CIA's Russian hacking claims invalid without technical disclosures

CIA's Russian hacking claims invalid without technical disclosures

By: Rachel Marsden

PARIS -- Anonymous U.S. government officials claim that the Central Intelligence Agency has a secret report concluding that Russia provided hacked emails to WikiLeaks with the specific objective of securing Donald Trump's presidential victory. This was originally reported by the Washington Post late last week and is now being echoed by politicians who stand to benefit from the narrative -- namely, establishment Republicans who oppose Trump and Democrats whose shot at power was destroyed by him.

So far, no one has provided evidence that the Russian government hacked institutions related to the presidential election, let alone with any specific intent.

Former British ambassador Craig Murray, an associate of WikiLeaks publisher Julian Assange, published a response on his website: "As Julian Assange has made crystal clear, the leaks did not come from the Russians. As I have explained countless times, they are not hacks, they are insider leaks."

Murray also told The Guardian, "I've met the person who leaked them, and they are certainly not Russian and it's an insider. It's a leak, not a hack; the two are different things."

If Murray's claims are true, the Russian hacking accusations are following much the same pattern as the accusations that followed the Sony Pictures Entertainment breach in late 2014. U.S. intelligence officials quickly concluded that North Korea was responsible for the Sony breach. President Barack Obama issued an executive order, adding a few more drops to the ocean of existing sanctions against North Korea. Independent analysis by information-security researchers turned up evidence that the Sony breach might have been an inside job. Others concluded that even if it was a hack, the evidence couldn't definitively attribute it to North Korea. There was enough reasonable doubt to warrant a measured response -- but that didn't stop the U.S. government from firing first and asking questions later.

Obama has reportedly ordered a full investigation into the alleged Russian hack. It's unfortunate that any investigation already has been undermined by a premature attempt to politicize national intelligence at the expense of objective technical inquiry.

Information security is a computer science. Science requires practitioners to show their work and not just their conclusions. Scientific theories and discoveries are elaborated upon and published in journals so that their credibility can be challenged. Imagine if scientific discoveries were held to the same lackadaisical standard of proof as the Russian hacking theory -- if, for example, instead of mathematician John Forbes Nash publishing his groundbreaking contribution to game theory in the Proceedings of the National Academy of Sciences for peer review, he had instead floated to the Washington Post that "anonymous sources who know something about economics and math are saying that Nash has some groundbreaking new stuff that you can't see but should really trust."

Nash wouldn't have won the Nobel Prize if his claims hadn't been held up for public scrutiny. And no one should simply believe, sight unseen, computer-scientific claims made by government officials or anyone else.

Intelligence services often use national security as a pretext for keeping details from the public, lest they tip their hand by revealing sources or methods, causing opponents to harden their defenses. While it's a valid concern, it's an invalid excuse. In an age when intelligence activities are increasingly technical, agencies must find a way to balance national security with public transparency. Technical evidence must be subject to the same kind of public scrutiny that written intelligence analysis has traditionally been.

The danger of keeping technical evidence secret is that it can be mischaracterized and abused for political purposes. In a worst-case scenario, it could be used to provoke a conflict with an opposing superpower -- or to delegitimize a presidential victory.

The NSA, America's electronic intelligence agency, which has been notably silent on the issue, is in the best position to obtain and provide evidence to either support or counter hacking claims. A credible forensic assessment would include actual scripts used in the attacks, the associated timeline of file extractions, technical details of malware and payloads used in the attacks, details of exploited vulnerabilities of the breached machines, and the internet protocol addresses of the alleged attackers, along with the technical mechanism by which investigators were able to ascertain the identity of the hackers. (Internet protocol addresses can be spoofed, but the NSA has the ability to override spoofing.)

Political whining or the repetition of a narrative won't render an argument credible in the minds of individuals capable of critical thought. Only hard evidence can do that. Those who are claiming Russian interference in the election had better provide evidence quickly, or they'll have to start whining about how Russian President Vladimir Putin hacked their credibility.