Visitor put up by Larry C. Johnson
Particular Counsel Robert Mueller’s report insists that Guccifer 2.Zero and DCLeaks had been created by Russia’s navy intelligence group, the GRU, as a part of a Russian plot to meddle within the U.S. 2016 Presidential Election. However it is a lie.
Guccifer 2.Zero and DCLeaks had been created by Brennan’s CIA and this motion by the CIA must be a goal of U.S. Legal professional John Durham’s investigation. Let me clarify why.
Allow us to begin with the January 2017 Intelligence Neighborhood Evaluation aka ICA. Solely three businesses of the 17 within the U.S. intelligence group contributed to and coordinated on the ICA–the FBI, the CIA and NSA. Within the preamble to the ICA, you may learn the next clarification about methodology:
When Intelligence Neighborhood analysts use phrases comparable to “we assess” or “we choose,” they’re conveying an analytic evaluation or judgment
To be clear, the phrase,“We assess”, is intel group jargon for “opinion”. If there was precise proof or supply materials for a judgment the author of the evaluation would state, “In keeping with a dependable supply” or “educated supply” or “documentary proof.”
Pay shut consideration to what the analysts writing the ICA said concerning the GRU and Guccifer 2.Zero and DCLeaks:
We assess with excessive confidence that the GRU used the Guccifer 2.Zero persona, DCLeaks.com, and WikiLeaks to launch US sufferer information obtained in cyber operations publicly and in exclusives to media shops.
- Guccifer 2.0, who claimed to be an unbiased Romanian hacker, made a number of contradictory statements and false claims about his seemingly Russian identification all through the election. Press reporting suggests a couple of particular person claiming to be Guccifer 2.Zero interacted with journalists.
- Content material that we assess was taken from e-mail accounts focused by the GRU in March 2016 appeared on DCLeaks.com beginning in June.
We assess with excessive confidence that the GRU relayed materials it acquired from the DNC and senior Democratic officers to WikiLeaks. Moscow most definitely selected WikiLeaks due to its self-proclaimed status for authenticity. Disclosures by way of WikiLeaks didn’t include any evident forgeries.
Not one piece of corroborating intelligence. It’s all primarily based on opinion and powerful perception. There was no human supply report or digital intercept pointing to a relationship between the GRU and the 2 alleged creations of the GRU–Guccifer 2.Zero persona and DCLeaks.com.
Now take into account the spin that Robert Mueller placed on this opinion in his report on doable collusion between the Trump marketing campaign and the Russians. Mueller bluffs the unsuspecting reader into believing that it’s a incontrovertible fact that Guccifer 2.Zero and DCLeaks had been Russian belongings. However he’s counting on a mere opinion from a handpicked group of intel analysts working beneath the course of then CIA Director John Brennan.
Right here’s Mueller’s take (I apologize for the prolonged quote however it can be crucial that you just learn how the Mueller workforce presents this):
“The GRU started planning the releases not less than as early as April 19, 2016, when Unit 26165 registered the area dcleaks.com by way of a service that anonymized the registrant.137 Unit 26165 paid for the registration utilizing a pool of bitcoin that it had mined.138 The dcleaks.com touchdown web page pointed to totally different tranches of stolen paperwork, organized by sufferer or subject material. Different dcleaks.com pages contained indexes of the stolen emails that had been being launched (bearing the sender, recipient, and date of the e-mail). To regulate entry and the timing of releases, pages had been typically password-protected for a time frame and later made unrestricted to the general public.
Beginning in June 2016, the GRU posted stolen paperwork onto the web site dcleaks.com, together with paperwork stolen from a variety of people related to the Clinton Marketing campaign. These paperwork appeared to have originated from private e-mail accounts (particularly, Google and Microsoft accounts), moderately than the DNC and DCCC laptop networks. DCLeaks victims included an advisor to the Clinton Marketing campaign, a former DNC worker and Clinton Marketing campaign worker, and 4 different marketing campaign volunteers.139 The GRU launched by way of dcleaks.com hundreds of paperwork, together with private figuring out and monetary info, inside correspondence associated to the“Clinton Marketing campaign and prior political jobs, and fundraising information and data.140
GRU officers operated a Fb web page beneath the DCLeaks moniker, which they primarily used to advertise releases of supplies.141 The Fb web page was administered by way of a small variety of preexisting GRU-controlled Fb accounts.142
GRU officers additionally used the DCLeaks Fb account, the Twitter account @dcleaks__, and the e-mail account [email protected] to speak privately with reporters and different U.S. individuals. GRU officers utilizing the DCLeaks persona gave sure reporters early entry to archives of leaked information by sending them hyperlinks and passwords to pages on the dcleaks.com web site that had not but develop into public. For instance, on July 14, 2016, GRU officers working beneath the DCLeaks persona despatched a hyperlink and password for a personal DCLeaks webpage to a U.S. reporter by way of the Fb account.143 Equally, on September 14, 2016, GRU officers despatched reporters Twitter direct messages from @dcleaks_, with a password to a different personal a part of the dcleaks.com web site.144
The dcleaks.com web site remained operational and public till March 2017.”
