Wednesday, August 23, 2017

Does a Bear Hack in the Woods?

People in my feed keep telling me they know for sure who didn't hack the DNC: Russia. They're not alone. 

From day one, Donald Trump has (almost) always maintained that the attribution of the DNC hacks to Russian agents was a hoax. Fake news! June 15, 2016, was the day Crowdstrike announced its analysis of the hack, and the same day someone calling themselves "Guccifer 2.0" began releasing leaked files. Trump released a statement, saying “We believe it was the DNC that did the ‘hacking’ as a way to distract from the many issues facing their deeply flawed candidate and failed party leader.”


This of course was less than a week after his top aides met with Russians claiming to have dirt on Hillary Clinton, as "part of Russia and its government's support for Mr. Trump." That seems rather specific, wouldn't you say?

What I keep hearing is that there is "no evidence" that the Russians hacked the DNC, or if there is, that it's "not enough," Or that it's all been thoroughly debunked. Or that no matter what evidence has been provided, it simply can't be trusted. 


That's because Crowdstrike is funded by DNC donors, and/or it's too close to the FBI, and/or one of its co-founders is biased against Russia, and/or they're in bed with George Soros, and/or it's owned by a rich Ukrainian, and so on. According to this narrative, the Russian hack evidence could have been fabricated by Crowdstrike to create a "false flag" attack, and then the FBI simply relied uncritically on what they were told, because they were never given direct access to the DNC servers. So even if other cybersecurity companies and experts have corroborated these findings, it still doesn't count because they're all relying on Crowdstrike's data, which could have been faked. 

Then, skeptics say, the ODNI report falsely claimed that all 17 intelligence agencies had investigated the matter and all agreed with "high confidence" that it was a Russian operation – when in reality it was only 3 (or 4) of them, and all they did was ratify the original sketchy report. And since then, the Trump Administration has been under a constant "near seditious" assault from anonymous leaks by Deep State intelligence officials to mainstream media outlets like the New York Times and the Washington Post, which is exactly how we were lied into the Iraq War! And all of this is based on no evidence whatsoever, or none that should be trusted, since it all came from nameless spooks and a compromised cybersecurity firm. 


As usual, the story is a bit more complicated than that. 

Puzzlin'  Evidence

It was not Crowdstrike that told the FBI about the Russians. The FBI had called the DNC in September of 2015 to give them a heads up that they had Russians rooting around their network. But they didn't send agents over, nor did they contact the leadership; they left a voicemail with a low-level IT staffer, who, as it turns out, thought it was a prank call. It would be another seven months before Crowdstrike was brought in.

But in the meantime, another firm, SecureWorks, had been tracking Russian hackers through thousands of links that were used in spearphishing campaigns against high-level targets, including "individuals in Russia and the former Soviet states, current and former military and government personnel in the U.S. and Europe, individuals working in the defense and government supply chain, and authors and journalists" – and the DNC. “We were monitoring bit.ly and saw the accounts being created in real time,” said one SecureWorks analyst.

The Democrats were ill-equipped to handle the threat. The IT staffer had initially run a scan of the networks and found nothing. So when he got additional voicemails from the FBI, he ignored them. And because the FBI inexplicably failed to notify top DNC officials, the clock continued to tick 
(and this lackadaisical approach may help explain why the DNC might have been reluctant to hand over their servers). So it wasn't until late April of 2016 that the DNC  realized something was seriously wrong and brought in Crowdstrike. 

Crowdstrike immediately found breaches in the DNC network. They watched the malware working in realtime and very quickly identified the attackers, based on key details like "
used and reused tools, methods, infrastructure, even unique encryption keys.There were two groups of intruders that were well known to them, nicknamed Cozy Bear and Fancy Bear. The former, known to other cybersecurity firms as APT28, used malware linked to hackers who worked with the Russian intelligence agency FSB. The latter, also known as APT29, were connected to the GRU; they used command and control instructions from the same IP address as the 2015 Russian attack on the German Bundestag.

