Jump to content

That Cyber Thread


17D_guy

Recommended Posts

"In spring 2016, APT28 compromised the same political party, again via targeted spearphishing.  This time, the spearphishing email tricked recipients into changing their passwords through a fake webmail domain hosted on APT28 operational infrastructure. Using the harvested credentials, APT28 was able to gain access and steal content, likely leading to the exfiltration of information from multiple senior party members."

Were the compromised folks up to date on their cyberawareness challenge?  If so, they should turn their trophies in.

Edited by HU&W
  • Upvote 1
Link to comment
Share on other sites

2 hours ago, tac airlifter said:

That is a weak ass report.  No offense meant to you, and thanks for posting it.  80% generic advice of how to prevent obvious future attempted intrusions.  Zero evidence to incriminate Russia.  I would hope a parallel classified report with actual proof exists because there are enduring diplomatic consequences for this kind of accusation; we'd better be damn certain of the truth.  Wasn't the ODNI created exactly to provide certainty in these situations?

 

US CERT posted the indicators (IPs, etc) in a CSV/XML file accompanying the report at https://www.us-cert.gov/security-publications/GRIZZLY-STEPPE-Russian-Malicious-Cyber-Activity

  • Upvote 1
Link to comment
Share on other sites

5 hours ago, tac airlifter said:

  80% generic advice of how to prevent obvious future attempted intrusions

I won't comment on the report yet, since I've yet to read it.  But this idea has been floating around about how these emails and links are obvious.  This wasn't a Nigerian scam, it was legit Intel Exploitation by a foreign state.  I guess, unless you're in the incoming admin, then it was magic 400-lbs cyber-faries. 

You can look at the email Podesta received here along with the phishing site link.  I was fooled briefly, which makes sense since these guys, cough...Russia...cough, are pros.

Link to comment
Share on other sites

7 hours ago, Jaded said:

The second sentence is "However, public attribution of these activities to RIS is supported by technical indicators from the U.S. Intelligence Community, DHS, FBI, the private sector, and other entities." You want details in an unclassified report? Do you have any idea how this stuff works? The CIA, the FBI, the "U.S. Intelligence Community," and the Department of Homeland security is all in agreement on something, and you consider that "weak ass"? What is wrong with you?

Maybe you should spend some time on SIPR before you post here again.

1. Who speaks for the "intelligence community?"  The ODNI.  No one else, that's why it was created.  So without the office charged with informing us of consensus on a topic, you cannot plausibly say the IC is in agreement on the topic.  Magnetfreezers link indicated ODNI saw evidence of senior Russian involvement in hacking as late as Oct 2016, that's legitimately serious.  I didn't see ODNI endorsement in nsplayers link, because it's not an IC report.

2. Starting at page 5, the report is generic advice on preventing future intrusions.  Yes I saw the professionalism in the phishing email sent to Podesta; 17D, I certainly appreciate your professional opinion on their tradecraft.   My point is that a report on an event which spends most of its pages not talking about the event..... seems like a weak ass report.  Jaded, you may disagree with my assessment but considering the stakes involved with publicly confronting Russia I'd prefer my international accusations have more granularity.

3. "Do I have any idea how this stuff works?"  As I said, without a parallel classified report containing actual evidence this report alone is unconvincing.  Have you read that report with actual evidence?  Or are you assuming it exists?  Or are you convinced without seeing evidence?  Regardless of your answers, this alone is not satisfactory to me.  

 

Gents, the IC Iraqi WMD reporting convinced decision makers on both sides of party lines.  It was heavy on "trust us" and weak on why, resulting in a total fiasco for our country.  This is what a loss of credibility looks like, and there have been additional major IC failures between 2003 and now.  Maybe I should re-frame it: given recent spectacular IC assessment failures, why should I believe this one?

