Mainstream Media’s Russian Bogeymen

By Gareth Porter | Consortium News | January 13, 2017

In the middle of a major domestic crisis over the U.S. charge that Russia had interfered with the U.S. election, the Department of Homeland Security (DHS) triggered a brief national media hysteria by creating and spreading a bogus story of Russian hacking into U.S. power infrastructure.

DHS had initiated the now-discredited tale of a hacked computer at the Burlington, Vermont Electricity Department by sending the utility’s managers misleading and alarming information, then leaked a story they certainly knew to be false and continued to put out a misleading line to the media.

Even more shocking, however, DHS had previously circulated a similar bogus story of Russian hacking of a Springfield, Illinois water pump in November 2011.

The story of how DHS twice circulated false stories of Russian efforts to sabotage U.S. “critical infrastructure” is a cautionary tale of how senior leaders in a bureaucracy-on-the-make take advantage of every major political development to advance its own interests, with scant regard for the truth.

The DHS had carried out a major public campaign to focus on an alleged Russian threat to U.S. power infrastructure in early 2016. The campaign took advantage of a U.S. accusation of a Russian cyber-attack against the Ukrainian power infrastructure in December 2015 to promote one of the agency’s major functions — guarding against cyber-attacks on America’s infrastructure.

Beginning in late March 2016, DHS and FBI conducted a series of 12 unclassified briefings for electric power infrastructure companies in eight cities titled, “Ukraine Cyber Attack: implications for U.S. stakeholders.” The DHS declared publicly, “These events represent one of the first known physical impacts to critical infrastructure which resulted from cyber-attack.”

That statement conveniently avoided mentioning that the first cases of such destruction of national infrastructure from cyber-attacks were not against the United States, but were inflicted on Iran by the Obama administration and Israel in 2009 and 2012.

Beginning in October 2016, the DHS emerged as one of the two most important players – along with the CIA—in the political drama over the alleged Russian effort to tilt the 2016 election toward Donald Trump. Then on Dec. 29, DHS and FBI distributed a “Joint Analysis Report” to U.S. power utilities across the country with what it claimed were “indicators” of a Russian intelligence effort to penetrate and compromise U.S. computer networks, including networks related to the presidential election, that it called “GRIZZLY STEPPE.”

The report clearly conveyed to the utilities that the “tools and infrastructure” it said had been used by Russian intelligence agencies to affect the election were a direct threat to them as well. However, according to Robert M. Lee, the founder and CEO of the cyber-security company Dragos, who had developed one of the earliest U.S. government programs for defense against cyber-attacks on U.S. infrastructure systems, the report was certain to mislead the recipients.

“Anyone who uses it would think they were being impacted by Russian operations,” said Lee. “We ran through the indicators in the report and found that a high percentage were false positives.”

Lee and his staff found only two of a long list of malware files that could be linked to Russian hackers without more specific data about timing. Similarly a large proportion of IP addresses listed could be linked to “GRIZZLY STEPPE” only for certain specific dates, which were not provided.

The Intercept discovered, in fact, that 42 percent of the 876 IP addresses listed in the report as having been used by Russian hackers were exit nodes for the Tor Project, a system that allows bloggers, journalists and others – including some military entities – to keep their Internet communications private.

Lee said the DHS staff that worked on the technical information in the report is highly competent, but the document was rendered useless when officials classified and deleted some key parts of the report and added other material that shouldn’t have been in it. He believes the DHS issued the report “for a political purpose,” which was to “show that the DHS is protecting you.”

Planting the Story, Keeping it Alive

Upon receiving the DHS-FBI report the Burlington Electric Company network security team immediately ran searches of its computer logs using the lists of IP addresses it had been provided. When one of IP addresses cited in the report as an indicator of Russian hacking was found on the logs, the utility immediately called DHS to inform it as it had been instructed to do by DHS.

In fact, the IP address on the Burlington Electric Company’s computer was simply the Yahoo e-mail server, according to Lee, so it could not have been a legitimate indicator of an attempted cyber-intrusion. That should have been the end of the story. But the utility did not track down the IP address before reporting it to DHS. It did, however, expect DHS to treat the matter confidentially until it had thoroughly investigated and resolved the issue.

“DHS wasn’t supposed to release the details,” said Lee. “Everybody was supposed to keep their mouth shut.”

Instead, a DHS official called The Washington Post and passed on word that one of the indicators of Russian hacking of the DNC had been found on the Burlington utility’s computer network. The Post failed to follow the most basic rule of journalism, relying on its DHS source instead of checking with the Burlington Electric Department first. The result was the Post’s sensational Dec. 30 story under the headline “Russian hackers penetrated U.S. electricity grid through a utility in Vermont, U.S. officials say.”

The DHS official evidently had allowed the Post to infer that the Russian’s hack had penetrated the grid without actually saying so. The Post story said the Russians “had not actively used the code to disrupt operations of the utility, according to officials who spoke on condition of anonymity in order to discuss a security matter,” but then added, and that “the penetration of the nation’s electrical grid is significant because it represents a potentially serious vulnerability.”

