User talk:Rjlabs/2016 US Russian cyber conflict

Rough background Notes
Situation is rapidly emerging...

People

 * Adam Segal, an expert on emerging technologies at the Council on Foreign Relations, a research center. Segal, author of “The Hacked World Order,” a book released earlier this year.


 * Laura Galante, an expert on Russian cyber capabilities and director of intelligence at FireEye, a Milpitas, California, company that is one of the fastest-growing U.S. cybersecurity firms.


 * Kimberly Zenz A cyber forensics expert based in Berlin, said there was confirmed Russian presence on the French network’s system. [TV5Monde]


 * Shawn Henry, president of CrowdStrike, the cyber firm called in to handle the DNC breach and a former head of the FBI’s cyber division. “It’s the job of every foreign intelligence service to collect intelligence against their adversaries,”  He noted that it is extremely difficult for a civilian organization to protect itself from a skilled and determined state such as Russia. The intrusions are an example of Russia’s interest in the U.S. political system and its desire to understand the policies, strengths and weaknesses of a potential future president

“There’s an amazing adversarial relationship” among the Russian intelligence agencies, Alperovitch said. “We have seen them steal assets from one another, refuse to collaborate. They’re all vying for power, to sell Putin on how good they are.” The two crews have “superb operational tradecraft,” he said. They often use previously unknown software bugs — known as “zero-day” vulnerabilities — to compromise applications. Russia has always been a formidable foe in cyberspace, but in the past two years, “there’s been a thousand-fold increase in its espionage campaign against the West,” said Alperovitch, who is also a senior fellow at the Atlantic Council. “They feel under siege.” Western sanctions, imposed after Russia’s annexation of Crimea in Ukraine, have hurt the economy and led the government to increase its theft of intellectual property to limit the impact of import restrictions, he said. And Russia’s growing isolation has increased the need for intelligence to understand and influence political decisions in other countries, he added. he two crews have “superb operational tradecraft,” he said. They often use previously unknown software bugs — known as “zero-day” vulnerabilities — to compromise applications. In the DNC’s case, the hackers constantly switched tactics to maintain a stealthy presence inside the network and used built-in Windows tools so that they didn’t have to resort to malicious code that might trigger alerts. “They flew under the radar,” Alperovitch said.
 * Dmitri Alperovitch, CrowdStrike co-founder and chief technology officer. The firm had analyzed other breaches by both groups over the past two years


 * Michael Sussmann, a DNC lawyer who is a partner with Perkins Coie in Washington. Sussmann, a former federal prosecutor who handled computer crime cases

“Trump’s foreign investments, for example, would be relevant to understanding how he would deal with countries where he has those investments” should he be elected, Deitz said. “They may provide tips for understanding his style of negotiating. In short, this sort of intelligence could be used by Russia, for example, to indicate where it can get away with foreign adventurism.”
 * Robert Deitz, former senior councillor to the CIA director and a former general counsel at the National Security Agency. The purpose of such intelligence gathering is to understand the target’s proclivities,” said


 * Debbie Wasserman Schultz - Democratic National Committee Chairwoman. Emails hacked


 * John Podesta - Clinton campaign chairman. Emails hacked


 * Colin Powell - former secretary of state. Emails hacked

https://www.dhs.gov/news/2016/10/07/joint-statement-department-homeland-security-and-office-director-national
 * Jeh Johnson - secretary of homeland security and
 * James Clapper- the director of national intelligence, in a statement last week. "


 * Michael McCaul (R-Texas) - House Homeland Chair


 * Cory Gardner - Senator (R-Colo.), who chairs the Senate Foreign Relations Subcommittee on East Asia, the Pacific, and International Cybersecurity,

Places

 * can probably link and geo code both Russian cyber agencies

Time/Date

 * a timeline would be good

Organizations

 * Council on Foreign Relations, a research center.


 * FireEye, a Milpitas, California, company that is one of the fastest-growing U.S. cybersecurity firms.


 * TV5Monde – hacked TV station in France. Hacked website and placed an image of a disguised jihadist with a black-and-white checked keffiyah and the words “Cyber Caliphate,” a group set up by the Islamic State. “We saw this as the first foray into an active false flag operation,” Galante said, using the espionage term for one side in a conflict disguising itself as a different party. “This was not long after the Charlie Hebdo shooting in Paris, and it served as a laboratory.”