 You may disagree and you may even be right, but unless you use an argument other than "it's secret and you'll have to trust me but I'm right" you will remain unconvincing across the spectrum of viewpoints.  And in fact, a large number of incoming policy makers seem unconvinced.  This is a real problem because potential evidence would be secret because it would expose capabilities.  I don't know how to resolve this impasse, but it's a real issue for our nation going forward.  Other than "read SIPR" (which wouldn't help on this one, BTW), I'd love to read opinions on this quandary in our republic.  How does the country learn to trust institutions that have burned us, while maintaining security required for them to function?

 Again, I'm glad that report was posted here and I appreciate the spirited discussions.  

Edited by tac airlifter
  • Upvote 2
  • Downvote 1
Link to comment
Share on other sites

6 hours ago, tac airlifter said:

1. Who speaks for the "intelligence community?"  The ODNI.  No one else, that's why it was created.  So without the office charged with informing us of consensus on a topic, you cannot plausibly say the IC is in agreement on the topic.  Magnetfreezers link indicated ODNI saw evidence of senior Russian involvement in hacking as late as Oct 2016, that's legitimately serious.  I didn't see ODNI endorsement in nsplayers link, because it's not an IC report.

Dude, you're at quibbling level MAX here.

I'm sitting here telling myself to shut up because hearing this from the token liberal member of the forums won't change your mind, but I just can't.  This should not and cannot become a partisan issue.  Russia, our chief state-actor geopolitical foe for the last 70+ years conducted a cyberattack against our country's democratic institutions and processes and we need to be unified in standing up and saying we're not going to take that lying down.

Let's review the facts:

  • The October 7th Joint DHS and ODNI Election Security Statement was put out by, you guessed it, the Department of Homeland Security and the Office of the Director of National Intelligence.  If the DNI's support seems to be what you're hung up on, go back and read that statement.  The first sentence reads, "The U.S. Intelligence Community (USIC) is confident that the Russian Government directed the recent compromises of e-mails from US persons and institutions, including from US political organizations."
  • In support of that October 7th statement, additional analysis was released yesterday.  In the second paragraph of the new Joint Analysis Report, it says, "This determination expands upon the Joint Statement released October 7, 2016, from the Department of Homeland Security and the Director of National Intelligence on Election Security."  This new JAR is a direct follow-up to the October 7th DHS/ODNI statement, meaning that both DHS and the ODNI support its conclusions, along with the entire rest of the intelligence community.

It's almost like Homeland Security and the FBI are the relevant agencies to analyze an attack on the homeland and they were tasked by the ODNI to lead the analysis that backs up the ODNI's October statement...

Let's be clear: there is only one primary incoming policymaker in particular who denies that the IC has reached a consensus or that Russia is behind the hacking...the President-Elect. His personal staffers and cabinet members are following the boss' lead.  Look at a sampling of Congressional leaders from the President-Elect's own party for some contrast:

  • Senate Majority Leader Mitch McConnell, “Any foreign breach of our cybersecurity measures is disturbing, and I strongly condemn any such efforts. The Russians are not our friends.”
  • Speaker of the House Paul Ryan, “As I’ve said before, any foreign intervention in our elections is entirely unacceptable. And any intervention by Russia is especially problematic because, under President Putin, Russia has been an aggressor that consistently undermines American interests.”
  • Senator John McCain, “We need to get to the bottom of this. There’s no doubt they [Russia] were interfering. There’s no doubt. The question is now, how much and what damage? And what should the United States of America do?”

If you'd like a bipartisan statement, on December 11th,  Senators McCain (R), Graham (R), Schumer (D) and Reed (D) said:

  • "For years, foreign adversaries have directed cyberattacks at America’s physical, economic, and military infrastructure, while stealing our intellectual property. Now our democratic institutions have been targeted. Recent reports of Russian interference in our election should alarm every American. This cannot become a partisan issue [emphasis mine]. The stakes are too high for our country. We are committed to working in this bipartisan manner, and we will seek to unify our colleagues around the goal of investigating and stopping the grave threats that cyberattacks conducted by foreign governments pose to our national security."

