A Deep Dive Into Russian Surveillance In The Silicon Valley Area

Via Foreign Policy:

This focus on signals and technical intelligence persisted until much more recently, multiple former U.S. intelligence officials told me. “It was almost like everyone they had there was a technical guy, as opposed to a human-intelligence guy,” one former official recalled. “The way they protected those people — they were rarely out in the community. It was work, home, work, home. When they’d go out and about, to play hockey or to drink, they’d be in a group. It was hard to penetrate.” The same official also noted that San Francisco was integral to the discovery by U.S. intelligence of a new class of Russian “technical-type” intelligence officer, working for the rough Russian equivalent of the National Security Agency, before this organization was eventually folded by Putin back into the FSB. This group, which was not based at the consulate itself, was identified via its members’ travel patterns — they would visit the Bay Area frequently — and the types of individuals, all in high-tech development, with whom they sought contact. According to this former U.S. official, these Russian intelligence officers were particularly interested in discussing cryptology and the Next Generation Internet program.

But it was the consulate’s location — perched high atop that hill in Pacific Heights, with a direct line of sight out to the ocean — that likely determined the concentration of signals activity. Certain types of highly encrypted communications cannot be transmitted over long distances, and multiple sources told me that U.S. officials believed that Russian intelligence potentially took advantage of the consulate’s location to communicate with submarines, trawlers, or listening posts located in international waters off the Northern California coast. (Russian intelligence officers may also have been remotely transmitting data to spy stations offshore, multiple former intelligence officials told me, explaining the odd behaviors on Stinson Beach.) It is also “very possible,” said one former intelligence official, that the Russians were using the San Francisco consulate to monitor the movements, and perhaps communications, of the dozen or so U.S. nuclear-armed submarines that routinely patrol the Pacific from their base in Washington state.

All in all, said this same official, it was “very likely” that the consulate functioned for Russia as a classified communications hub for the entire western United States — and, perhaps, the entire western part of the hemisphere.

There is a lot to this very long form piece, including descriptions of Russian intelligence operations and communications patterns, how lawful Russian overflights of American territory might be used for a variety of intelligence purposes, and the Trump administration’s likely cluelessness about why closing the Russian consulate in San Francisco was so significant. But most interestingly, for me, was how the consulate likely functioned as an outpost for Russian signals intelligence operations, both due to the depth of analysis in the article but also for what it tells us about how Western-allied consulates and diplomatic facilities are likely used.1 In effect, the concerns raised by former FBI and other American counter-intelligence officers speaks to how America and her allies may conduct their own forms of surveillance.

  1. In a provincial sense, the concerns and opinions espoused by American counter-intelligence officers also raises questions as to the role of Canada’s significant number of diplomatic facilities scattered throughout China and other regions where the United States is more challenged in building out State Department facilities.

There’s something…special…about being ‘covered’ by an organization that is the actual definition of fake news/Russian propaganda.


How Russia Polices Yandex

From Vice Motherboard:

This year, the “news aggregator law” came into effect in Russia. It requires websites that publish links to news stories with over one million daily users (Yandex.News has over six million daily users) to be responsible for all the content on their platform, which is an enormous responsibility.

“Our Yandex.News team has been actively working to retain a high quality service for our users following new regulations that impacted our service this past year,” Yandex told Motherboard in a statement, adding that to comply with new regulations, it reduced the number of sources that were aggregated from 7,000 to 1,000 with “official media licenses.”

The predicable result of the Russian government’s new law is that the government can better influence what information is surfaced to Russian citizens: when state news outlets release the same press release, en masse, Yandex1 and other major aggregators with a large number of readers are predominantly exposed to what the government wants them to see. So while Russia may interfere with foreign countries’ political processes by exploiting how social network and aggregator algorithms function (along with out-and-out illegal exfiltration and modification of communications data) they, themselves, are trying to immunize themselves to equivalent kinds of threats by way of the liabilities they place on the same kinds of companies which do business in Russia.

More broadly, the experience in Russia and changes in how Yandex operates should raise a warning flag for caution advocates in the Western world who are calling for social media companies to be (better) regulated, such as by striking down or modifying Section 230 of the Communications Decency Act (CDA). While there are clear dangers associated with these companies operating as contemporary digital sovereigns there are also risks associated with imposing harsh liability systems for publishing other persons’ content.

While such regulations might reduce some foreign interference in political systems it could simultaneously diminish the frequency at which legitimate alternative sources of information which are widely surfaced to the public. It remains unclear just how we should regulate the spread of malicious political messaging2 but, at the same time, it’s critical to ensure that any measures don’t have the detrimental effect of narrowing and diminishing the political conversations in which citizens can participate. It’s the very freedoms to have such conversations that distinguishes free democratic countries from those that are more autocratic.