The Crowdstrike report was corroborated by other security firms familiar with the tactics of Russian hacker groups. DNC hack skeptics claim that they were all relying on evidence provided by Crowdstrike – which could have been faked – but SecureWorks came to the same conclusion independently, and prior to the release of the report. Moreover, faking the thousands of web links and spearphishing campaigns would be prohibitively expensive for any hacker groups not backed by deep pockets. And the targets were a who's who of email accounts of interest to the Russian government, like anti-Russian Ukrainians, NATO officials, and the World Anti-Doping Association. Crucially, the later spearphishing attacks on John Podesta and Colin Powell also contain these same URLs, which SecureWorks had been watching for many months prior as part of Fancy Bear's operations. Their emails ended up in the hands of WikiLeaks, Guccifer 2.0, and DC Leaks. 

Crucially, Crowdstrike's competitors, who would have every incentive to prove them wrong, confirmed their analysis, and added additional details suggesting Russian ties to the people behind the Guccifer 2.0 persona that distributed the hacked emails. ThreatConnect discovered a breadcrumb trail from one G2 blogger's French AOL account back to a Russian VPL service. Fidelis Cybersecurity agreed that the advanced malware used in the attacks
(including CHOPSTICK and SeaDaddy) was "at times identical to malware the Russian hacking groups have used in the past." Mandiant, a subsidiary of FireEye, analyzed the domain registrations for sites like fancybear.net and dcleaks.com and found that they “match up with the domain registration behavior seen from APT28 in the past.”

FireEye CEO Kevin Mandia testified before the Senate Intelligence Committee in March of 2017.  His company believed the Russians were the likely culprits, he said, because "we reviewed and compared intrusion methodologies and tools, malware or authored exploits and use of shared personnel. We also examined forensic details that were left behind, such as the specific IP addresses or email addresses from spearphishing attacks, file names, MD5 hashes, timestamps, custom functions, encryption algorithms, or backdoors that may have command and control IP addresses or domain names embedded." 

Also testifying that month was Thomas Rid, Professor of Security Studies at King’s College in London. Rid has written extensively on the Russian attacks on the DNC, including a lengthy article for Esquirea more technical analysis, with links, at Motherboard, and an even more technical white paper, locked behind a paywall, for the Journal of Strategic Studies (summarized here). Rid's Senate testimony offered a rundown on the history of Russian cyber activities before turning to the summer of 2016: "The publicly available evidence that implicates Russian intelligence agencies in the 2016 active measures campaign is extraordinarily strong. The DNC hack can be compared to a carefully executed physical break-in in which the intruders used uniquely identical listening devices; uniquely identical envelopes to carry the stolen files past security; and uniquely identical getaway vehicles." 

Another cybersecurity expert who independently analyzed the DNC hack evidence is Matt Tait, CEO of Capital Alpha Security in the UK. Tait frequently offers his views on cyber issues via his Twitter account, @pwnallthethings, but he also writes for the respected Lawfare blog. Tait told NPR in January 2017 that he was initially skeptical of the DNC hack theory: "Well, it just seems too fantastical to be true. Russia has very good hackers. You know, this is a government agency. So initially what I did was I decided I'm going to go and prove Crowdstrike wrong." After examining the available evidence, though, Tait changed his mind. "What you start to discover is that there's a very large number of little pieces of information, some of which point towards Russia. Some of them point towards Russia very, very strongly. And eventually, I came to the conclusion that there's no other reasonable conclusion that you can make."

Tait laid out his analysis in a blog post about six weeks after the Crowdstrike report, with quotes from his tweets interspersed. But he also found himself playing a bit part in the story when he was contacted by the late Peter Smith, who was pretty clearly working as a cutout for the Trump campaign. Smith wanted Tait's help authenticating what were purported to be copies of Hillary Clinton's State Department emails obtained through the "dark web," with the possibility, as Tait noted, "that this may have been part of a wider Russian campaign." In the end, Tait was never shown the material, as he refused to sign a nondisclosure agreement, but when the Wall Street Journal broke the story in June 2017, it became one more piece of the puzzle suggesting collusion between the Russians and the Trump campaign. 


Responsible Opposing Viewpoint


Whatever else can be said about the foregoing paragraphs, they cannot be characterized as "no evidence." All of this was publicly available before the ODNI issued their report in January of 2017. That report assessed with high confidence that “Russian President Vladimir Putin ordered an influence campaign in 2016 aimed at the US presidential election” based on investigations by the FBI, CIA and NSA (and agreed to by the other 14 agencies in the intelligence community). Much of what they brought to the table remains classified, but it pretty clearly includes surveillance of Russian targets, some of which has leaked out in the intervening months from the small army of DC insiders who have seen the unclassified version. 


