US Intel Vets Dispute Russia Hacking Claims

As the hysteria about Russia’s alleged interference in the U.S. election grows, a key mystery is why U.S. intelligence would rely on “circumstantial evidence” when it has the capability for hard evidence, say U.S. intelligence veterans.

Veteran Intelligence Professionals for Sanity
Allegations of Hacking Election Are Baseless

A New York Times report on Monday alluding to “overwhelming circumstantial evidence” leading the CIA to believe that Russian President Vladimir Putin “deployed computer hackers with the goal of tipping the election to Donald J. Trump” is, sadly, evidence-free. This is no surprise, because harder evidence of a technical nature points to an inside leak, not hacking – by Russians or anyone else.

Monday’s Washington Post reports that Sen. James Lankford, R-Oklahoma, a member of the Senate Intelligence Committee, has joined other senators in calling for a bipartisan investigation of suspected cyber-intrusion by Russia. Reading our short memo could save the Senate from endemic partisanship, expense and unnecessary delay.

In what follows, we draw on decades of senior-level experience – with emphasis on cyber-intelligence and security – to cut through uninformed, largely partisan fog. Far from hiding behind anonymity, we are proud to speak out with the hope of gaining an audience appropriate to what we merit – given our long labors in government and other areas of technology. And corny though it may sound these days, our ethos as intelligence professionals remains, simply, to tell it like it is – without fear or favor.

We have gone through the various claims about hacking. For us, it is child’s play to dismiss them. The email disclosures in question are the result of a leak, not a hack. Here’s the difference between leaking and hacking:

Leak: When someone physically takes data out of an organization and gives it to some other person or organization, as Edward Snowden and Chelsea Manning did.

Hack: When someone in a remote location electronically penetrates operating systems, firewalls or any other cyber-protection system and then extracts data.

All signs point to leaking, not hacking. If hacking were involved, the National Security Agency would know it – and know both sender and recipient.

In short, since leaking requires physically removing data – on a thumb drive, for example – the only way such data can be copied and removed, with no electronic trace of what has left the server, is via a physical storage device.

Awesome Technical Capabilities

Again, NSA is able to identify both the sender and recipient when hacking is involved. Thanks largely to the material released by Edward Snowden, we can provide a full picture of NSA’s extensive domestic data-collection network including Upstream programs like Fairview, Stormbrew and Blarney. These include at least 30 companies in the U.S. operating the fiber networks that carry the Public Switched Telephone Network as well as the World Wide Web. This gives NSA unparalleled access to data flowing within the U.S. and data going out to the rest of the world, as well as data transiting the U.S.

In other words, any data that is passed from the servers of the Democratic National Committee (DNC) or of Hillary Rodham Clinton (HRC) – or any other server in the U.S. – is collected by the NSA. These data transfers carry destination addresses in what are called packets, which enable the transfer to be traced and followed through the network.

Packets: Emails being passed across the World Wide Web are broken down into smaller segments called packets. These packets are passed into the network to be delivered to a recipient. This means the packets need to be reassembled at the receiving end.

To accomplish this, all the packets that form a message are assigned an identifying number that enables the receiving end to collect them for reassembly. Moreover, each packet carries the originator and ultimate receiver Internet protocol number (either IPV4 or IPV6) that enables the network to route data.

When email packets leave the U.S., the other “Five Eyes” countries (the U.K., Canada, Australia, and New Zealand) and the seven or eight additional countries participating with the U.S. in bulk-collection of everything on the planet would also have a record of where those email packets went after leaving the U.S.

These collection resources are extensive; they include hundreds of trace route programs that trace the path of packets going across the network and tens of thousands of hardware and software implants in switches and servers that manage the network. Any emails being extracted from one server going to another would be, at least in part, recognizable and traceable by all these resources.

The bottom line is that the NSA would know where and how any “hacked” emails from the DNC, HRC or any other servers were routed through the network. This process can sometimes require a closer look into the routing to sort out intermediate clients, but in the end sender and recipient can be traced across the network.

The various ways in which usually anonymous spokespeople for U.S. intelligence agencies are equivocating – saying things like “our best guess” or “our opinion” or “our estimate” etc. – shows that the emails alleged to have been “hacked” cannot be traced across the network. Given NSA’s extensive trace capability, we conclude that DNC and HRC servers alleged to have been hacked were, in fact, not hacked.

The evidence that should be there is absent; otherwise, it would surely be brought forward, since this could be done without any danger to sources and methods. Thus, we conclude that the emails were leaked by an insider – as was the case with Edward Snowden and Chelsea Manning. Such an insider could be anyone in a government department or agency with access to NSA databases, or perhaps someone within the DNC.

As for the comments to the media as to what the CIA believes, the reality is that CIA is almost totally dependent on NSA for ground truth in the communications arena. Thus, it remains something of a mystery why the media is being fed strange stories about hacking that have no basis in fact. In sum, given what we know of NSA’s existing capabilities, it beggars belief that NSA would be unable to identify anyone – Russian or not – attempting to interfere in a U.S. election by hacking.

