com\/2016\/07\/22\/new-leak-top-dnc-official-wanted-to-use-bernie-sanderss-religious-beliefs-against-him\/\" >including <em>The Intercept<\/em><\/a>, quickly started to provide reporting and analysis on what was revealed in the leaked documents.<\/p>\n<p>Asked by NBC News on Monday if WikiLeaks might have been used to distribute documents stolen as part of a Russian intelligence operation, Assange insisted there was \u201cno proof of that whatsoever \u2014 we have not disclosed our source, and of course this is a diversion that\u2019s being pushed by the Hillary Clinton campaign.\u201d<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">WATCH: No proof Russians used WikiLeaks in <a target=\"_blank\" href=\"https:\/\/twitter.com\/hashtag\/DNCLeak?src=hash&amp;ref_src=twsrc%5Etfw\" >#DNCLeak<\/a>, Julian Assange tells <a target=\"_blank\" href=\"https:\/\/twitter.com\/RichardEngel?ref_src=twsrc%5Etfw\" >@RichardEngel<\/a> on <a target=\"_blank\" href=\"https:\/\/twitter.com\/NBCNightlyNews?ref_src=twsrc%5Etfw\" >@NBCNightlyNews<\/a>. <a target=\"_blank\" href=\"https:\/\/t.co\/UJCBe4fT9l\" >https:\/\/t.co\/UJCBe4fT9l<\/a><\/p>\n<p>&mdash; NBC Nightly News with Lester Holt (@NBCNightlyNews) <a target=\"_blank\" href=\"https:\/\/twitter.com\/NBCNightlyNews\/status\/757713076128915457?ref_src=twsrc%5Etfw\" >July 25, 2016<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>Of course, given that a cornerstone of the WikiLeaks promise to sources is that the site was designed to receive material without revealing the identity of the leaker to anyone at the anti-secrecy group, it should be impossible for Assange himself to know that the hacked DNC documents did not come from a Russian intelligence operative \u2014 or, for that matter, a Republican one.<\/p>\n<p>Convinced by the available evidence that the leak was\u00a0orchestrated by Russian intelligence, Thomas Rid, the security analyst who writes for Motherboard, went so far as to suggest that by publishing these documents, WikiLeaks had become \u201ca legitimate target\u201d for counterintelligence operations by the five-nation club of the United States, Britain, Canada, Australia, and New Zealand.<\/p>\n<p>https:\/\/twitter.com\/RidT\/status\/757153240458858496?ref_src=twsrc%5Etfw<\/p>\n<p>Although WikiLeaks describes the hacked DNC emails as \u201cpart one of our new Hillary Leaks series,\u201d Assange himself rejected the charge that he is helping in a partisan attack. \u201cThis is a quite a classical release,\u201d he <a target=\"_blank\" href=\"http:\/\/www.democracynow.org\/2016\/7\/25\/exclusive_wikileaks_julian_assange_on_releasing\" >told Amy Goodman<\/a> of \u201cDemocracy Now\u201d on Monday, \u201cshowing the benefit of producing pristine data sets, presenting them before the public, where there\u2019s equal access to all journalists and to interested members of the public to mine through them and have them in a citable form where they can then be used to prop up certain criticisms or political arguments.\u201d<\/p>\n<p>Assange <a target=\"_blank\" href=\"http:\/\/www.democracynow.org\/2016\/7\/25\/julian_assange_choosing_between_trump_or\" >demurred<\/a> when Goodman asked if he preferred Trump over Clinton \u2014 \u201cYou\u2019re asking me, do I prefer cholera or gonorrhea?\u201d \u2014 but he was more forthright in <a target=\"_blank\" href=\"https:\/\/youtu.be\/34giUftE7BI\" >an interview<\/a> with Robert Peston of Britain\u2019s ITV on June 12, two days before the DNC hack was first reported.<\/p>\n<p>httpv:\/\/www.youtube.com\/watch?v=34giUftE7BI<\/p>\n<p>After telling Peston in that conversation, \u201cWe have emails relating to Hillary Clinton which are pending publication,\u201d Assange was asked if his intention was to help Trump get elected. \u201cWell, I think Trump is a completely unpredictable phenomenon. You can\u2019t predict what he would do in office,\u201d he replied. \u201cFrom my personal perspective, well, you know, the emails we published show that Hillary Clinton is receiving constant updates about my personal situation; she has pushed for the prosecution of WikiLeaks, which is still in train. So, we do see her as a bit of a problem, for freedom of the press more generally.\u201d<\/p>\n<p>On Twitter, WikiLeaks has been more forthright about seeing the DNC emails and those from Clinton\u2019s personal server \u2014 which the group copied from the State Department\u2019s website to make into a searchable database \u2014 as material that can be used \u201cto prop up certain criticisms\u201d of the former secretary of state.<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">Hillary Clinton&#39;s showy rewarding of corruption by DWS is an ill wind for the corruption-overton-window of a future presidency.