At this point it has to be acknowledged that, due to the nature of digital information, no cybercrime attribution can ever be 100% definitive. Given the proprietary interests of both Crowdstrike and the DNC, as well as the clandestine nature of intelligence work, much of the story is still obscured (journalist Marcy Wheeler, AKA Emptywheel, does a good job of laying out what is and isn't known in this December blog post). Some of this information may see the light of day in various courtrooms in coming months. In the meantime, plenty of reasonable people have their doubts about the DNC hack theory, including respected journalists like Robert Parry and Glenn Greenwald. Then, too, there is a small army of partisans and delusional rumor-mongers who are wittingly and unwittingly spreading disinformation about the case. 


Ever since the story broke, reporters and private sleuths have been trying to poke holes in the DNC hack theory, and we will examine some of their evidence, both cogent and otherwise, in a subsequent post. But this looks like the kind of story we will be arguing about for years to come. Fact, is, I don't know, beyond a shadow of a doubt, who hacked the DNC. And neither do you.

Notably, nearly everyone involved -- the Russians, the Trump campaign, the intelligence agencies, the Democrats, the security firms, the big media corporations -- have a motive for prevarication, and/or a record of falsehoods. So we have truly entered a hall of mirrors here. But to deny the Trump/Russia story requires you to believe that all of the above actors, with the obvious exceptions of Trump and the Russians, are lying about this case. 

It means that Crowdstrike, SecureWorks, ThreatConnect, Fidelis and Mandiant all colluded to concoct an extremely elaborate false flag operation to implicate the Russians, with help from their allies at the Democratic National Committee, aided by a multiyear campaign of anonymous leaks to Big Media operators like the New York Times, the Washington Post, and the Wall Street Journal. They were aided and abetted in this endeavor by the Obama Administration, with their tight-fisted control over the CIA, the NSA, and the FBI (never mind that the latter agency, at the least, was home to a sizeable and leak-prone pro-Trump faction).

All of this was orchestrated at a time when virtually the entire planet believed that Hillary Clinton was going to win the election, though when she didn't, the entire coalition shifted seamlessly into a Deep State effort to remove Donald Trump from office. But the hack skeptics have a narrative that explains the motive for this wide-ranging operation, and that is that all concerned are working to provoke a new Cold War with the Russians.

After all, the skeptics point out, if you substitute neocon think tanks for cybersecurity firms, this is the exact same coalition that lied us into the Iraq War -- if you also substitute the Republican Party for the Democrats. But Hillary Clinton was a well-known warhawk, then and now. And Donald J. Trump, whatever his other flaws, had the virtue of favoring better relations with the Russians. This the pro-Cold War coalition could not abide, so when he inconveniently got himself elected, they joined forces with key GOP committee chairs to work at forcing him from office. 

This narrative leans on a well-justified dismay at the deteriorating relationship between the two superpowers, a well-established history of US interventions in Russian politics, and a well-reasoned objection to the reckless and counterproductive policies of NATO expansion. The US had intervened on behalf of Boris Yeltsin, reneged on a promise to Mikhail Gorbachev to keep NATO out of Eastern Europe, looted the Russian economy with the help of neoliberal economists, and has been meddling along Russia's periphery ever since. And, say skeptics, the proximity of NATO forces to Russia's borders is alarmingly increasing the risk of a nuclear confrontation. The Intelligence Community (IC) and the military-industrial complex they serve (MIC) are not to be trusted, and neither are the neocon faction of corporate Democrats and their allies in the cybersecurity front. 

Trump's election imperiled this coalition's plans to reap the benefits of expanded security spending, and their agenda for regime change in Russia, which would have come to fruition under a Clinton Restoration. Thus their false flag operation to create a casus belli against Putin neatly morphed into a bipartisan plot to remove Trump. This DNC hack theory is thus exactly what Trump said it was from day one: a hoax. It was simply a sour-grapes effort to explain away Hillary's deficiencies, or explain away an obvious leak from a disgruntled insider, now aided and abetted by Trump's enemies in the Deep State. 

There are a number of problems with this narrative.

Hold On a Minute Here

• First, the kind of "better relations" that Trump and Putin have in mind are probably quite different from the peaceful co-existence that would presumably prevail under a Pax Trumpicana if the pro-Cold War faction would just stand down. Both men are clearly motivated by an agenda that involves looting their respective economies on behalf of themselves and the oligarchs who back them. To the extent that sanctions against Russia imperil that agenda, they are the chief impediment to better relations. 