There's so much we can disagree on political and policy-wise in this country...let's not choose to completely disregard the facts and disagree about an attack by another hostile state upon our own.

Edited by nsplayr
  • Upvote 3
Link to comment
Share on other sites

1 hour ago, nsplayr said:

I'm sitting here telling myself to shut up because hearing this from the token liberal member of the forums won't change your mind, but I just can't.  This should not and cannot become a partisan issue.  

There's so much we can disagree on political and policy-wise in this country...let's not choose to completely disregard the facts and disagree about an attack by another hostile state upon our own.

Good post.  I'll have time for a longer reply later, but definitely don't shut up on the topic.  I enjoy your posts and come here to have my opinions challenged, not for an echo chamber.  Surely you realize that in our hyper partisan world, every event is politicized.  How do you think republicans feel when Benghazi is discussed? 

Again, I'll send a better reply soon but for now suffice to say I like your posts, read them all, and enjoy your perspective.

  • Upvote 1
Link to comment
Share on other sites

Meanwhile this is the incoming administration's response - 
 

I try to be optimistic about this change from D to R... but things like this really drag down any confidence I have that we're going to have a better foreign policy/cyber policy goals.

 

This one too - 

 

Edited by 17D_guy
Link to comment
Share on other sites

7 hours ago, tac airlifter said:

Good post.  I'll have time for a longer reply later, but definitely don't shut up on the topic.  I enjoy your posts and come here to have my opinions challenged, not for an echo chamber.  Surely you realize that in our hyper partisan world, every event is politicized.  How do you think republicans feel when Benghazi is discussed? 

Again, I'll send a better reply soon but for now suffice to say I like your posts, read them all, and enjoy your perspective.

I'm all for being skeptical of political decisions... but what do you want them to release? Should we release the target pack slides for every HVI or ISIL weapons factory that gets shwacked?

Link to comment
Share on other sites

I'm all for being skeptical of political decisions... but what do you want them to release? Should we release the target pack slides for every HVI or ISIL weapons factory that gets shwacked?

No, but when you're making decisions that could push us closer to conflict with Russia about some DNC shenanigans that should have been unearthed by an investigative journalist worth their salt, it seems warranted to provide some real justification.
  • Upvote 1
Link to comment
Share on other sites

9 hours ago, nsplayr said:

Russia, our chief state-actor geopolitical foe for the last 70+ years conducted a cyberattack against our country's democratic institutions and processes

NS, overall I agree with and appreciate your post.  The one place I disagree is quoted above, and it's semantics.  Did they really hack our democratic institutions and processes?  They didn't actually change any votes, influence voting machines, or manipulate the election day vote counts.  Certainly they maliciously uncovered and exposed the dirty laundry of one of the political parties, but the laundry was already made dirty (and hidden) by that party.  Had our investigative media done what is arguably their job and been willing to bring this information to the fore, we'd be celebrating the exposure.  In the absence of an independent media, however, average Americans were left to rely on normally unthinkable sources, and the DNC's arrogant reaction certainly didn't help things. 

  • Upvote 5
Link to comment
Share on other sites

39 minutes ago, HU&W said:

Did they really hack our democratic institutions and processes?  They didn't actually change any votes, influence voting machines, or manipulate the election day vote counts.  Certainly they maliciously uncovered and exposed the dirty laundry of one of the political parties, but the laundry was already made dirty (and hidden) by that party.  Had our investigative media done what is arguably their job and been willing to bring this information to the fore, we'd be celebrating the exposure.  In the absence of an independent media, however, average Americans were left to rely on normally unthinkable sources, and the DNC's arrogant reaction certainly didn't help things. 

