Why the FBI/DHS claim that Russia hacked the DNC is flawed ..
—
“The FBI/DHS Joint Analysis Report (JAR) “Grizzly Steppe” was released yesterday as part of the White House’s response to alleged Russian government interference in the 2016 election process.”
“It merely listed every threat group ever reported on by a commercial cybersecurity company that is suspected of being Russian-made and lumped them under the heading of Russian Intelligence Services (RIS) without providing any supporting evidence that such a connection exists.”
“A common misconception of “threat group” is that refers to a group of people. It doesn’t.”
“As security researchers, what we call “the Sednit group” is merely a set of software and the related network infrastructure, which we can hardly correlate with any specific organization.”
“Unlike Crowdstrike, ESET doesn’t assign APT28/Fancy Bear/Sednit to a Russian Intelligence Service or anyone else for a very simple reason. Once malware is deployed, it is no longer under the control of the hacker who deployed it or the developer who created it. It can be reverse-engineered, copied, modified, shared and redeployed again and again by anyone.”
“It is both foolish and baseless to claim, as Crowdstrike does, that X-Agent is used solely by the Russian government when the source code is there for anyone to find and use at will.”
FBI/DHS Joint Analysis Report: A Fatally Flawed Effort
The FBI/DHS Joint Analysis Report (JAR) “Grizzly Steppe” offers no evidence to support the White House sanctions against Russia.