 * CrowdStrike, the cyber firm called in to handle the DNC breach


 * Perkins Coie in Washington - Michael Sussmann, a DNC lawyer who is a partner with Perkins Coie in Washington. Sussmann, a former federal prosecutor who handled computer crime cases


 * GRU, or Russia’s military intelligence service - Alperovitch said Fancy Bear is believed to work for this organization
 * APT28 a/k/a Fancy Bear, a Russian hacking group that has targeted European security organizations, media and specific journalists. They use a version of Sofacy/Pawn Storm

https://www.theguardian.com/technology/2016/jul/29/cozy-bear-fancy-bear-russia-hack-dnc
 * Federal Security Service, or FSB – Russia’s security agency, which was once headed by Putin. Alperovitch is less sure of whom Cozy Bear works for but thinks it might be this organization
 * APT29, a/k/a Cozy Bear, has its origins in another branch of Russian intelligence, they say


 * Democratic National Committee
 * gained access to the entire database of opposition research on GOP presidential candidate Donald Trump
 * read all email and chat traffic, said DNC officials and the security experts.
 * The computers contained research going back years on Trump. “It’s a huge job” to dig into the dealings of somebody who has never run for office before, Dacey said.


 * Presidential Candidate Campaign Organization - Hillary Clinton - hacked


 * Presidential Candidate Campaign Organization - Donald Trump - hacked


 * Some Republican political action committees,- hacked


 * Russia -- “that encompasses online attacks, online attacks with a kinetic-real life result, communications and, most relevant here, efforts to control and create narratives.”


 * White House – unclassified email system hacked by Cozy Bear in 2014
 * State Department – unclassified email system hacked by Cozy Bear in 2014
 * Joint Chiefs of Staff – unclassified email system hacked by Cozy Bear in 2014


 * Democratic National Campaign Committee


 * National Intelligence and

Rick (talk) 05:18, 15 October 2016 (UTC)
 * Department of Homeland Security

What is this filth?
There is zero evidence to suggest that Russia is involved in any sort of cyber conflict with the United States. Every "source" will be directly traced back to the campaign of Hillary Clinton or the DNC. Suggest immediate removal of this stub. — Preceding unsigned comment added by 2602:306:3325:600:18D5:9E05:3370:59B3 (talk) 06:08, 16 October 2016 (UTC)


 * Well, other than the Department of Homeland Security. http://www.nytimes.com/2016/10/08/us/politics/us-formally-accuses-russia-of-stealing-dnc-emails.html?_r=0 Mooeena (talk) 00:19, 17 October 2016 (UTC)

Sure, the DHS, which serves at the pleasure of Barack Obama, who was recently exposed for providing aid and comfort to Hillary Clinton during her FBI investigation. I note that you used a NYT link, which was recently also exposed for directly communicating with the Hillary campaign as to how best to promote her agenda and support her candidacy. The article title violates WP:POV, and falls far below the standards of Wikipedia.2602:306:3325:600:28B6:AC20:B630:A575 (talk) 04:25, 18 October 2016 (UTC)

Focus of Article
At this point the "notability" banner is obsolete and may be removed, notability is well established. There is active debate on how to cover delete option, various merge options, etc. Link.

Article is about cyber conflict between USA and Russia. It involves strong, direct, and fully public statments made between top spokespeople, VPOTUS, POTUS and the POTRF (President of the Russian Federation.) The topic is not about current U.S. election politics. Its about 2016 cyber warfare between two major powers that very much transcends and will exist outside of the US election. The VPOTUS has directly accused Russia of cyber warfare and promised retaliation. The POTRF has directly denied those allegations. Currently, the article should be focusing on the available evidence did they, or didn't they, and how? In time the VPOTUS promised US response is quite likely to emerge. The article is not bound by the topic "the 2016 Democratic National Committee email leak" and can't really be shoehorned in there. In addition to DNC hacking there are the 1258 emails sent or received by then-US Secretary of State Hillary Clinton In addition there are 2,060 emails sent from or received by Hillary Clinton campaign manager John Podesta, including full transcripts of her paid speeches for Goldman Sachs     The focus should be much more on the hacking vs. the leaking. (The hacking is hard, the distribution/leaking is relatively easy.) Who is behind the hacking and how, and what is the covert and official positions of both governments? Cyber war rules of engagement are being established here. Long ago large countries became well armed for cyber war, this is the first time its strongly risen above the radar, the US has asserted that Russia "pushed the button here". Lets hope sophisticated countries don't commit stupid acts of provocation, or bravado, and any reaction to such idiocy are laser focused, highly contained and proportional. Rick (talk) 18:11, 18 October 2016 (UTC)

Need to report Russian side accurately
There is a need to incisively report the Russian side of this conflict. Accuracy, and straight talk language are critical.


 * If you write about Russia with any kind of nuance, you may confuse and anger many people. At first this will scare you, then it will infuriate you, then you'll get used to it.

Natalia Antonova, Former Editor The Moscow News, Russia's oldest English-language newspaper, defunct in 2014. See also: Without Notice, Putin Dissolves a News Agency

Context PLEASE!