• Second, given the annexation of Crimea by force, as well as Russian machinations in Georgia, eastern Ukraine, Moldova, the Baltics and elsewhere, not to mention the Putin regime's abysmal human rights record, it's hardly necessary for warhawks to go to such an elaborate ruse to implicate the Russians in dramatic wrongdoing. And no matter what agreements Trump and Putin might arrive at unimpeded, it won't sweep away existing tensions in the former Soviet Union. 

Much like the British presence in Northern Ireland, the legacy of Russia's colonial expansion has left factionalism in its wake. Many of the former Soviet republics (FSRs) are riven by conflict between those with an affinity for Mother Russia and a desire for reunion, versus those with a quite justified fear of the Russian Bear, given how Putin deals with dissenters within his own borders. Even without the admittedly reckless exploitation of these tensions by the EU and NATO, the FSRs would face struggles between those facing East and those turning to the West. 

• Third, the anti-Trump faction's purported desire for a new Cold War (or even, some suggest, a hot one!) seems oversimplified. Under Barack Obama, even as relations with Russia soured, he and Putin were able to work together on matters of mutual interest when it proved necessary. In this, he was not that different from his predecessor -- who also attempted a reset with Putin that went south -- or from his successor, for that matter. 

For better or worse (and usually for the worse), we have a bipartisan foreign policy establishment in this country that mostly gets their way. Trump has staffed his administration with many of them, who are willing to cooperate with Russia if possible and counter them if meed be. So, unsurprisingly, this is yet another area where Trump is willing to jettison his campaign promises whenever expedient. It seems as though we have some common interests with the Putin regime, and some irreconcilable differences, no matter who the president is. 

And even during the campaign, Trump managed to promise a more belligerent and aggressive foreign policy than his opponent, even as he expressed skepticism about the Iraq and Afghan wars out of the other side of his mouth. In office he's worked to implement his proposed hikes in Pentagon spending, and has eagerly escalated every conflict he inherited, not to mention threatening a new one in Venezuela.

• Fourth, despite the caricature of her as the bastard offspring of Kim Jong Il and Cruella DeVille, Hillary Clinton would have been bound by the same laws of Mutually Assured Destruction that have kept the world from nuclear conflagration since 1945. Nor is it likely that if Trump is successfully deposed, our Russia policy will change substantially under the Pence, Ryan or Hatch Administrations. 

• Finally, we already have a new Cold War, or at least a Cool War, and like the last one, it serves the interests of the MIC in both countries, who would rather not bring the conflict to a boil. As former Russian Foreign Minister Andrei Kozyrev puts it, "the problem is that, you know, the propaganda portrays the West as an enemy, while Russian ruling class lives there in the NATO zone. They have villas. They have bank accounts by proxies or directly." 

The anti-Trump faction (basically, the Davos crowd) feels the same way about dealing with Russia. They've been pursuing this containment policy, involving surrounding the Eurasian continent with US bases, since 1947. What they want more than a new war is the maintenance of the status quo of US/EU dominance. But they're also aware of the impending decline in American power, relative to the growing economies of China and India, and whatever else they think of Putin, recognize that Russia is not the basket case it was twenty years ago. They may not be as dependent as the Trump Organization is on regular infusions of Russian capital, but it's doubtful they want to upset the apple cart, or would fake an intricately detailed DNC hack theory in order to do so. 

Buying into the Cold War motivation narrative requires a good deal of ideological contortions among many on the left. Some are rooting against the potential of forcing Trump from power, as this would be a victory for the Deep State. In their view, Trump represents the lesser of two evils, which is ironic, since so many hack skeptics are Jill Stein voters, who refused to vote for either major party candidate as a rejection of lesser-evilism. 

This also results in the anti-Trump left forming a de facto alliance with the pro-Trump right in their ratification of Trump's hoax theory. Trump's base, notably including the white nationalist contingent, are huge Putin fans for his religious rhetoric, his authoritarian style and his melanin-free population (this probably explains much of Trump's affinity for Uncle Vlad, too, beyond the financial symbiosis). And believe me, the right-wing fever swamps of speculation about the anti-Trump machinations of Hillary and her allies are not exactly models of rational discourse, though they share many sources with the hack skeptics of the left.


When is a Hack Not a Hack?