The electric company quickly issued a firm denial that the computer in question was connected to the power grid. The Post was forced to retract, in effect, its claim that the electricity grid had been hacked by the Russians. But it stuck by its story that the utility had been the victim of a Russian hack for another three days before admitting that no such evidence of a hack existed.

The day after the story was published, the DHS leadership continued to imply, without saying so explicitly, that the Burlington utility had been hacked by Russians. Assistant Secretary for Pubic Affairs J. Todd Breasseale gave CNN a statement that the “indicators” from the malicious software found on the computer at Burlington Electric were a “match” for those on the DNC computers.

As soon as DHS checked the IP address, however, it knew that it was a Yahoo cloud server and therefore not an indicator that the same team that allegedly hacked the DNC had gotten into the Burlington utility’s laptop. DHS also learned from the utility that the laptop in question had been infected by malware called “neutrino,” which had never been used in “GRIZZLY STEPPE.”

Only days later did the DHS reveal those crucial facts to the Post. And the DHS was still defending its joint report to the Post, according to Lee, who got part of the story from Post sources. The DHS official was arguing that it had “led to a discovery,” he said. “The second is, ‘See, this is encouraging people to run indicators.’”

Original DHS False Hacking Story

The false Burlington Electric hack scare is reminiscent of an earlier story of Russian hacking of a utility for which the DHS was responsible as well. In November 2011, it reported an “intrusion” into a Springfield, Illinois water district computer that similarly turned out to be a fabrication.

Like the Burlington fiasco, the false report was preceded by a DHS claim that U.S. infrastructure systems were already under attack. In October 2011, acting DHS deputy undersecretary Greg Schaffer was quoted by The Washington Post as warning that “our adversaries” are “knocking on the doors of these systems.” And Schaffer added, “In some cases, there have been intrusions.” He did not specify when, where or by whom, and no such prior intrusions have ever been documented.

On Nov. 8, 2011, a water pump belonging to the Curran-Gardner township water district near Springfield, Illinois, burned out after sputtering several times in previous months. The repair team brought in to fix it found a Russian IP address on its log from five months earlier. That IP address was actually from a cell phone call from the contractor who had set up the control system for the pump and who was vacationing in Russia with his family, so his name was in the log by the address.

Without investigating the IP address itself, the utility reported the IP address and the breakdown of the water pump to the Environmental Protection Agency, which in turn passed it on to the Illinois Statewide Terrorism and Intelligence Center, also called a fusion center composed of Illinois State Police and representatives from the FBI, DHS and other government agencies.

On Nov. 10 – just two days after the initial report to EPA – the fusion center produced a report titled “Public Water District Cyber Intrusion” suggesting a Russian hacker had stolen the identity of someone authorized to use the computer and had hacked into the control system causing the water pump to fail.

The contractor whose name was on the log next to the IP address later told Wired magazine that one phone call to him would have laid the matter to rest. But the DHS, which was the lead in putting the report out, had not bothered to make even that one obvious phone call before opining that it must have been a Russian hack.

The fusion center “intelligence report,” circulated by DHS Office of Intelligence and Research, was picked up by a cyber-security blogger, who called The Washington Post and read the item to a reporter. Thus the Post published the first sensational story of a Russian hack into a U.S. infrastructure on Nov. 18, 2011.

After the real story came out, DHS disclaimed responsibility for the report, saying that it was the fusion center’s responsibility. But a Senate subcommittee investigation revealed in a report a year later that even after the initial report had been discredited, DHS had not issued any retraction or correction to the report, nor had it notified the recipients about the truth.

DHS officials responsible for the false report told Senate investigators such reports weren’t intended to be “finished intelligence,” implying that the bar for accuracy of the information didn’t have to be very high. They even claimed that the report was a “success” because it had done “what it’s supposed to do – generate interest.”

Both the Burlington and Curran-Gardner episodes underline a central reality of the political game of national security in the New Cold War era: major bureaucratic players like DHS have a huge political stake in public perceptions of a Russian threat, and whenever the opportunity arises to do so, they will exploit it.

Gareth Porter is an independent investigative journalist and winner of the 2012 Gellhorn Prize for journalism. He is the author of the newly published Manufactured Crisis: The Untold Story of the Iran Nuclear Scare.

January 13, 2017 - Posted by aletho | Deception, Fake News, Mainstream Media, Warmongering, Timeless or most popular | CIA, Department of Homeland Security, FBI, United States, Washington Post

No comments yet.

Featured Video

Iran Is Not Our Enemy

Aletho News Videos

or go to

Aletho News Archives – Video-Images

Frlom the Archives

The 52 Major Jewish American Organizations and Israel Celebrate Passover with the Slaughter of 25 Muslim, Christian and Secular Palestinians

By James Petras • Unz Review • April 8, 2018

Introduction

As of April 7, nearly three thousand unarmed Christian, Muslim and secular Palestinians have been wounded, over three dozen are in critical condition and at least twenty-five unarmed protestors, including children have been assassinated by hundreds of Israeli snipers and heavily armed troops shooting tank shells into crowds of civilians protesting their decades of incarceration by the racist Israeli state.