<\/p>\n<p>&mdash; WikiLeaks (@wikileaks) <a target=\"_blank\" href=\"https:\/\/twitter.com\/wikileaks\/status\/757319397329559552?ref_src=twsrc%5Etfw\" >July 24, 2016<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">Audience at DNC turns on Bernie Sanders after he says &quot;we must elect Hillary Clinton&quot; following <a target=\"_blank\" href=\"https:\/\/twitter.com\/hashtag\/DNCLeak?src=hash&amp;ref_src=twsrc%5Etfw\" >#DNCLeak<\/a> <a target=\"_blank\" href=\"https:\/\/t.co\/yJszgko2XK\" >https:\/\/t.co\/yJszgko2XK<\/a> <a target=\"_blank\" href=\"https:\/\/twitter.com\/hashtag\/DNCinPHL?src=hash&amp;ref_src=twsrc%5Etfw\" >#DNCinPHL<\/a><\/p>\n<p>&mdash; WikiLeaks (@wikileaks) <a target=\"_blank\" href=\"https:\/\/twitter.com\/wikileaks\/status\/757632872111104000?ref_src=twsrc%5Etfw\" >July 25, 2016<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>Some of that criticism, however, has not been well-grounded in fact, leaving the organization open to accusations that, rather than serving as an impartial clearinghouse for leaks, annotated by its readers \u2014 like Wikipedia \u2014 it has evolved into a platform for analysis by a small circle of insiders.<\/p>\n<p>To take one example, on Saturday, a WikiLeaks tweet incorrectly claimed that one email from the leak revealed that Luis Miranda, the DNC communications director, had suggested that Trump might have been right to say that Ted Cruz\u2019s father was involved in the Kennedy assassination.<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\"><a target=\"_blank\" href=\"https:\/\/twitter.com\/hashtag\/DNCLeak?src=hash&amp;ref_src=twsrc%5Etfw\" >#DNCLeak<\/a>: Trump may be right about Ted Cruz&#39;s father &amp; JFK kill  &#8212; Comms head Luis Miranda <a target=\"_blank\" href=\"https:\/\/t.co\/jjJV1ndJzM\" >https:\/\/t.co\/jjJV1ndJzM<\/a> <a target=\"_blank\" href=\"https:\/\/t.co\/UGbPNLutAE\" >pic.twitter.com\/UGbPNLutAE<\/a><\/p>\n<p>&mdash; WikiLeaks (@wikileaks) <a target=\"_blank\" href=\"https:\/\/twitter.com\/wikileaks\/status\/756942100940353537?ref_src=twsrc%5Etfw\" >July 23, 2016<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>Reading <a target=\"_blank\" href=\"https:\/\/wikileaks.org\/dnc-emails\/emailid\/7735\" >the email<\/a> itself, however, shows something quite different. The complete text of the email chain makes it clear that Miranda was contributing to a thread in which officials worked together to edit a draft of a humorous press release, or \u201chit,\u201d that mocked Trump for making such an outlandish suggestion.<\/p>\n<p>While Miranda did write to his colleagues that Cruz\u2019s father might have been part of an anti-Castro Cuban exile community \u201cwith questionable histories,\u201d he also indicated that he approved the final text, which was <a target=\"_blank\" href=\"http:\/\/factivists.democrats.org\/dangerous-donalds-conspiracy-theories-all-i-know-is-what-is-on-the-internet\/\" >posted online by the DNC<\/a> that same day. That text put Trump\u2019s claim about Cruz\u2019s father at the top of a list of examples of \u201cthe GOP\u2019s presumptive standard bearer just spouting nonsense he reads on the internet or in the tabloids.\u201d<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">Here&#39;s the May 3 DNC press release mocking Trump for discussing conspiracy theories, like Cruz&#39;s father killing JFK <a target=\"_blank\" href=\"https:\/\/t.co\/hiDBXO75hH\" >pic.twitter.com\/hiDBXO75hH<\/a><\/p>\n<p>&mdash; Robert Mackey (@RobertMackey) <a target=\"_blank\" href=\"https:\/\/twitter.com\/RobertMackey\/status\/757809279701176320?ref_src=twsrc%5Etfw\" >July 26, 2016<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>While such errors in the annotation of the DNC documents look more like sloppiness than an attempt to intentionally mislead readers, the mistakes point to a weakness in the platform\u2019s development \u2014 the lack of a robust system for correcting mistakes noted by readers, like the one used by Wikipedia.<\/p>\n<p>That problem has also been noted in the way WikiLeaks presented emails from Hillary Clinton\u2019s private server first released by the State Department.<\/p>\n<p>In March, WikiLeaks was criticized by some Twitter followers \u2014 <a target=\"_blank\" href=\"https:\/\/twitter.com\/wikileaks\/status\/710866944572796928\" >including David Kenner<\/a>, the Middle East editor of <em>Foreign Policy<\/em> \u2014 for the confusing way it presented <a target=\"_blank\" href=\"https:\/\/wikileaks.org\/clinton-emails\/emailid\/18328\" >the text<\/a> of a draft opinion article sent to Clinton by a friend as if it were the text of an email from her \u2014 and one that revealed her secret plan to destroy the Syrian government to help Israel.