On June 14, 2016, the DNC and its cyber-response workforce introduced the breach of the DNC community and suspected theft of DNC paperwork. Within the statements, the cyber-response workforce alleged that Russian state-sponsored actors (which they known as “Fancy Bear”) had been accountable for the breach.145 Apparently in response to that announcement, on June 15, 2016, GRU officers utilizing the persona Guccifer 2.Zero created a WordPress weblog. Within the hours main as much as the launch of that WordPress weblog, GRU officers logged right into a Moscow-based server used and managed by Unit 74455 and looked for a variety of particular phrases and phrases in English, together with “some hundred sheets,” “illuminati,” and “worldwide identified.” Roughly two hours after the final of these searches, Guccifer 2.Zero revealed its first put up, attributing the DNC server hack to a lone Romanian hacker and utilizing a number of of the distinctive English phrases and phrases that the GRU officers had looked for that day.146
That very same day, June 15, 2016, the GRU additionally used the Guccifer 2.Zero WordPress weblog to start releasing to the general public paperwork stolen from the DNC and DCCC laptop networks.
The Guccifer 2.Zero persona finally launched hundreds of paperwork stolen from the DNC and DCCC in a collection of weblog posts between June 15, 2016 and October 18, 2016.147 Launched paperwork included opposition analysis carried out by the DNC (together with a memorandum analyzing potential criticisms of candidate Trump), inside coverage paperwork (comparable to suggestions on find out how to handle politically delicate points), analyses of particular congressional races, and fundraising paperwork. Releases had been organized round thematic points, comparable to particular states (e.g., Florida and Pennsylvania) that had been perceived as aggressive within the 2016 U.S. presidential election.
Starting in late June 2016, the GRU additionally used the Guccifer 2.Zero persona to launch paperwork on to reporters and different people. Particularly, on June 27, 2016, Guccifer 2.Zero despatched an e-mail to the information outlet The Smoking Gun providing to offer “unique entry to some leaked emails linked [to] Hillary Clinton’s workers.”148 The GRU later despatched the reporter a password and hyperlink to a locked portion of the dcleaks.com web site that contained an archive of emails stolen by Unit 26165 from a Clinton Marketing campaign volunteer in March 2016.149 “That the Guccifer 2.Zero persona offered reporters entry to a restricted portion of the DCLeaks web site tends to point that each personas had been operated by the identical or a closely-related group of individuals.150
The GRU continued its launch efforts by way of Guccifer 2.Zero into August 2016. For instance, on August 15, 2016, the Guccifer 2.Zero persona despatched a candidate for the U.S. Congress paperwork associated to the candidate’s opponent.151 On August 22, 2016, the Guccifer 2.Zero persona transferred roughly 2.5 gigabytes of Florida-related information stolen from the DCCC to a U.S. blogger overlaying Florida politics.152 On August 22, 2016, the Guccifer 2.Zero persona despatched a U.S. reporter paperwork stolen from the DCCC pertaining to the Black Lives Matter motion.153”
Wow. Sounds fairly convincing. The paperwork referencing communications by DCLeaks or Guccifer 2.Zero with Wikileaks are actual. What is just not true is that these entities had been GRU belongings.
In October 2015 John Brennan reorganized the CIA. As a part of that reorganization he created a brand new directorate–DIRECTORATE OF DIGITAL INNOVATION. Its mission was to “manipulate digital footprints.” In different phrases, this was the Directorate that did the work of making Guccifer 2.Zero and DCLeaks. Considered one of their specialties, creating Digital Mud.