I'll agree that there is no evidence Russia was able to affect the actual votes, I don't think anyone is really claiming that they did. The election results were what they were. #MAGA

That being said, it's not like they didn't try. More than 20 states faced cyberthreats during the election, although as is pointed out in the story, state databases and digital systems are probed  and pinged pretty much constantly.  Luckily for us all our election systems are very, very decentralized and our state election cyber folks seem to have better security practices than the inept idiots at the DNC.

I would argue that our major political parties and political campaigns are a part of our "democratic institutions."  They have confidential data about our national leaders as well as future Presidents.  Parties have opposition research on both the other guys as well as their own candidate - potential health issues, financial vulnerabilities, non-public financial disclosures, strength/weakness assessments, etc.  As long as we run elections through political parties, I don't want the Russians or any other foreign country or group to have access to that kind of data, data that can be used against an incoming Presidential administration or the country as a whole.

John Podesta's emails would not have been "revealed" by an investigative journalist...the Russians literally hacked his password through spearphishing.  If a journalist would have done that, they would be put in jail.  So yea, sunshine is the best disinfectant, but it's a slippery slope to wish for your adversary's "dirty laundry" to be aired via hacking.  Marco Rubio, whom I disagree with on many things, had the right take on this.  He said:

  • “I will not discuss any issue that has become public solely on the basis of Wikileaks.  As our intelligence agencies have said, these leaks are an effort by a foreign government to interfere with our electoral process and I will not indulge it. Further, I want to warn my fellow Republicans who may want to capitalize politically on these leaks: Today it is the Democrats. Tomorrow it could be us. Just think about this: Do we really want to be a country where foreign leaders or foreign intelligence agencies can blackmail our elected officials and say to them that unless you do what we want you to do, we’re gonna release emails from your campaign manager, your wife, your daughter, your son, and we’re gonna embarrass you. So unless you wanna be embarrassed you better do what we want you to do. Is that what we want? Because I’ll tell you that’s what Vladimir Putin does. I think there’s plenty of material in which to line up and take on Secretary Clinton. I think this one is an invitation to chaos and havoc in the future."
  • Upvote 3
Link to comment
Share on other sites

 

21 minutes ago, Kiloalpha said:

It also means that myself and others aren't convinced when a conclusion with deep implications appears out of nowhere, without any evidence.

It's almost like there should have been some kind of warning given or some reporting on this...

  • The FBI informed the DNC that one of their computer systems has been compromised by Russian-linked hackers. Link. from 13 Dec 2016, but referencing FBI actions in September of 2015.
  • In April 2016 DNC leadership finally wised-up that their systems were compromised, and in May they hired a private cyber security firm to help them.  Link from 25 Jul 16
  • Intel agencies report to the White House that they had "high confidence" that Russia was behind the DNC hack.  Link from 26 Jul 16
  • More reporting on Russians probing state election databases and systems, with FBI Director Comey's testimony.  Link from 29 Sep 16
  • Russian hacking discussed during the first Presidential debate, 26 Sep 16
  • Joint DHS/ODNI Statement on Election Security.  Link from 7 Oct 16
  • Russian hacking discussed during the second Presidential debate, 10 Oct 16
  • Mike Pence says there's "...more and more evidence that (sic) implicates Russia..." during an interview on Meet the Press, Link from 16 Oct 16
  • Trump is asked to condemn Russian hacking very directly by the moderator at the third Presidential debate, which he did, 19 Oct 16
    • Special thanks to NPR for the timeline above

All of those events were pre-election, back when most voters (D & R alike) thought Hillary Clinton was going to win.