 * If you are an unbiased expert by all means improve this section

The 2016 US Russian cyber conflict is best understood in the larger context.


 * Council on Foreign Relations, October 21, 2016, The State of U.S.-Russia Relations Excellent and current "top down" overview, with many high quality Russian points of view discussed. Video and MP3 podcast available.


 * The Kremlin Playbook Understanding Russian Influence in Central and Eastern Europe Put out by the Center for Strategic and International Studies (CSIS) a bipartisan, nonprofit policy research organization. The report is current, October 13, 2016.

I'm sure there are other excellent "backgrounders" that help set this article in context (and provide good cross referencing to other Wikipedia articles on relevant topics).

Russian Media

 * If you are an unbiased expert by all means improve this section

Since Wikipedia is basically a curator and "re-publisher" of high quality media, and other well vetted expert sources, it's important to scour Russian media for "the other half of the story". While independent media in Russia is limited, there remains some extremely intelligent discussion, directly accessible via Internet. As with the U.S. mainstream media, bias and spin must be carefully identified as such, excised, and fact checking is occasionally advisable.

Direct, verbatim quotes from Russian top level leaders, either sourced from trustworthy newspapers or captured directly on video and broadcast, well translated are very good sources.


 * This is a starter list. Experts please edit/add, add better annotations. Prefer to keep it to high end media sources such as NYT, WSJ, WP, ABC, CBS, NBC, NPR, etc.


 * Worldmeets.us - Quality independent English translations of Russian media. Example


 * Izvestia - long-running high-circulation daily broadsheet newspaper in Russia. It was a newspaper of record in the Soviet Union from 1917 until the dissolution of the USSR in 1991.


 * Moskovskiye Novosti Russian-language newspaper. Not sure if there is an English translation?


 * sputniknews  Updated "Radio Sputnik" online news and radio broadcast service established by the Russian government-controlled news agency Rossiya Segodnya.


 * Rossiya Segodnya Russian government-controlled news agency. Wholly owned and operated by the Russian government, created by an Executive Order of the Vladimir Putin in 2013. Incorporates the former RIA Novosti news service and the international radio service Voice of Russia (formerly Radio Moscow). According to the Decree of the President of Russia, the mandate of the new agency is to "provide information on Russian state policy and Russian life and society for audiences abroad.


 * RT (TV network) "Russia Today". Sister channel is RT Arabic. Funded by the Russian government and founded by the Russian news agency, RIA Novosti. Several critics regard RT as a propaganda outlet for the Russian government.


 * The Moscow Times - English-language weekly newspaper published in Moscow, with a circulation of only 35k. It's distributed for free at places frequented by English-speaking expatriates such as hotels, cafés, embassies, and airlines. Has served as a 'training ground' for foreign correspondents. Not sure on credibility?


 * The St. Petersburg Times - Defunct. The website stayed up until March 2015, after which it was usurped by The Moscow Times.

Other Russian Sources

 * This section is for non media sources such as press releases and statements by Russian governmental officials, Russian think tanks, etc. high end Russian experts, etc.

Need to report Russian side accurately posted by Rick (talk) 19:02, 22 October 2016 (UTC) Feel free to edit/improve.

US Pressure on Ecuador to cut off Assange
Comment - I've looked at the current page, and I'm baffled by the focus on Ecuador and Assange in the first section. How on earth is that related to Russian hacking, besides the fact that Wikileaks was the publishing arm for the some of the leaks? (hardly shocking, as Wikileaks is the most high-profile leak site available, and a natural go-to for hackers wanting highprofile press). But Wikileaks is not the only outlet that published this information (see The Smoking Gun and DCleaks), and so the current focus seems absurd - like starting an Edward Snowden leak page with a massive section on The Guardian. To clarify, according to current press Wikileaks and Russia are unrelated, excluding their coincidental involvement with silly season in the US this year, and their leaders' stated political preferences. I am half tempted to simply delete all the embassy information for being off topic (and for falsely insinuating that there is some Wikileaks/Russia conspiracy), so we can better clarify what this page is exactly supposed to focus on. Yvarta (talk) 16:41, 23 October 2016 (UTC)


 * Wikileaks by far has been the lead distributor of stolen information that's been used to destabilize the U.S. elections. Assange is the leader of that organization. Article focus is 2016 US Russian cyber conflict. There is overwhelming evidence that material was stolen from the US, by Russia, and given to Wikileaks as part of a state sponsored election disruption campaign. Its been widely reported that part of the US response has been to persuade Ecuador to cut off Assenge's Internet. The cut off has actually occurred. Hence the entire discussion falls under the US response. So far we have been following a "chronological" order, oldest first. Agree that it may not be the most significant response that has happened or will happen (especially given The Jesters response on Friday). Rick (talk) 23:43, 23 October 2016 (UTC)