We additionally know, because of Wikileaks, that the CIA was utilizing software program particularly designed to masks CIA exercise and make it seem prefer it was executed by a international entity. Wikipedia describes the Vault 7 paperwork:
Vault 7 is a collection of paperwork that WikiLeaks started to publish on 7 March 2017, that element actions and capabilities of america’ Central Intelligence Company to carry out digital surveillance and cyber warfare. The information, dated from 2013–2016, embrace particulars on the company’s software program capabilities, comparable to the power to compromise automobiles, sensible TVs, internet browsers (together with Google Chrome, Microsoft Edge, Mozilla Firefox, and Opera Software program ASA), and the working techniques of most smartphones (together with Apple’s iOS and Google’s Android), in addition to different working techniques comparable to Microsoft Home windows, macOS, and Linux[6
One of many instruments in Vault 7 carries the innocuous title, MARBLE. Hackernews explainsthe goal and performance of MARBLE:
Dubbed “Marble,” the half three of CIA information incorporates 676 supply code information of a secret anti-forensic Marble Framework, which is principally an obfuscator or a packer used to cover the true supply of CIA malware.
The CIA’s Marble Framework software consists of quite a lot of totally different algorithm with international language textual content deliberately inserted into the malware supply code to idiot safety analysts and falsely attribute assaults to the flawed nation.
Marble is used to hamper[ing] forensic investigators and anti-virus firms from attributing viruses, trojans and hacking assaults to the CIA,” says the whistleblowing web site.
“…for instance by pretending that the spoken language of the malware creator was not American English, however Chinese language, however then exhibiting makes an attempt to hide the usage of Chinese language, drawing forensic investigators much more strongly to the flawed conclusion,” WikiLeaks explains.
So guess what gullible techies “found” in mid-June 2016? The meta information within the Guccifer 2.Zero communications had “Russian fingerprints.”
We nonetheless don’t know who he’s or whether or not he works for the Russian authorities, however one factor is for positive: Guccifer 2.0—the nom de guerre of the particular person claiming he hacked the Democratic Nationwide Committee and revealed tons of of pages that appeared to show it—left behind fingerprints implicating a Russian-speaking particular person with a nostalgia for the nation’s misplaced Soviet period.
Exhibit A within the case is that this doc created and later edited within the ubiquitous Microsoft Phrase format. Metadata left contained in the file reveals it was final edited by somebody utilizing the pc title “Феликс Эдмундович.” Meaning the pc was configured to make use of the Russian language and that it was related to a Russian-language keyboard. Extra intriguing nonetheless, “Феликс Эдмундович” is the colloquial title that interprets to Felix Dzerzhinsky, the 20th Century Russian statesman who’s greatest identified for founding the Soviet secret police. (The metadata additionally reveals that the purported DNC technique memo was initially created by somebody named Warren Flood, which occurs to be the title of a LinkedIn person claiming to offer technique and information analytics providers to Democratic candidates.)
Simply use your frequent sense. If the Russians had been actually making an attempt to hold out a covert cyberattack, do you actually assume they’re so sloppy and incompetent to insert the title of the creator of the Soviet secret police within the metadata? No. The Russians aren’t clowns. This was a careless try to border the Russians.
Why would the CIA do that? The CIA knew that Podesta’s emails had been hacked and had been circulating on the web. However that they had no proof concerning the identification of the wrongdoer. If that they had such proof, they’d have cited it within the 2017 ICA.
The U.S. intelligence group turned conscious round Could 26, 2016 that somebody with entry to the DNC community was providing these emails to Julian Assange and Wikileaks. Julian Assange and individuals who spoke to him point out that the particular person was Seth Wealthy. Whether or not or not it was Seth, the Trump Job Drive at CIA was conscious that the emails, which might be embarrassing to the Clinton marketing campaign, could be launched at a while sooner or later. Therefore the motive to create Guccifer 2.Zero and pin the blame on Russia.
It’s important to recall the timeline of the alleged Russian intrusion into the DNC community. The one supply for the declare that Russia hacked the DNC is a non-public cyber safety agency, CrowdStrike. Right here is the timeline for the DNC “hack.”
Listed below are the info on the general public file. They’re at odds with the claims of the Intelligence Neighborhood:
- It was 29 April 2016, when the DNC claims it turned conscious its servers had been penetrated. No declare but about who was accountable. And no declare that there had been a previous warning by the FBI of a penetration of the DNC by Russian navy intelligence.