Post-election, there have been more developments, with some unverified leaks and speculation as well as some evidence and official analysis released:

  • President Obama orders the IC to conduct a full review of of foreign hacking in order to influence the election, Link from 9 Dec 16
  • Unverified leak from the CIA claims that Russia was specifically trying to help Trump win, Link from 9 Dec 16
  • Republican leaders in Congress call for Congressional investigations into Russian hacking, Link from 12 Dec 16
  • Unverified leak from "US intelligence officials" claims that Putin personally involved in the election-related hacking, Link from 15 Dec 16
  • President Obama says the hacks were, "...initiated at the highest levels of the Russian government..." during a press conference, 16 Dec 16
  • President Obama imposes sanctions and expels 35 Russian intelligence operatives in retaliation for recent hacking, Link from 29 Dec 16
  • IC Joint Analysis Report released detailing specific IP addresses and other digital markers used by Russian hackers against U.S. election-related targets, Link from 29 Dec 16

So really, when you sit down and think about it, these conclusions kinda came from nowhere and have no evidence to back them up /sarcasm :banghead:

Not to shit on ya too much dude, but let's cut the crap about being uncertain when there's a wealth of reproting and evidence available publically as well as behind classified closed doors, evidence that has convinced our nation's leaders across the political spectrum with approximately 99.9% efficiency.

Can we work together to keep the Ruskies out of our elections and the Chinese out of our businesses and everyone uncleared out of our USG systems?  I no more want our geopolitical foes hacking the RNC or President-elect Trump than I wanted them hacking the DNC or President Obama.

Link to comment
Share on other sites

57 minutes ago, nsplayr said:

John Podesta's emails would not have been "revealed" by an investigative journalist...the Russians literally hacked his password through spearphishing.  If a journalist would have done that, they would be put in jail.  So yea, sunshine is the best disinfectant, but it's a slippery slope to wish for your adversary's "dirty laundry" to be aired via hacking.  

Nonsense, now you're just arguing an obtuse position.  That's like saying we should never have have had the Watergate tapes.  This is exactly the kind of corruption bullshit that journalists are supposed to be exposing, instead of jerking off about tweets and hollow one-liners.  They're supposed to develop contacts, get a whiff of something foul, prod for someone they know who has knowledge of it and doesn't like what's going on, then expose it.  In this election, the DNC was more threat to our national sovereignty than any foreign state, so no, I would rather not take steps towards conflict about it.  Let's save these "red lines" for things that are actual problems. Edit: Like hacking part of our grid with spearphishing, maybe.

Edited by SurelySerious
  • Upvote 3
Link to comment
Share on other sites

2 hours ago, SurelySerious said:

Nonsense, now you're just arguing an obtuse position.  That's like saying we should never have have had the Watergate tapes.  This is exactly the kind of corruption bullshit that journalists are supposed to be exposing, instead of jerking off about tweets and hollow one-liners.  They're supposed to develop contacts, get a whiff of something foul, prod for someone they know who has knowledge of it and doesn't like what's going on, then expose it.  In this election, the DNC was more threat to our national sovereignty than any foreign state, so no, I would rather not take steps towards conflict about it.  Let's save these "red lines" for things that are actual problems. Edit: Like hacking part of our grid with spearphishing, maybe.

The watergate tapes were leaked by multiple Americans to American journalists.  There was a crime committed at the behest of the president.  What crime was there committed at the behest of the DNC?  What was a threat to national security from the DNC along the lines of Russian Influence Operations (it was not hacking) of our election?  Simply because we disagree with their political platform doesn't mean they're going to send the country plummeting into the abyss--R's kept the legislature.

Don't intertwine what journalists are supposed to do with this stuff. I guess you'd say Snowden leaking the NSA's secrets (including telling them we knew Russians were hacking their own soon to be assassinated journalists) was great for the nation to?  Is that the kind of corruption bullshit you're talking about?

Or are you talking about the kind of bullshit where it's ok for Russian Intelligence Services to target US political parties to influence an election through a biased intermediary (wikileaks) and we all pretend it was ok because it was someone we didn't want to vote for?

Also, the "hacking of the power grid" thing.. really?  They found it on one laptop not on the grid with the indicators from the report and RAN to the press to report it ASAP.  Didn't get a Cyber Security Org (ex. CrowdStrike, F-Secure, Mandiant) in there to figure out what was going on.  So.. if there was indicators in the power grid, they're now gone.

