On Monday, the US Department of Justice laid out a slew of charges against six “Russian GRU officers” who it alleges masterminded malware attacks that caused billions in damage over the last few years.
According to the DoJ, the accused are responsible for the 2015 and 2016 attacks on the Ukrainian power grid; the hacking of French political party La République En Marche during the 2017 elections; the 2017 NotPetya worldwide ransomware attack; several attacks on the 2018 Winter Olympics in Pyeongchang, South Korea; spearphishings targeting various entities investigating the alleged poisonings of Sergei and Yulia Skripal in 2018; and a 2018 and 2019 spearphishing campaign that targeted several companies and government institutions in the Caucasian republic of Georgia.
According to TechCrunch, the accused live in Russia, and thus the indictment “serves as a ‘name and shame’ effort, frequently employed by Justice Department prosecutors in recent years where arrests or extraditions are not likely or possible.”
Daniel Lazare, investigative journalist and author of "The Velvet Coup," told Radio Sputnik’s Political Misfits on Tuesday the US loves to blame the Russian government for hacking attacks because it’s virtually impossible to prove the claims’ veracity while being politically useful to smear enemies.
“It’s a safe bet that Washington has little idea how Russian intelligence works and it operates under the assumption that if the name ends in an -sky or -ov, then it must be Russian intelligence. But in fact the evidence is always lacking, and they’re always unable to prove a connection, so therefore we’re left with the fact that certain individual Russians may have tried to hack certain Western computers, but that’s all we know. It’s really all we can know. The hype is invariably inflated,” Lazare told hosts Michelle Witte and Bob Schlehuber.
“The presumption is that when anyone in Russia hacks any computer anywhere that somehow it’s at the behest of Russian intelligence and/or the Kremlin,” Lazare said.
“I mean we saw that in Russiagate, for example: I mean, [former special counsel Robert] Mueller … made that leap all the time in tying the Internet Research Agency - the company in St. Petersburg which allegedly placed the false ads with Facebook - he constantly made the connection in his report between them and the Kremlin. Yet he offered up no evidence whatsoever. It was really astonishing. No one questions him on that because the mindset in America is: yes, if it’s a Russian it’s got to be Russian intelligence. It’s got to be [Russian President Vladimir] Putin. As far as Americans are concerned, those three entities - Russia, Putin and Russian intelligence - are essentially the same.”
Lazare recalled that in the case of the alleged hacking of French President Emmanuel Macron’s party in the 2017 elections, the US National Security Agency claimed at the time that Russian intelligence had run the attack, but Guillaume Poupard, the head of the French computer security agency ANSSI, roundly rejected that idea, saying the attack “was so generic and simple that it could have been practically anyone.”
“Washington operates under the assumption that if you fling enough mud, some of it will stick,” Lazare told Sputnik. “So if these allegations are made again and again and again, then people will be sort of bludgeoned into believing that there’s gotta be some truth there somewhere.”
Lazare said “the most frightening thing about cyberwarfare” is the ability of spy agencies to camouflage their work - he recalled that the Vault 7 leaks exposed the CIA’s ability to disguise its hacks as having been by another country - and the ability to dissimulate when bringing the information to the public, most of whom don’t understand the topic well enough to really know what’s being said or not said.
“It’s almost impossible to know what’s happening,” he said. “If, for example, some dam turbine closes down for reasons that no one can explain, and someone says, ‘Ah, it’s Russian cyberwarfare’ - well it may be, or it may not be, but it’s almost impossible to prove. But Western governments - and the US especially - have taken the attitude that ‘act first, think later.’ If it’s believed to be Russian cyberwarfare, then we will respond with an equal and opposite attack, if not moreso.”
“What that means is that if some turbine shuts down somewhere, we will black out three Russian cities. And then only months later will some intrepid reporter discover that ‘well hey, the evidence for that Russian involvement in that turbine shutdown is actually rather scanty,’” Lazare said.
He noted that when the US goes on the offensive, as it did with the Stuxnet attack on Iran’s nuclear industry in the late 2000s, it causes a “rapid escalation, and also a rapid plunge into indeterminacy, because no one knows where these attacks are coming from or if they really are attacks. It’s a kind of underground warfare [in] which the normal rules of warfare don’t apply, and therefore all sides are fairly invited to cast all caution to the winds and behave as recklessly as they proceed.”
“If there’s anything that should be keeping us up at night, this is it,” Lazare told Sputnik.