For the Steering Group, Veteran Intelligence Professionals for Sanity (VIPS):

  • William Binney, former Technical Director, World Geopolitical & Military Analysis, NSA; co-founder, SIGINT Automation Research Center (ret.)
  • Mike Gravel, former Adjutant, top secret control officer, Communications Intelligence Service; special agent of the Counter Intelligence Corps and former United States Senator
  • Larry Johnson, former CIA Intelligence Officer & former State Department Counter-Terrorism Official
  • Ray McGovern, former US Army infantry/intelligence officer & CIA analyst (ret.)
  • Elizabeth Murray, Deputy National Intelligence Officer for Middle East, CIA (ret.)
  • Kirk Wiebe, former Senior Analyst, SIGINT Automation Research Center, NSA (ret.)

Reprinted from Consortium News with permission.

13 thoughts on “US Intel Vets Dispute Russia Hacking Claims”

  1. Any bets on why we haven’t heard anything close to this from the mainstream/cable media “expert analysts?” Perhaps they’re not smart enough…or maybe they’ve got a narrative to push? Both maybe?

    1. this is saying a whole lot of nothing, and manipulating quotes while claiming to be “telling it like it is” to make an excedingly weak argument look better. “The intelligence sources quoted in MSM are using equivocal language and ‘circumstantial evidence’ for the hack”–> the quote from NYT at the beginning is deliberately misleading– the circumstantial evidence is for the *motive to help Trump win* not that the Russians hacked the DNC, the hack is direct evidence that contributes to the circumstantial evidence, in the NYT article being misused. “They can only have used such equivocal language bc they didn’t have direct evidence.” Why?You can’t use the phrase “our best guess” if the NSA confirmed a Russian hack? Physically impossible? And why can’t they cite a source for all this equivocation besides the NYT article that says something contradicting what they quote it as saying? Not to mention the basic thesis that every transaction on the internet is recorded by the NSA, and is retrievable such that ANY and ALL data moving through the network can be pinpointed for IN and OUT points and the stream through which it moved. The NSA sees all hacks bc it sees all transmissions, so it would know. Then, it would necessarily share that information– not keep it secret from other intel agencies or the public, bc it doesnt pose a danger to methods or means. Why? Hell if I know, they just say it doesn’t. And also mention that we only know about all this data collecting bc of Edward Snowden (who Trumps nom for CIA head, Mike Pompeo, said should be tried and executed) LEAKING SECRETS that the NSA didnt want out. So now, the NSA not only doesnt think it dangerous to reveal products of massive secret spying, but will of NECESSITY do so, such that we know if (A) anonymous source uses wishy-washy language [which they don’t cite to any, the source cited say opposite] there can be NO NSA confirmation of a hack (B) if no NSA confirmation, NO HACK bc [C] NSA sees all internet traffic, records, and can search and analyze. “Any goverment officia”l with access to the database could have leaked DNC information, which how you could get Podesta’s email just bc you have an NSA databases is beyond me, unless they really are saying that NSA has everything ever transmitted (since the giant domestic spying op began) stored with search function and retrieval. [If NSA doesn’t confirm, no hack.] why coudlnt the NSA have the info and not confirm? Why couldnt a source say something equivocal but neverthless have NSA confirmation? Why is the “there’s no evidence” claim so strong against the MSM, when there’s no evidence here either except from Snowden leaks ? We should just buy it bc they are old retired spies and secret police, who “tell it like it is”? CIA tells it like it is? Isn’t that the whole issue with this story… but now the old retired people with no more access have the whole thing figured out. I’m dissappointed to see Mike Gravel’s name and this organization attached to this useless nonsense, why are they spinning Putin’s counter-narrative [like Assange and this Murray character who now is ready to tell you what happened, but for months of “Hillary’s Emails Hacked and Wikileaked” there ain’t anything to say, bc it serves partisan purposes to let the misleading headlines fly all over the internet. I don’t think th e “Obama/Hillary want a new cold war” is a proper assessment, Putin is winning the new cold war. Truth is devalued, partisan propaganda is everywhere, power can be consolidated and held in these circumstances.

    2. Crowdstrike is making billions in government contracts to keep ‘the system’ safe from hackers? Imagine how many serious hacks they have stopped!

  2. I dunno. I’m thinking the FBI, the CIA, and the 15 *other* domestic intelligence agencies which have said it’s a “hack”, not a “leak” might be a little closer to it than a few retired workers who haven’t seen the actual intel on this. But then maybe the conspiracy theorists will be right, and this roundtable of retirees will know more than the hundreds of others who are actually in the loop these days.

      1. This is all disgusting liberal politics to obstruct the Electoral College process. They were ranting this weekend that the Federalist Paper #68 says the POTUS should not be holding to a foreign government. The hacking shows that Trump is corrupted. Thus, the EC should vote against Trump.

        1. Your doctor needs to reevaluate your meds regime ….. As we now know, the witch lost more electors than the Don.

    1. Crowdstrike – which specializes in selling anti-hacking services – said it was a hack. The security agencies have been circulating that story to develop some credibility and truthiness.

    2. Still no official word from intelligence agencies. Only anonymous sources within the agencies. More fake news from the mainstream media!!

Comments are closed.