The Latest Russian Plot: Hacking Nuclear Power Plants

Yet another Russia story is being reported breathlessly from our nation’s finest major media outlets, this time hyperventilating over the claim that the Russians are trying to hack into U.S. nuclear infrastructure.

The New York Times, Newsweek, Bloomberg, the Washington Post, NBC, the Chicago Tribune, Business Insider, the Hill and numerous other outlets have pushed the idea that Russia is behind recent malicious cyber activity at several U.S. nuclear plants—so what gives?

This story appears to have broke, or was at least thrust into public attention, by the venerable New York Times with a July 6 story entitled “Hackers Are Targeting Nuclear Facilities, Homeland Security Dept. and FBI Say.”

Therein, Times writer Nicole Perlroth runs down a recent spate of cyber attacks on the computer networks of firms that operate nuclear power stations and other energy facilities, as well as manufacturing plants in the U.S. and other countries, citing “security consultants” and a joint report issued by the DHS and the FBI.

Fortunately, the report says, none of the attacks came close to affecting what officials from the Wolf Creek Nuclear Operating Corporation called “operational systems,” instead only targeting corporate networks. A joint DHS-FBI statement added there was “no indication of a threat to public safety.”

Already the blow of the report is softened, as the hacks in question apparently did not target the United States alone and did not even begin to threaten the operation of any nuclear plant in any country. The report, further, also suggests such attacks are somewhat commonplace, describing energy facilities as frequent targets of cyber attacks.

At this point, the story is not quite the explosive, dire threat to national security it initially appeared to be, but that’s only because we’re missing a key element: Russia!

Curiously, the report waits until the eleventh paragraph to inform its readers that, according to two people familiar with the investigation, “the hackers’ techniques mimicked those of the organization known to cybersecurity specialists as ‘Energetic Bear,’ the Russian hacking group that researchers have tied to attacks on the energy sector since at least 2012.” [Hyperlink in original]

The paragraph directly above that one states “the origins of the hackers are not known,” but that doesn’t stop NYT from casting suspicion on the evil Russian menace (who else?), citing research from none other than CrowdStrike, the cyber-security firm hired to investigate the DNC leaks last summer.

CrowdStrike, it should be noted, was co-founded by Russian ex-pat Dimitri Alperovitch, who also happens to be a senior fellow at the Atlantic Council, an establishment think tank that takes a hard line on Russia, and a much softer one on Hillary Clinton.

CrowdStrike’s findings regarding the DNC have not only been challenged by numerous reputable critics from the intelligence community (IC)—including retired CIA and army intelligence officer Phil Giraldi, former NSA official William Binney, former CIA chief analyst Ray McGovern, as well as the whole Veteran Intelligence Professionals for Sanity organization—but also by cyber security expert Jeffrey Carr, and retired British diplomat Craig Murray, who insists he has first hand knowledge of an insider leak, not a hack.

Moreover, CrowdStrike’s attribution of Russian culpability in a prior incident in Ukraine was demolished in two March reports from Voice of America. VOA exposed the firm’s work as nothing short of shoddy, failing to even attempt to contact the Ukrainian military, whom the firm claimed fell victim to devastating Russian cyber attacks. Perhaps unsurprisingly, the Ukrainians had no idea what CrowdStrike was talking about.

Attribution of hacks, as pointed out by cyber-security consultant Jeffrey Carr, is nearly impossible given the ability of modern hackers to disguise their identities and elude detection (the CIA, apparently, can even fabricate fingerprints to implicate whomever they wish, according to what was learned from WikiLeaks’ “Vault 7” document dump).

When CrowdStrike claims a particular actor is responsible for an attack, however, the firm, government officials and the media alike all use it as a starting-point in asserting guilt in future cyber attacks, precisely as the Times report did.

Yet if the initial attribution was incorrect, every new attribution based upon it is very likely incorrect as well—it’s turtles all the way down. The “Russia did it” clique is nevertheless happy to keep up a deluge of flimsy accusations, as many average media consumers will simply assume where there’s smoke, there’s fire.

While the Russia angle didn’t make it into NYT’s headline, the same cannot be said for most of the other major outlets that covered the story, many of whom could not resist inserting claims of Russian involvement at the top of their articles, effectively ginning up yet more fear and hostility toward our nuclear-armed rival.

Indeed, since the election there has been a trend of Russia scares, not least of which can be found in the now-discredited story surrounding Russian hacking into Vermont’s power grid. Sound familiar? The Washington Post shamelessly published this junk journalism without even bothering to contact the utility company that operates the grid. This resulted in a hilarious correction, with the addition of an “editor’s note” so completely at odds with story’s main contention that it might as well say “the following report is nonsense, don’t read it.”

Regrettably, even otherwise reliable publications have jumped aboard the narrative, at least in part, with Glenn Greenwald’s Intercept claiming to have proof, in the form of a leaked NSA document, of Russian complicity in cyber attacks on a U.S. voting software supplier and several election officials.

One certainly should not expect the Intercept to ignore a leak, but in stark contrast to so many other stories published at the outlet, the report lacks any information derived from real raw intelligence. It is instead based merely on assertions of “high confidence” from intelligence spooks with a proven penchant for untruth.

Claims of high confidence from the confidence-men of the IC, unfortunately, do not carry the weight they should.

Adding to the list of media malfeasance:

• A recent retraction from both the Associated Press and New York Times, forced to admit their claims (echoed by many others) about a consensus among “all 17 intelligence agencies” regarding Russian hacking were wrong. In fact, hand-picked members from only three agencies were involved in the IC assessments published in December 2016 and January 2017, a far cry from all 17.

• The three CNN staffers who resigned over a faulty Russia story alleging collusion with a Trump associate.

• Several high-profile CNN employees caught on hidden cameras questioning the veracity of the Russia hacking story altogether, to put it politely.

While a handful of the numerous investigations into the Russia allegations are ongoing, one wonders how many retracted stories, baseless IC reports, resigned journalists and candid admissions one must suffer before skepticism is justified.

After seven months of digging, it ought to give pause that nobody has yet to find anything close to a smoking gun—and there’s no doubt they’ve been looking.

To be frank, nobody really knows whether or not the Russians had any involvement in the 2016 election—or if they did, to what extent—yet perfect certainty is not required in order to see through the veritable flood of baseless allegations emanating from our Imperial Press and the politicians they so obsequiously serve.

Here we have the first president in a blue moon to unabashedly announce his desire to improve American relations with Russia, a country second only to the U.S. in the size of its nuclear arsenal. Is it any accident that, thus far, Trump’s presidency has been plagued by regular Russophobic accusations and never-ending hysterics about a Russian fifth column?

On second thought, forget about it—it’s probably just a coincidence.