Recently an article in The Nation gave hope to DNC hack skeptics on both the left and the right. Based on a report by the respected Veteran Intelligence Professionals for Sanity, (VIPS), it purported to show that the theoretical DNC hack was instead a leak from an insider, and could only have been copied onto a flash drive at the site, not uploaded remotely. Furthermore, it asserted that clues in Guccifer 2.0's documents, previously used to establish Russian provenance, were instead an attempt to frame the Russians. But the article has a number of problems.

• First, it relies heavily on an anonymous cybersleuth named Forensicator, who has somehow been able to "unlock" metadata that other sleuths have not. Cybersecurity experts like Thomas Rid and Matt Tait, who have corroborated aspects of the Crowdstrike attribution of the DNC hacks to Russian actors, operate in the open and stand on their reputations. Forensicator, whose analysis looks solid and technical on first examination, hides his/her identity and links to some extremely sketchy sites making all manner of easily debunked fake news claims.

• Second, the Forensicator claim, that the data had to be uploaded into a flash drive because the speeds were too fast for a remote hack, has a couple of problems. 23Mb/s speeds may not be widely available to household users, but speeds up to 100Mb/s are common among commercial entities, universities, or by major organizations – like the DNC. Also, that speed only looks excessively rapid if you assume the agent was uploading uncompressed files. And even if it were a flash drive, that doesn't preclude Russian involvement. After all, according to the Steele Dossier, Russian operations included "three elements: Firstly there were agents/facilitators within the Democratic Party structure itself; secondly Russian emigre and associated offensive cyber operators based in the US and thirdly, state-sponsored cyber operatives working in Russia." Nothing in the "laws of physics" negates that.

• Third, Scott Ritter, who endorses the VIPS analysis and is skeptical of the Russian hack theory, nevertheless took the trouble to speak to some of the individual VIPS analysts and found that some of their conclusions are not supported by their data: "
I reached out to the forensic analysts who conducted the analysis of the metadata in question. They have stated that there is no way to use the available metadata to determine where the copying of the data was done. In short, one cannot state that this data proves Guccifer 2.0 had direct access to the DNC server or that the data was located in the DNC when it was copied on July 5, 2016."  Ritter also caught them in one outright error: "it appears that they mistakenly attributed actual document manipulation from an earlier date to the July 5 data transfer event."

• Fourth, the Forensicator flash drive claim refers only to the July breach of DCCC files and not to the earlier spearphishing operations that successfully obtained emails from DNC staffers and John Podesta. Again, the bit.ly links included in those emails, which anyone can see in the Wikileaks dump, show that the spearphishers had targeted multiple targets of interest to the Russian government, including NATO officials, anti-Russian Ukrainians, the World Anti-Doping Agency and dozens of others. This is hardly the work of a disgruntled DNC staffer.

• Fifth, another assertion in the VIPS analysis is that Guccifer 2.0, who surfaced within hours of the Crowdstrike blog post, was probably a DNC hoax because emails were copied into Word documents with Russian metadata. This is old news, and was recognized early on by Tait and other independent analysts. They attributed it to Gucci2's errors, while VIPS's source attribute it to malfeasance. That's a matter of interpretation, but given what's known about the mysterious Gucci2 persona collective, the idea that they were sponsored by the DNC or FBI to implicate Russia is absurd on its face. Gucci2's allies at DCLeaks registered their domain in April, and Crowdstrike made their attribution and removed Russian malware from DNC servers in May, though the blogger claiming to be a Romanian hacker named Guccifer 2.0 didn't surface until a few hours after the Crowdstrike report was made public in June. Gucci2's animus towards Crowdstrike is evident, and while nothing they say should be taken at face value, VIPS doesn't offer a persuasive case to contradict evidence that the G2 collective is linked to Russia. 


The Nation piece carries an air of triumphalist certitude it does not earn. Its central premise is the ludicrous claim that excessive upload speed negate the entire hack theory. And the double standards therein are palpable. Nobody should trust anything that comes from the IC, says the author, but my experts have years of experience in the IC. Or an assessment is nothing but an opinion, he says, but these experts have high confidence in their assessment. He's very impressed by their analysis of metadata, but ignores the metadata evidence already presented by independent analysts, which contradicts his theory. Of course, some of those analysts have had more to say about this in the past few days. And as I write this, The Nation is reviewing the piece for possible violations of their editorial standards. 