The Israeli government praised the ‘restraint and morality’ of the IDF, as did the fifty-two Major Jewish American Organizations (MJAO) who largely control the US Congress. These grotesque massacres began during the Christian Holy Week on Good Friday and Easter, coinciding with the Jewish Passover. The self-righteous officials of the MJAO and their relatives and friends broke matzos at joyful Seders as the blood of Palestinians soaked into ground at the fence containing the largest open-air prison camp in history, Gaza.

While tribal loyalties bonded the Israeli and Jewish American leaders, the politicians of the Western oligarchic electoral regimes refrained from criticizing the shocking display of brute force and even defended Israel’s cold blood mass killings of Palestinian civilians in their Gaza prison.

This paper will discuss and analyze the reasons for Israel’s willing Western accomplices and the centrality of its fifth column in the United States. … continue

Blog Roll

Subscribe to Aletho News

Enter your email address to receive new posts by email.

Email Address:

Join 2,448 other subscribers
Visits Since December 2009
- 7,415,815 hits
Looking for something?

Search for:
Archives
Archives
Calendar

January 2017

M T W T F S S

1

2 3 4 5 6 7 8

9 10 11 12 13 14 15

16 17 18 19 20 21 22

23 24 25 26 27 28 29

30 31

« Dec Feb »
Categories

Aletho News Civil Liberties Corruption Deception Economics Environmentalism Ethnic Cleansing, Racism, Zionism Fake News False Flag Terrorism Full Spectrum Dominance Illegal Occupation Mainstream Media, Warmongering Malthusian Ideology, Phony Scarcity Militarism Progressive Hypocrite Russophobia Science and Pseudo-Science Solidarity and Activism Subjugation - Torture Supremacism, Social Darwinism Timeless or most popular Video War Crimes Wars for Israel
Tags
9/11 Afghanistan Africa al-Qaeda Australia BBC Benjamin Netanyahu Brazil Canada CDC Central Intelligence Agency China CIA CNN Covid-19 COVID-19 Vaccine Donald Trump Egypt European Union Facebook FBI FDA France Gaza Germany Google Hamas Hebron Hezbollah Hillary Clinton Human rights Hungary India Iran Iraq ISIS Israel Israeli settlement Japan Jerusalem Joe Biden Korea Latin America Lebanon Libya Middle East National Security Agency NATO New York Times North Korea NSA Obama Pakistan Palestine Poland Qatar Russia Sanctions against Iran Saudi Arabia Syria The Guardian Turkey Twitter UAE UK Ukraine United Nations United States USA Venezuela Washington Post West Bank WHO Yemen Zionism

January 2017
M	T	W	T	F	S	S
	1
2	3	4	5	6	7	8
9	10	11	12	13	14	15
16	17	18	19	20	21	22
23	24	25	26	27	28	29
30	31

Aletho News
If Americans Knew
No Tricks Zone
Contact:

atheonews (at) gmail.com
Disclaimer

This site is provided as a research and reference tool. Although we make every reasonable effort to ensure that the information and data provided at this site are useful, accurate, and current, we cannot guarantee that the information and data provided here will be error-free. By using this site, you assume all responsibility for and risk arising from your use of and reliance upon the contents of this site.

This site and the information available through it do not, and are not intended to constitute legal advice. Should you require legal advice, you should consult your own attorney.

Nothing within this site or linked to by this site constitutes investment advice or medical advice.

Materials accessible from or added to this site by third parties, such as comments posted, are strictly the responsibility of the third party who added such materials or made them accessible and we neither endorse nor undertake to control, monitor, edit or assume responsibility for any such third-party material.

The posting of stories, commentaries, reports, documents and links (embedded or otherwise) on this site does not in any way, shape or form, implied or otherwise, necessarily express or suggest endorsement or support of any of such posted material or parts therein.

The word “alleged” is deemed to occur before the word “fraud.” Since the rule of law still applies. To peasants, at least.

Fair Use

This site contains copyrighted material the use of which has not always been specifically authorized by the copyright owner. We are making such material available in our efforts to advance understanding of environmental, political, human rights, economic, democracy, scientific, and social justice issues, etc. We believe this constitutes a ‘fair use’ of any such copyrighted material as provided for in section 107 of the US Copyright Law. In accordance with Title 17 U.S.C. Section 107, the material on this site is distributed without profit to those who have expressed a prior interest in receiving the included information for research and educational purposes. For more info go to: http://www.law.cornell.edu/uscode/17/107.shtml. If you wish to use copyrighted material from this site for purposes of your own that go beyond ‘fair use’, you must obtain permission from the copyright owner.

DMCA Contact

This is information for anyone that wishes to challenge our “fair use” of copyrighted material.

If you are a legal copyright holder or a designated agent for such and you believe that content residing on or accessible through our website infringes a copyright and falls outside the boundaries of “Fair Use”, please send a notice of infringement by contacting atheonews@gmail.com.

We will respond and take necessary action immediately.

If notice is given of an alleged copyright violation we will act expeditiously to remove or disable access to the material(s) in question.

All 3rd party material posted on this website is copyright the respective owners / authors. Aletho News makes no claim of copyright on such material.

Aletho News

ΑΛΗΘΩΣ