Modern field guide to security and privacy
Russian President Vladimir Putin is seen on the viewfinder of a camera during his annual end-of-year news conference in Moscow, Russia, December 23, 2016.
Sergei Karpukhin/Reuters
|
Caption

Intelligence agencies reveal Putin plan to back Trump

An Office of the Director of National Intelligence briefing reveals the fullest picture yet of claims Russia attempted to influence the presidential vote. Trump, however, says the operation had 'absolutely no effect on the outcome of the election.'

The US intelligence community issued a blunt and direct indictment Friday afternoon of Russian President Vladimir Putin for attempting to sway the US presidential election in favor of President-elect Donald Trump.

The complex and sophisticated Russian operation involved a mix of cyberattacks, propaganda, and fake news to "undermine public faith in the US democratic process, denigrate Secretary Clinton, and harm her electability and potential presidency," according to a report from the Office of the Director of National Intelligence (ODNI). 

While the Obama administration has blamed Russia for the political hacks that targeted the Democratic Party organizations and sanctioned Moscow over the cyberattacks, the declassified briefing is the most complete accounting of the operation, which intelligence agencies say Mr. Putin ordered to influence US opinion and discredit Hillary Clinton's campaign. 

"Putin and the Russian Government developed a clear preference for President-elect Trump," the report stated. "When it appeared to Moscow that Secretary Clinton was likely to win the election, the Russian influence campaign then focused on undermining her expected presidency."

Before ODNI released its findings – which drew upon analysis from the CIA, FBI, and National Security Agency – US intelligence and law enforcement officials briefed Mr. Trump on the report and their analysis connecting the Russian government to the election hacks. 

In a statement, Trump called the meeting "constructive" and acknowledged that countries such as China and Russia have attempted to hack US organizations, including the DNC. But the president elect did not state that he agreed with the government's findings, nor did he specifically blame Russia for the cyberattacks during the campaign.

He did say, however, that the DNC breach had "absolutely no effect on the outcome of the election." Trump also added that he planned to appoint a team that would concoct a national plan for digital security within 90 days of the new administration.

Prior to his meeting with intelligence officials, including ODNI Director James Clapper and NSA Director Michael Rogers, Trump told The New York Times that the investigation into Russian hacking allegations amounted to a "political witch hunt" carried out by an administration "embarrassed" over his victory.

Over the past several weeks, Trump has continuously dismissed and discredited the intelligence community's assertions that Russian officials ordered the cyberattack and its operatives executed the campaign. 

In a tweet Thursday, he said, "So how and why are they so sure about hacking if they never even requested an examination of the computer servers? What is going on?" He was referring to reports that the FBI did not directly examine the DNC's compromised computer servers. 

Digital security experts who reviewed the report Friday hoped that the new intelligence findings would put to rest any questions about Russia's involvement in election-related hacking. 

"I hope this puts to bed all of the discussion about Russia’s involvement in these types of operations," says Dave Weinstein, chief technology officer for the state of New Jersey. "Naming and shaming – whether it's done from a tech perspective or an all source analysis perspective – is not a silver bullet. But it is a big piece of the puzzle."

Still, many experts noted a glaring lack of new technical details and other direct evidence linking Russian hackers or the Kremlin to the cyberattack on the DNC and other organizations. 

"The unclassified report is underwhelming at best. There is essentially no new information for those who have been paying attention," tweeted Susan Hennessey, a national security fellow at the Brookings Institution. "The report serves a few limited purposes, namely setting forth the areas of factual agreement between the agencies."

And some cybersecurity experts think the government's reports blaming Russia for the hacking campaign do little to strengthen the digital defenses of organizations and businesses that could be hit by attacks from Moscow in the future.

"Pointing fingers in cyberspace is an unproductive activity, and there’s no precedent for naming an actor or an individual group that helps companies and governments protect themselves," says Oren Falkowitz, chief executive officer at Area 1 Security. "If we want to deter organizations from hacking, we need to stop them with actions." 

But Robert M. Lee, a former Air Force Cyber Warfare Operations Officer and now a cybersecurity fellow at the New America think tank, says the declassified document wasn't meant to be a technical document that detailed the government's investigation. 

"[Washington] expects the American public to be reading this," he said. "There wouldn’t be anything to put in there that would be a smoking gun. They did it to show that they took a compressive look at everything."

Friday's assessment stated that Moscow, possibly angered over Clinton's "aggressive rhetoric" about Russia, set out to use its cyber operatives, state-funded media operations, and influential reach on social media to discredit Clinton. The Intelligence assessment also said the operation aimed to cast the US as "hypocritical" after online leaks last year revealed Russian doping at the Olympic and questionable business practices by Kremlin insiders. 

Its operation included hacking the DNC emails as well as creating fake online personas to take credit and spread the stolen documents, including giving them to the antisecrecy site WikiLeaks, according the report. It also stated that Russian hackers targeted the Republican National Committee, but did not leak documents from their servers. 

"This is very clear and very direct in the case that’s being made," said Michael Sulmeyer, director of the Cyber Security Project at Harvard University's Belfer Center for Science and Technology, and a former Pentagon official. "It seems like everyone is fully on board [with the finding]."

Jonathan "JJ" Thompson, founder of the cybersecurity firm Rook Security, says the most significant takeaway from the report is the fact that the intelligence agencies did not rely solely on the technical evidence to tie the attacks to Russia.

"What they are saying with the report is that we used multisource intelligence to glue together previous behavior patterns, strategy patterns and prior precedent to build an picture in which we have high confidence," he says. “This isn’t about just the methods and tactics utilized for the cyber piece."

The public version of the intelligence reports comes just one day after directors Clapper and Rogers testified before Congress about the Russian campaign and the ongoing cyberthreat facing the US. Clapper and other intelligence officials, including the FBI Director James Comey, are scheduled to appear at another Capitol Hill hearing with the Senate Select Committee on Intelligence on Tuesday. 

In a joint prepared statement for Thursday's Senate hearing, the spy chiefs noted that the "breadth of cyberthreats to US national and economic security has become increasingly diverse, sophisticated, and dangerous."

While incriminating reports such as the ODNI intelligence briefing may not change the nature of the threat facing the US, it sheds an important light of the nature of the threat that the US faces in the Digital Age.

"I’m not so sure that the report will deter anyone from doing anything in the future," says Harvard's Mr. Sulmeyer. "Even the report says this constitutes the new normal."

Jaikumar Vijayan contributed reporting for this article.