But Wait, There's More

The thing is, even if you set aside all the technical arguments about the DNC hack – the upload speeds, the metadata, the spearphishing links, the malware signatures – there are still compelling reasons why the theory that the Russians intervened in the 2016 elections makes more sense than the theory that the Russians are victims of a frame-up. Russian meddling took four different paths, and three of them are fairly well-established and (relatively) noncontroversial:

• First, cultivating individual Americans to serve their purposes wittingly or unwittingly, including Carter Page, Paul Manafort, Michael Flynn, Jared KushnerRoger Stone, Donald Trump, Jr., and shockingly, Donald J. Trump himself. Trump's business and political ties to Russian mobsters, oligarchs and money-launderers are both broad and deep, and stretch back decades.

• Second, the hacking and dissemination of information from the Democratic Party via emails from DNC staffers, emails from John Podesta and a database and other files from the DCCC. Aspects of this one are the subject of fierce debate in the peaks and valleys of the great wide Internet, as noted in some detail in the sections above.

• Third, an extensive and well-funded social media bot and trolling operation to weaponize that information, including microtargeting of voter groups identified in the DCCC hack. This disinformation campaign has continued, and still targets both Trump backers and anti-Trump voters alike.

• And fourth, the targeting of voting systems leading up to and including the day of the election, in as many as 39 US states, including Arizona. In some 15 of those states, there is no auditable paper trail to verify the results.
 But while it may be impossible to know the full extent of the intrusions, officials confirm 90,000 records were stolen in Illinois by "Russian state actors. 

Moreover, there is additional circumstantial evidence that adds details to the Russian hack narrative. Trump himself is hardly an unimpeachable source (ahem), but he has conceded the reality of the Russian hack on several occasions, including January 11 and July 7th. Of course, he then goes back to declaring whatever may be rattling around in his head, but several of his aides accept the story as well, and rather more consistently. 

In June, Vladimir Putin said with a figurative wink that while he may not have hired them, it's possible that "patriotic hackers" may have gone to bat for Mother Russia. Those boys are "artists" he said, and "may act on behalf of their country, they wake up in good mood and paint things. Same with hackers, they woke up today, read something about the state-to-state relations. If they are patriotic, they contribute in a way they think is right, to fight against those who say bad things about Russia." The day after the election, Putin's advisor Sergei Markov was a little less circumspect"Maybe we helped a bit with WikiLeaks." Or maybe not, right? Wink, wink. 

Trump's longtime crony Roger Stone is a little less coy. He somehow had advance knowledge of when the Podesta hack was about to break. Turns out Stone admits he had been in direct contact with Guccifer 2.0, whom he called "a great man" in a private text message. Also working with the great man (or men) was Florida GOP consultant Aaron Nevins. After the DCCC breach, Nevins heard that Guccifer 2.0 had lots of stolen data from the Democrats, and contacted him to see if he'd be willing to share. As it turned out, no problem! Guccifer was more than happy to help the GOP by sending over 2.5 GB of data from the Dems' get out the vote strategy files.

Given all this chumminess, the infamous June 9, 2016 meeting at Trump Tower should come as no surprise. Don Jr. took the meeting on the basis of the Russians wanting to help his daddy out, and he was contacted by Trump Sr's buddy Rob Goldstone. Goldstone referenced Emin Agalarov, the son of another Trump crony – Aras Argalarov, who is also close to Putin.  "The Crown prosecutor of Russia met with his father Aras this morning and in their meeting offered to provide the Trump campaign with some official documents and information that would incriminate Hillary and her dealings with Russia and would be very useful to your father." The Agalarov family sent Ike Kaveladze, an accused money launderer, as their representative. Also at the meeting was Natalia Veselnitskaya, billed in the email exchange as a "Russian government lawyer," who represented, among others, Pyotr Katsyv, a close Putin ally. Rounding out the Russian contingent was Rinat Akhmetshin, a "Russian-American lobbyist" with ties to Soviet military intelligence who also, as it turns out, has been accused of hacking campaigns against business rivals.

As noted, the torrent of stolen emails and campaign materials from the Democratic Party commenced within days of this meeting, and it serves as something of a Rosetta Stone to Congressional investigators and the Special Counsel's office. Subpoenas, raids and testimony have followed, and all concerned have lawyered up, awaiting the next chess move. Crucially, it gives us a clear outline for both the quid and the pro quo that prosecutors will attempt to link in upcoming trials. The Russian government was willing to "support Mr. Trump," with both information and disinformation, and the following month Trump changed a plank in the GOP platform that had called for aid to Ukraine to help combat the insurgency by pro-Russian rebel on its eastern frontier. As soon as he took office, Trump made an effort to lift sanctions against Russia -- though he has been stymied so far by near-unanimous opposition in Congress. 