- In keeping with CrowdStrike founder, Dimitri Alperovitch, his firm first supposedly detected the Russians mucking round contained in the DNC server on 6 Could 2016. A CrowdStrike intelligence analyst reportedly instructed Alperovitch that:
- Falcon had recognized not one however two Russian intruders: Cozy Bear, a bunch CrowdStrike’s specialists believed was affiliated with the FSB, Russia’s reply to the CIA; and Fancy Bear, which that they had linked to the GRU, Russian navy intelligence.
- The Wikileaks information reveals that the final message copied from the DNC community is dated Wed, 25 Could 2016 08:48:35.
- 10 June 2016–CrowdStrike waited till 10 June 2016 to take concrete steps to wash up the DNC community. Alperovitch instructed Esquire’s Vicky Ward that: ‘Finally, the groups determined it was needed to switch the software program on each laptop on the DNC. Till the community was clear, secrecy was important. On the afternoon of Friday, June 10, all DNC workers had been instructed to depart their laptops within the workplace.”
- On June 14, 2016, Ellen Nakamura, a Washington Submit reporter who had been briefed by laptop safety firm employed by the DNC—Crowdstrike–, wrote:
- Russian authorities hackers penetrated the pc community of the Democratic Nationwide Committee and gained entry to the whole database of opposition analysis on GOP presidential candidate Donald Trump, in response to committee officers and safety specialists who responded to the breach.
- The intruders so totally compromised the DNC’s system that in addition they had been in a position to learn all e-mail and chat site visitors, mentioned DNC officers and the safety specialists.
- The intrusion into the DNC was certainly one of a number of focusing on American political organizations. The networks of presidential candidates Hillary Clinton and Donald Trump had been additionally focused by Russian spies, as had been the computer systems of some Republican political motion committees, U.S. officers mentioned. However particulars on these instances weren’t accessible.
- 15 June, 2016, an web “character” self-described as Guccifer 2.Zero surfaces and claims to be accountable for the hacks however denies being Russian. The folks/entity behind Guccifer 2.0:
- Used a Russian VPN service supplier to hide their identification.
- Created an e-mail account with AOL.fr (a service that exposes the sender’s IP handle) and contacted the press (exposing his VPN IP handle within the course of).
- Contacted numerous media shops by way of this arrange and claimed credit score for hacking the DNC, sharing copies of information purportedly from the hack (certainly one of which had Russian error messages embedded in them) with reporters from Gawker, The Smoking Gun and different shops.
- Carried out searches for phrases that had been principally in English, a number of of which would seem in Guccifer 2.0’s first weblog put up. They selected to do that by way of a server primarily based in Moscow. (that is from the indictment,
“On or about June 15, 2016, the Conspirators logged right into a Moscow-based server used and managed by Unit 74455”)
- Created a weblog and made an preliminary weblog put up claiming to have hacked the DNC, offering hyperlinks to numerous paperwork as proof.
- Carelessly dropped a “Russian Smiley” into his first weblog put up.
- Managed so as to add the title “Феликс Эдмундович” (which interprets to Felix Dzerzhinsky, often known as “Iron Felix”) to the metadata of a number of paperwork. (A number of sources went past what the proof reveals and made claims about Guccifer 2.Zero utilizing a Russian keyboard, nonetheless, these claims are simply assumptions made in response to the presence of cyrillic characters.)
The one factor that the Guccifer 2.Zero character didn’t do to declare its Russian heritage was to take out full web page adverts within the New York Occasions and Washington Submit. However the “forensic” fingerprints that Guccifer 2.Zero was forsaking is just not the one inexplicable occasion.
Time for the frequent sense commonplace once more. Crowdstrike detected the Russians on the sixth of Could, in response to CEO Dimitri Alperovitch, however took no steps to shutdown the community, get rid of the malware and clear the computer systems till 34 days later, i.e., the 10th of June. That’s 34 days of inexcusable inaction.
It’s only AFTER Julian Assange declares on 12 June 2016 that WikiLeaks has emails referring to Hillary Clinton that DCLeaks or Guccifer 2.Zero attempt to contact Assange.
The actions attributed to DCLeaks and Guccifer 2.Zero must be precedence investigative targets for U.S. Legal professional John Durham’s workforce of investigators. . It must be executed. The one intelligence company that proof signifies was meddling by way of cyber assaults within the 2016 Presidential election was the CIA, not the GRU.