  • Upvote 1
Link to comment
Share on other sites

39 minutes ago, 17D_guy said:

Simply because we disagree with their political platform doesn't mean they're going to send the country plummeting into the abyss--R's kept the legislature.
 

I'm a Dem, but nice try.

Quote

The watergate tapes were leaked by multiple Americans to American journalists.  There was a crime committed at the behest of the president.  What crime was there committed at the behest of the DNC?  What was a threat to national security from the DNC along the lines of Russian Influence Operations (it was not hacking) of our election?

 


Don't intertwine what journalists are supposed to do with this stuff. I guess you'd say Snowden leaking the NSA's secrets (including telling them we knew Russians were hacking their own soon to be assassinated journalists) was great for the nation to?  Is that the kind of corruption bullshit you're talking about?

Or are you talking about the kind of bullshit where it's ok for Russian Intelligence Services to target US political parties to influence an election through a biased intermediary (wikileaks) and we all pretend it was ok because it was someone we didn't want to vote for?

Also, the "hacking of the power grid" thing.. really?  They found it on one laptop not on the grid with the indicators from the report and RAN to the press to report it ASAP.  Didn't get a Cyber Security Org (ex. CrowdStrike, F-Secure, Mandiant) in there to figure out what was going on.  So.. if there was indicators in the power grid, they're now gone.

And Americans observing the level of corruption within the DNC should probably be turning over that information to American journalists.  The foreign influence in the Clinton Foundation, the intentional tanking of Sanders' campaign, etc.  Those things should not be part of our political process.  Let's fix that stuff.

 

Snowden: don't tell me that you equate stealing/releasing classified information with uncovering political underhandedness committed by some cronies.  Not the same. 

 

Edited by SurelySerious
  • Upvote 1
Link to comment
Share on other sites

8 hours ago, SurelySerious said:

Snowden: don't tell me that you equate stealing/releasing classified information with uncovering political underhandedness committed by some cronies.  Not the same. 

 

Don't tell me that you equate Russia stealing/releasing information with journalistic uncovering political underhandedness committed by some cronies to influence elections.  Not the same.

Edited by 17D_guy
Link to comment
Share on other sites

So anyway,

  Finally finished the report and a few of the critiques of it.  Overall, it was ok and I can understand the disappointment.  News rumor mill is stating there's a classified report being made for gov't that'll more strongly tie RIS to the DNC and other hacks going on right now.  Portions will prob get leaked, so we'll get more info.  The JAR in itself wasn't that and appears to be more of a "we're not going to take this anymore" and heads up to the commercial side about what to look for.  The second part was greatly stumbled towards, with the information put together by people who...frankly don't appear to know what they're talking about.

  But, good first-ish steps.

  With CYBERCOM coming online as its own thing we're going to probably see a step-up in this sort of material.  As well as a norm-ing of what Cyber Operations is.  I think it'll take us a couple generations to get it right.  We've still got a lot of old heads stuck in this strange in-between place for Cyber.  Clearly focused on Ops, but without the no-nonsense focus on capes/effects/etc while also refusing to acknowledge it's a man-made domain that needs maintenance.  

Gen Bender came to speak at my location a few weeks ago and I took notes.  I'd really like some of your guys thoughts on his ideas as we move forward.  Overall I'd really like some of sun-god bastards to crossover and help get us more educated on what operations actually means.  But ACP and all.

Link to comment
Share on other sites

Also the  Chaos Computer Club just finished their Congress, which is like DEFCON in Vegas, but older and some would argue better.  The videos are available here, and the german ones can be downloaded to be played with an alternate audio stream from the translators.  

Really good stuff if you're interested in that sort of thing - https://media.ccc.de/

Link to comment
Share on other sites

Don't tell me that you equate Russia stealing/releasing information with journalistic uncovering political underhandedness committed by some cronies to influence elections.  Not the same.

