Remember how the Washington Post broke the claim that Russian had hacked into utility grid through a the Vermont utility? It went viral in a minute, with liberals somehow finding it more cause to castigate President-elect Donald Trump
Then this claim fell apart when it was discovered there was no breach of the system, just a Russian malware code on a laptop not connected to the grid system.
The WaPo now has admitted it had wrongly published the system was breached. Not only that, but they have admitted that the last little part of the story was not correct.
U.S. officials are continuing to investigate the laptop. In the course of their investigation, though, they have found on the device a package of software tools commonly used by online criminals to deliver malware. The package, known as Neutrino, does not appear to be connected with Grizzly Steppe, which U.S. officials have identified as the Russian hacking operation. The FBI, which declined to comment, is continuing to investigate how the malware got onto the laptop.
So even the supposed ‘identifiable’ Russian malware on the laptop turns out to be a fake, it’s a malware that has no Russian hacker-specific connection.
The supposedly identifiable malware or IP addresses stemmed from the DHS/FBI report about the alleged hacking of the DNC and the Podesta leak. But now the Washington Post even calls that into question.
But a range of cybersecurity experts say that although the intention of the report was good, it lacked specific details that would enable firms to detect Russian government hackers.
At least 30 percent of the IP addresses listed were commonly used sites such as public proxy servers used to mask a user’s location, and servers run by Amazon.com and Yahoo. (Amazon’s founder and chief executive, Jeffrey P. Bezos, owns The Washington Post.) The IP address information alone is not useful, experts noted. Moreover, a server that is used by Russian spies one year might be used by “granny’s bake shop” the next, Lee said.
“No one should be making any attribution conclusions purely from the indicators in the [government] report,” tweeted Dmitri Alperovitch, chief technology officer of CrowdStrike, which investigated the DNC hack and attributed it to the Russian government. “It was all a jumbled mess.’’
Now, we wouldn’t say that Russia hasn’t done hacking against the United States. They have.
But the effort at this particular point in time, as Sen. Tom Cotton observed, seems purely to hype everything as a Russian hack to delegitimize Donald Trump’s win.
As Cotton noted, where was the attention to prior hacks, such as those at the White House, the State Department and the OPM?