No, Russia didn't hack Vermont's power grid

It’s important to understand that while the govt’s reports so far have been pretty useless, there’s a lot of evidence to back the position that Russia was behind the DNC, DCCC, and Podesta hacks. This starts with identifying APT28 as the DNC attacker (which if true also proves they were behind the DCCC attack). Given the data CloudStrike provided that’s very clearly the case. The SecureWorks incident response team attributed APT28 to the Podesta attack. From there one has to do the work to substantiate that APT28 is the GRU. That attribution is tricker, but since APT28 has been an active attacker on the internet for nearly a decade involved in tens of thousands of attacks on US and European government offices, universities, think tanks, NGOs, and political orgs, generally working during Russian business hours, taking breaks on Russian state holidays, using their attacks for intel, rather than a profit motive, and being involved in Russian cynberwarfare military attacks on Ukrainian artillery units, that’s been heavily scrutinized by many different private security researchers, there are really good reasons to make that assumption. There’s also the Guccifer 2.0 debacle that further pins APT28 as a Russian intelligence agency. I’ve been hashing this out over and over recently since there’s lot of serious disinformation coming out about the attacks that misrepresent evidence, fail to present complete cases, make a number of very poor assumptions about data, and don’t take into account the full scope of research that’s been done on APT28 or their recent and ongoing attacks.

The most recent conversation is here, and I think is fairly exhaustive:

The realty is there’s a very large amount of evidence, a very, very compelling case can be made, and independent people in the InfoSec field in the best position to judge are in general agreement on the assessment that the GRU is the perp. There’s no Red Scare, there’s the reality that Russia was involved in a large scale cyberwarfare campaign against many US targets to manipulate the election, and the reality is also that their cyberwarfare division is still engaging in wide scale attacks against US targets.

Obama’s responses were very limited, very mild, are there’s no reason to think they’d provoke a nuclear response. He’s got a few weeks left, and then we’re looking at a Trump presidency that will undo virtually all of that and we’ll be looking at an administration planning to not only normalize relations, but also drop sanctions, probably recognize Crimea as Russian territory (there’s already been discussions of this from Trump staff), and probably recognize Ossetia. This will reward and justify Russia’s belligerence and military invasions, letting them off the hook for their wars on neighboring Georgia and Ukraine and invasions/annexations in Ossetia and Crimea, with a weakened NATO, and further risks of Russian attacks/invasions of other neighboring states like Estonia.

The reality is that our coming issues are far more serious than a Red Scare/Cold War. We’re more looking at an arrangement between Trump and Putin that’s a new Molotov–Ribbentrop Pact posing a far greater risk to global stability and security than the Cold War.

15 Likes