In the context of my position sts that we should not be taking steps putting us closer to conflict just because the DNC is embarrassed that their dirty laundry has been aired, yes, I do equate those things.

Link to comment
Share on other sites

Here's the thing.  This isn't just the DNC being embarrassed.  You're making it sound like, "Eh... no biggy.  They hacked a major political party and released that through wikileaks.  Possibly influencing an election in their favor (proven by next-Pres tweets). No harm, no foul."

Meanwhile we've got Russians using cyber for real world effects other places:

Why aren't you looking at this Russia cyber involvement as a whole against the electoral process?  Do you not consider the Info Op as that, or do you think this is a one off?  What would be your red line in this instance?

I've been reading a lot about the Intel/Info Ops side of Russia for the past decade and it's fascinating what Putin's put into place and now how he's starting to extend that overseas.  It's a very interesting form of power projection we're not used to, and ill-equipped to deal with at the moment.  I consider the DNC hack part of that overall campaign, and am wary of simply concluding that because no one died and/or money was lost we should just call it a wash and wait for next time to at least say something.

We're very close to being back in a Cold War state with a peer, not even near-peer, in Cyber.  This could just be something we agree to disagree on, as I've had to with much of my hyper-right-wing family who doesn't care if it was Russians.  Which... given they grew up under Reagan, is very strange.

  • Upvote 1
Link to comment
Share on other sites

This is a great conversation; when I'm done suffering through AWC facilitated classes I'll have a more thorough reply to some excellent points.  

One thing surelyserious & kiloalpha have been saying better than me is the importance of context: this "hacking" accusation does not exist in a vacuum.  Where was the current D outrage over the OPM hacks by China?  It's only when their scheming was brought to light that we need to fix this, while China apparently got a pass for OPM.....twice.  "Intel assures me that ISIS is JV" when the truth turned out otherwise followed by CENTCOM intel analysts say their work was misconstrued for political purposes.  And let's not forget this Guccifer dude, who allergedly was a conduit for RIS to release hacked emails, originally came to importance because he was spying on Clintons private server.  So..... I guess her private server did compromise national security.  The apparent hypocrisy here gives me pause to accept everything I'm told.  

Agree or disagree with the importance of those other issues, this is the context half our nation views the current hacking allegation through.  It's not quibbling for me to demand precision in our language and proof for our assumptions given the domestic political context and consequences of fighting with Russia.  In this environment, the JAR was a weak ass report and unhelpful at convincing skeptics.

I understand the desire to label contentious partisan issues "settled science," mock the deniers and rush action before your political opponent seizes power.  But is that behavior helpful at uniting the country or discouraging future attacks?  

Finally, thanks again for the good conversation here.  I understand your POV better, and this has been way more educational than watching people bully and shout one liners over each other on news networks.

Link to comment
Share on other sites

1 hour ago, 17D_guy said:

Here's the thing.  This isn't just the DNC being embarrassed.  You're making it sound like, "Eh... no biggy.  They hacked a major political party and released that through wikileaks.  Possibly influencing an election in their favor (proven by next-Pres tweets). No harm, no foul."

Why aren't you looking at this Russia cyber involvement as a whole against the electoral process?  Do you not consider the Info Op as that, or do you think this is a one off?  What would be your red line in this instance?

I've been reading a lot about the Intel/Info Ops side of Russia for the past decade and it's fascinating what Putin's put into place and now how he's starting to extend that overseas.  It's a very interesting form of power projection we're not used to, and ill-equipped to deal with at the moment.  I consider the DNC hack part of that overall campaign, and am wary of simply concluding that because no one died and/or money was lost we should just call it a wash and wait for next time to at least say something.

We're very close to being back in a Cold War state with a peer, not even near-peer, in Cyber.  This could just be something we agree to disagree on, as I've had to with much of my hyper-right-wing family who doesn't care if it was Russians.  Which... given they grew up under Reagan, is very strange.

