US plans to conduct cyberwar against Russia in retaliation for unproven election meddling
From May 2017 until March 2019, a team of investigators and lawyers led by Special Counsel Robert S. Mueller engaged in a frenetic search for evidence sustaining allegations that individuals affiliated with the campaign of President Donald Trump—and even the president himself—had colluded and conspired with the Russian government to influence the outcome of the 2016 US presidential election in Trump’s favor. Numerous high-profile politicians, civil servants, and media personalities invested a tremendous amount of political and personal capital pursuing various allegations.
Among the most prominent of these held that hackers allegedly working on behalf of Russian Military Intelligence (the GRU) gained access to computer servers belonging to the Democratic National Committee (DNC) and the Democratic Congressional Campaign Committee (DCCC), extracted sensitive data, and then conspired to have this information released to the public in a manner designed to harm the presidential campaign of Hillary Clinton.
While the charges against Trump were subsequently shown to be unfounded, the American public was led to believe that the underlying facts of the case—especially the allegations concerning the hacking of the DNC server—were undisputed fact. Moreover, the same people who invested so heavily in the Mueller investigation are now claiming that Russia—with or without the knowledge and support of President Trump—is actively preparing for a similar intervention in the 2020 election. Prodded by these concerns, the US Cyber Command, a Department of Defense organization responsible for cyber warfare and computer security, has reportedly been tasked with developing a range of offensive operations to deter and, if necessary, punish Russia for engaging in such malign activity.
While the US preparations are real, the intelligence that underpins the justification for these planned cyber-attacks is highly speculative and, more importantly, unproven, creating a situation similar to that which occurred in Iraq back in 2003, when the US went to war on flawed and largely manufactured intelligence alleging Iraq retained significant stockpiles of weapons of mass destruction, when in fact none existed. As with Iraq, the case against Russia is mainly speculative in nature, full of specific allegations that are not backed up with any hard intelligence.
The foundation for the alleged Russian activities comes in the form of two documents. The first, an indictment of 12 named Russian intelligence officers allegedly employed by the GRU, was prepared by the Department of Justice (DOJ). Referred to as the Netyksho Indictment, after one of the named GRU officers, the document lays out a damning list of malign activities by the named individuals and the GRU units they belonged to. However, there is absolutely no sourcing provided, meaning that the allegations must be taken at face value.
The events alleged in the Netyksho Indictment are likewise contained in the body of the report prepared by Special Counsel Robert Mueller based upon his investigation into allegations of Russian interference in the 2016 US presidential election (Mueller’s team also prepared the Netyksho Indictment). The Mueller Report does provide sourcing, but only in a superficial way, either referring to the unsourced Netyksho Indictment, cryptic compilations of investigative reports, or heavily redacted passages. There is no indication as to how either the Indictment or the Mueller Report came to their conclusions.
There is a document, however, that mitigates against the conclusions reached by both the Netyksho Indictment and the Mueller Report. Entitled ‘Spear-Phishing Campaign TTP’s [tactics, techniques and procedures] used against US and Foreign Government Entities’, the document consists of a diagram attached to a classified National Security Agency (NSA) document leaked to the US press by whistleblower Reality Winner. This document serves as a Rosetta Stone, so to speak, for both the Mueller Report and the Netyksho Indictment. The document is derived from the various intelligence reports assembled by the NSA regarding the allegations against the GRU that underpin the Mueller Report and the Netyksho Indictment.
The document diagram contains three types of information—confirmed, analyst judgement, and contextual. While most of the specific cyber events are reported as confirmed, the connection between these events and Unit 74455 (one of two GRU units named in the Netyksho Indictment and the Mueller Report) are recorded as being based upon the judgement of the analysts, and not confirmed fact. Likewise, the linkage between the entity assessed as Unit 74455 and GRU Headquarters is listed as contextual, meaning that there is no fact-based data that links either Unit 74455 or GRU Headquarters to the events in question.
The Winner document makes it clear that the involvement of Unit 74455 is pure analytical supposition—i.e. guesswork. The attribution of blame to the unit and its named personnel isn’t derived from intelligence collection and analysis, but rather the case presented to a grand jury by the Mueller prosecution team.
There is a saying in the US that a grand jury can indict a ham sandwich—in short, because the prosecution controls the process through which evidence is presented, anyone can be indicted for anything, regardless of the lack of actual proof. In the present matter, Unit 74455 and its named personnel are the proverbial ham sandwich.
This does not mean that the Russians did or didn’t carry out a cyber-attack on the DNC and DCCC computers in 2016, or conspire to disseminate information thus gained to influence the 2016 US presidential election. It does mean, however, that the case against Russia is not nearly as conclusive as the Mueller Report and Netyksho Indictments would lead one to believe.
Mueller knew the Russians would not allow the GRU or its personnel to be subjected to a trial, regardless of innocence or guilt. As such, the DOJ could—and did—get creative in breathing life into allegations which, on their own volition, provided zero Russian attribution. All it took was a DOJ analyst to access a GRU organizational chart and start plugging in names and unit designations where they could be used to manufacture a narrative that would be presented to the Grand Jury.
Left unchallenged, the allegations set forth by the Netyksho Indictment and the Mueller Report morphed into unquestioned fact which was then used to justify the anti-Russian activities currently being undertaken by US Cyber Command. The scope and scale of the cyber-operations allegedly being planned appear to be more akin to juvenile retaliation than punitive deterrence, along the lines of “I’ll leak your private information if you leak mine.” But it is only a matter of a few keystrokes to transition from relatively harmless leaks of personal data to more nefarious offensive operations designed to impact economic and military targets.
The mere fact that the US is preparing to undertake military operations of any sort directed at Russia should send alarm bells ringing in the heads of all Americans. The planned activities of US Cyber Command are derived more from the frustration of those who invested so heavily in the outcome of the Mueller investigation, and who are now desperate to manufacture a narrative that somehow breathes life into the ‘Russia did it’ story line.
The use of false and misleading intelligence to justify a conflict should be familiar to anyone who followed the events of 2003 and the manufactured case for war in Iraq. The US and the world continue to pay a heavy price for that intelligence failure. Given the deteriorating state of US-Russian relations, the last thing the US, Russia or the world need is another avoidable conflict, cyber or otherwise, based upon similarly flawed intelligence, for no other reason that to prop up the reputations of those who had bet everything on the outcome of the Mueller Report, and failed.