<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">Hillary Emails: Overthrow <a target=\"_blank\" href=\"https:\/\/twitter.com\/hashtag\/Syrian?src=hash&amp;ref_src=twsrc%5Etfw\" >#Syrian<\/a> government to help Israel <a target=\"_blank\" href=\"https:\/\/t.co\/e93JddH9nv\" >https:\/\/t.co\/e93JddH9nv<\/a> <a target=\"_blank\" href=\"https:\/\/twitter.com\/hashtag\/syria?src=hash&amp;ref_src=twsrc%5Etfw\" >#syria<\/a> <a target=\"_blank\" href=\"https:\/\/twitter.com\/hashtag\/iran?src=hash&amp;ref_src=twsrc%5Etfw\" >#iran<\/a> <a target=\"_blank\" href=\"https:\/\/twitter.com\/hashtag\/saudi?src=hash&amp;ref_src=twsrc%5Etfw\" >#saudi<\/a> <a target=\"_blank\" href=\"https:\/\/t.co\/yZysFuOT2H\" >pic.twitter.com\/yZysFuOT2H<\/a><\/p>\n<p>&mdash; WikiLeaks (@wikileaks) <a target=\"_blank\" href=\"https:\/\/twitter.com\/wikileaks\/status\/710818660298919936?ref_src=twsrc%5Etfw\" >March 18, 2016<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>In fact, as the State Department\u2019s website makes clear, that text was sent to Clinton as an attachment to <a target=\"_blank\" href=\"https:\/\/foia.state.gov\/searchapp\/DOCUMENTS\/HRCEmail_NovWeb\/293\/DOC_0C05794497\/C05794497.pdf\" >a 2012 email from James Rubin<\/a>, who served in Bill Clinton\u2019s administration. Reading the email, Rubin attached his draft piece to make it clear that he hoped his essay \u2014 which was later published in slightly revised form by <em>Foreign Policy<\/em> \u2014 would convince the Obama administration to help Syrian rebels topple Bashar al-Assad largely to \u201cforestall the biggest danger on the horizon, that Israel launches a surprise attack on Iran\u2019s nuclear facilities.\u201d<\/p>\n<p>Rubin also made it clear in his email that he did not think Clinton shared his view of the situation at that time. \u201cI know you may not agree,\u201d he wrote, \u201cbut I thought it was better to share this with you first as at least a new way to look at the problem.\u201d<\/p>\n<p>Unfortunately, the way WikiLeaks described Rubin\u2019s draft op-ed as one of \u201cHillary Emails\u201d sowed confusion online and led to <a target=\"_blank\" href=\"http:\/\/newobserveronline.com\/clinton-destroy-syria-israel\/\" >outraged blog posts<\/a> and <a target=\"_blank\" href=\"http:\/\/sputniknews.com\/us\/20160323\/1036788250\/clinton-email-assad-ouster.html\" >Russian news reports<\/a> that mistakenly credited Assange\u2019s group with revealing the text of a bombshell email from Clinton that offered insight into her thinking.<\/p>\n<p>Despite concerns that the group\u2019s own annotation of documents related to Clinton might be at times muddled, in his \u201cDemocracy Now\u201d interview, Assange defended his decision not to \u201cestablish partnerships with the <em>New York Times<\/em> or the <em>Washington Post<\/em>,\u201d as he has done in the past to ensure that leaked\u00a0documents would come to light not only\u00a0in raw form but also\u00a0accompanied by some analysis from political or national security reporters.<\/p>\n<p>Working with the editorial staffs of those newspapers on material like this \u201cmight be counterproductive,\u201d Assange said, \u201cbecause they are partisans of one group or another.\u201d<\/p>\n<p>_________________________________________<\/p>\n<p><em><a target=\"_blank\" href=\"https:\/\/theintercept.com\/staff\/robertmackey\/\" >Robert Mackey<\/a> &#8211; <a href=\"mailto:robert.mackey@theintercept.com\">\u2709robert.mackey@theintercept.com<\/a><\/em><\/p>\n<p><a target=\"_blank\" href=\"https:\/\/theintercept.com\/2016\/07\/26\/russian-intelligence-hack-dnc-nsa-know-snowden-says\/\" >Go to Original \u2013 theintercept.com<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>The NSA has tools that should make it possible to trace the source of the hack. Even though the Director of National Intelligence usually opposes making such evidence public, he argued, this is a case in which the agency should do so, if only to discourage future attacks.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[60],"tags":[],"class_list":["post-76908","post","type-post","status-publish","format-standard","hentry","category-whistleblowing-surveillance"],"_links":{"self":[{"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/posts\/76908","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/comments?post=76908"}],"version-history":[{"count":0,"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/posts\/76908\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/media?parent=76908"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/categories?post=76908"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/tags?post=76908"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}