I view it through the Russian agenda as a whole over the last 70 years.  They've been running info ops the whole time trying to mess with and subvert our existence.  New medium for the same means, in this case.  That's why I view the admin trying to twist the policy for cyber effects of critical infrastructure to cover a political party as baloney. They're not actually the government, as with the OPM or JCS, so I don't think we should be employing response measures in their name over a domain where no one is sure what constitutes an act of war and where cyber turns to armed conflict.  This response is just the DNC being embarrassed, in my view; they lost the election by pushing a poor candidate, poor assessment of the political landscape, and and a poor campaign strategy wrt gaining electoral college votes.

 

Getting into a voting system and actually changing votes?  Now you've got my ear about critical infrastructure.  Affecting power systems, as I alluded to earlier, yes that's the intent of the cyber policy posturing, I'd say.  I don't disagree that there are concerns with the cyber domain, but we should think carefully about employing measures with a cyber peer. These things are worth our time and effort.  I like where you're going with capabilities/policy development.

Quote

Meanwhile we've got Russians using cyber for real world effects other places:

 

Edited by SurelySerious
Link to comment
Share on other sites

So if a foreign nation hacked the re-election campaign computer networks of President Trump in the run-up to 2020 and released, say, his tax return, his medical records, evidence of his internal political dialogue or strategy, etc., you're ok with that?

See the lengthy Rubio quote I posted earlier.  The intellectually honest answer would be that if you're ok with Russia hacking the DNC and the Hillary campaign, you're also ok with them or the Chinese or some other state hacking the RNC or the Trump campaign next time around.  Playing Red Team / Blue Team on this stuff is not the right way to handle national security issues IMHO.

I will stand up and say no.  As much as I want Trump to be defeated in 2020, I don't want a hostile foreign power hacking his campaign or the RNC and I refuse to support any Democratic candidate or movement in the future that might think to use hacked information for political gain.

I do absolutely place campaign infrastructure and party infrastructure as part of our "democratic institutions" and they should be protected.  Obviously hacking voting machines or state voter databases is a higher level of provocation, but it's all part of our election system and foreigners or domestic bad actors need to keep out.

Someone earlier said they want a full-up bicameral, bipartisan Congressional investigation...my magic 8 ball says you may get what you asked for in the new Congress.

Edited by nsplayr
  • Upvote 2
Link to comment
Share on other sites

3 minutes ago, nsplayr said:

So if a foreign nation hacked the re-election campaign computer networks of President Trump in the run-up to 2020 and released, say, his tax return, his medical records, evidence of his internal political dialogue or strategy, etc., you're ok with that?

See the lengthy Rubio quote I posted earlier.  The intellectually honest answer would be that if you're ok with Russia hacking the DNC and the Hillary campaign, you're also ok with them or the Chinese or some other state hacking the RNC or the Trump campaign next time around.  Playing Red Team / Blue Team on this stuff is not the right way to handle national security issues IMHO.

I will stand up and say no.  As much as I want Trump to be defeated in 2020, I don't want a hostile foreign power hacking his campaign or the RNC and I refuse to support any Democratic candidate or movement in the future that might think to use hacked information for political gain.

I do absolutely place campaign infrastructure and party infrastructure as part of our "democratic institutions" and they should be protected.  Obviously hacking voting machines or state voter databases is a higher level of provocation, but it's all part of our election system and foreigners or domestic bad actors need to keep out.

Again, Dem, don't play try playing the red/blue piece here.  I didn't say I was ok with the action of hacking; I said I don't think we should be taking escalatory/retaliatory action on hacking a political party with their tail between their legs.  Foreign powers are more inside the political parties with their purse strings than with their computers. The harm here is superficial.  It's not actual secrets, nor actual government infrastructure, nor commercial espionage. 

  • Upvote 1
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...