  1. Sidenote: Yandex is the only website I’ve ever had to block from scraping my professional website because it was functionally acting as a DDoS.
  2. One idea would be to deliberately cut down on how easy it is to spread any and all information. By requiring additional manual effort to share content only the most motivated would share it. Requiring actual humans to share content with other humans, if done in a robust way, might cut down on the ability of bots to automatically propagate content as though ‘real’ people were sharing it.

This dark concept of total distrust was mostly spread via the Internet because it was what the Internet was built for—sharing ideas. Although the Internet is the most democratic means of communicating, it can be also be misused by governments and other groups.

Does this mean we should accept the concept that the Internet carries more threats than benefits?

The creators of the Internet supported the opposite concept. Unlike Putin, they believed in people and built the global network under the assumption that it would be used for sharing something good. They may look naïve these days, but we have our modern linked-up technological world thanks to their concepts, not Putin’s. These days, we all speak the language of suspicion and threats posed by the Internet. In a way, in means we are speaking Kremlin’s language. Do we really need to?


The Perfect Weapon: How Russian Cyberpower Invaded the U.S.

As the year draws to a close, it now seems possible that there will be multiple investigations of the Russian hacking — the intelligence review Mr. Obama has ordered completed by Jan. 20, the day he leaves office, and one or more congressional inquiries. They will wrestle with, among other things, Mr. Putin’s motive.

Did he seek to mar the brand of American democracy, to forestall anti-Russian activism for both Russians and their neighbors? Or to weaken the next American president, since presumably Mr. Putin had no reason to doubt American forecasts that Mrs. Clinton would win easily? Or was it, as the C.I.A. concluded last month, a deliberate attempt to elect Mr. Trump?

In fact, the Russian hack-and-dox scheme accomplished all three goals.

This is an absolutely brilliant piece of journalism by Harris, Singer, and Shane. It unpacks the publicly available information about the intrusions into the Democratic National Committee’s systems and how information was subsequently mobilized and weaponized. These sorts of attacks will continue to be effective because all it takes is a single failure on the part of defenders, often in the face of hundreds or thousands of discrete attacks. As a result the remediation process is, today, arguably the most important of a cyber-security event because a dedicated and resourced attacker will eventually penetrate even the best secured networking infrastructure. And the Democratic National Committee, and Democratic Party more generally, still lacks a remediation policy months after the attacks.


WikiLeaks Isn’t Whistleblowing

Mass data releases, like the Podesta emails, conflate things that the public has a right to know with things we have no business knowing, with a lot of material in the middle about things we may be curious about and may be of some historical interest, but should not be released in this manner.

All campaigns need to have internal discussions. Taking one campaign manager’s email account and releasing it with zero curation in the last month of an election needs to be treated as what it is: political sabotage, not whistle-blowing.

These hacks also function as a form of censorship. Once, censorship worked by blocking crucial pieces of information. In this era of information overload, censorship works by drowning us in too much undifferentiated information, crippling our ability to focus. These dumps, combined with the news media’s obsession with campaign trivia and gossip, have resulted in whistle-drowning, rather than whistle-blowing: In a sea of so many whistles blowing so loud, we cannot hear a single one.

This is one of the best arguments against the recent activities of Wikileaks. Not because Wikileaks is operating as a front for Russia. Not because the contents of the recent leaks aren’t newsworthy. Not because the public doesn’t find the revelations to be interesting and fun.

No, the core issue with the latest rafts of leaks is that they were not sufficiently currated, with the impact being that obstensibly private information is taken and circulated and mischaracterized. This has the effect of stunting the electoral process while, simultaneously, reconfirming to persons in power that they need to adopt a culture of oral communications and decisions. This is not a governance direction that is in the public’s best interests.

However, it’s important to also situate Wikileaks’ activities in some context. Wikileaks is designed to clog up the machinery of government states and bureaucracies. Part of its mission is to scare organizations with the threat of leaks in an effort to hinder what Julian Assange/Wikileaks regards as harmful or objectional activities. So the leaks associated with the DNC and staff affiliated with Clinton are perfectly aligned with Wikileaks’ raison d’être. In the past such activities may have been regarded are more legitimate – the organization was principally focused on state level activities – but it is now focused on deliberately releasing information at core points in an electoral cycle. Doing so may have affected the unfolding of the election but it’s important to acknowledge that Wikileaks’ intent was not driven by Russia (presuming that was a source of at least some of the leaked information): instead, this was a case where Russian and Wikileaks just happened to have directly overlapping objectives.


Russian Hackers Now Targeting U.S. Think Tanks That Specialize in Russia

Russian Hackers Now Targeting U.S. Think Tanks That Specialize in Russia:

“Any respectable think tank has been hacked,” Lewis told Defense One on Monday. “The Russians just don’t get the idea of independent institutions, so they are looking for secret instructions from Obama. Another benefit is they can go to their bosses and show what they took to prove their worth as spies.”

Any respectable think tank is proud to have such garbage security that the intellectual property it hopes to profit from, to say nothing of political advocacy, is available to unauthorized third parties.