Experts: Hard to prove Russians behind DNC hack

SAN FRANCISCO – Computer security researchers say it’s difficult to definitively say the cyber theft of files from the Democratic National Committee subsequently posted online by Wikileaks was the work of Russian hackers, as some media outlets have reported.

However experts within the cybersecurity world say it’s extremely difficult to know exactly who is behind an attack without the kind of on-the-ground surveillance that only government agencies are able to provide.

The amount of information and the conclusions that can be drawn from strictly technical forensics are limited, said Steve Grobman, chief technology officer with for the Intel Security Group.

For instance, if hackers wanted to make it seem as if they were coming from Russia, they would put strings of Russian in their code and then compromise a machine somewhere in Russia and use it to launch the attack from, he said.

Whether Or Not Russians Hacked DNC Means Nothing Concerning How Newsworthy The Details Are
from the sony-hack-redux dept
As you almost certainly know by now, on Friday Wikileaks released a bunch of hacked DNC emails just before the Democratic Presidential convention kicked off. While Wikileaks hasn't quite said where it got the emails, speculation among many quickly pointed to Russian state sponsored hackers. That's because of the revelation last month of two sets of hackers breaching the DNC's computer system and swiping (at the very least) opposition research on Donald Trump. Various cybersecurity research firms, starting with CrowdStrike, which was hired by the DNC to investigate, pointed the finger at the Russians.

Of course, whether or not you believe that may depend on how credible you find the big cybersecurity firms like CrowdStrike, FireEye and Mandiant (the big names that always pop up in situations like this). For what it's worth, these guys have something of a vested interest in playing up the threat of big hacks from nation-state level hackers. For a good analysis of why this finger-pointing may be less than credible, I recommend two articles by Jeffrey Carr, one noting that these firms come from a history of "faith-based attribution" whereby they are never held accountable for being wrong -- and another highlighting serious questions about the designation of Russia as being responsible for this particular hack (he notes that some of the research appeared to come pre-arrived at that conclusion, and then ignored any evidence to the contrary).

Still, the claim that the data came from the Russians has become something of a story itself. And, of course, who did the hack and got the info is absolutely a news story. But it's an entirely separate one from whether or not the leaked emails contain anything useful or newsworthy. And yet, because this is the peak of political silly season, some are freaking out and claiming that anyone reporting on these emails "has been played" by Putin and Russia. Leaving aside the fact that people like to claim that Russia's behind all sorts of politicians that some don't like, that should be entirely unrelated to whether or not the story is worth covering.

And yet, we already have stories arguing that "Putin weaponized Wikileaks to influence" the US election. That's ridiculous on multiple levels. Wikileaks releases all kinds of stuff, whether you agree with them or not. And the idea that this will actually impact the election seems... unlikely. Is the (not at all surprising) fact that the DNC is fully of cronyism and favoritism really suddenly going to shift voters to Trump? Of course, Wikileaks implicitly threatening someone with legal action for saying there's a connection between Russia and Wikileaks is pretty ridiculous as well.