Given the intricate web of financial entanglements the Trump organization maintains with Russians both at home and abroad, it would be amazing if Russia did not use every means at their disposal to assist him. And given how many other countries' elections the Russians have tried to intervene in, it would be out of character for them to sit out the 2016 match between their business crony and his despised rival, a personal enemy of the Russian president. So even without the extensive trail of breadcrumbs leading back to Mother Russia, the judgement that they interfered in our elections looks pretty solid. 

Which brings up one final question: So what?


It Doesn't Matter, and What If It Did?

I get asked this question a lot. At this point, confronted with so much evidence, some hack skeptics are willing to concede that they Russians may have been doing something or other to influence our election, whether or not that involved the DNC hack – just like we've been doing to them for years. Of course, the latter assertion only strengthens the case that the Russians were motivated meddlers. 

But, they say, it doesn't really matter who hacked the Democrats because it didn't affect the election. It was Hillary Clinton's ineptitude that was the decisive factor, and the Russians didn't force her to ignore Wisconsin and Michigan. And now the Democrats' unhealthy obsession with Russia is counterproductive: ordinary voters don't give a crap about all this Russia, Russia, Russia business. Besides, it stokes a dangerous paranoia towards the Putin regime that will only serve to further inflame tensions. This scandal, they say, distracts from the duplicity of the DNC as revealed in the emails, and prevents Democrats from moving forward and offering a more progressive agenda. And finally, we should all be leery about abetting what amounts to a slow-motion Deep State coup against the guy who actually won the election. 

These are valid arguments that deserve wider discussion. It's not hard to agree that Hillary Clinton ran an inept campaign and fatally underinvested in what was believed to be a blue state firewall in the Midwest. But for all her strategic errors, she won the popular vote by nearly three million votes, while her opponent ran the table in a handful of swing states by razor-thin margins. In an election this close, any number of factors can be considered decisive. Still, just like Al Gore in 2000, Clinton deserves a lion's share of the blame for making it close enough to steal in the first place. 

But polling data shows she would have won anyway absent James Comey's October Surprise, which cost her a couple of points in all 50 states. In July, Comey had taken the unusual step of criticizing Clinton as reckless in her handling of government emails, even as he announced that no reasonable prosecutor would carry the case forward. We now know that he did this based in part on a faked Russian document that implicated his boss, Attorney General Loretta Lynch, in promising leniency to Clinton. Comey was in a similar CYA mode in the closing weeks of the campaign, as he dropped the last-minute bombshell, because he feared leaks from the notoriously pro-Trump New York field office, which had uncovered "additional" emails that her aide Huma Abedin had backed up from her phone. 

None of this absolves the Clinton campaign of their tactical blunders, but it does start to reveal some of the nature of the pro-Trump coalition that defeated her. And it is a formidable and dangerous combination of forces, despite the buffoon at the top. No matter improbable his rise to power, it's a mistake to think of Trump as separate from the Deep State. 

Most people watching the campaign of leaks and investigations arrayed against Trump simply use "Deep State" (like "fake news," a useful term that's been co-opted and diluted) as a synonym for the intelligence community. But the leading Deep State theorist, Professor Peter Dale Scott, describes it instead as including the nongovernmental power structures through which which the IC operates. From its inception, the CIA has worked with organized crime, both for off-the books financing through drug trafficking operations and for cut-out operatives for "plausible deniabilty." The flip side of that coin are the white-collar criminals who help steer the policy agenda: the big banks who launder the funds; the big corporations (especially Big Oil) who lobby for interventions, and the Wall Street law firms who lobbied for the creation of the CIA in the first place. This world, too, provides funding and operatives for the IC, and helps to give it the independence from Madisonian checks and balances that impelled the coinage of the term Deep State in the first place.

Donald Trump has, quite clearly, extensive ties to these communities. He has allied with Deep State veterans like Giuliani, Gingrich, and Kissinger. He has extensive Mob ties, both to the the New York/New Jersey operations, and the equally colorful Russian variety. His administration is littered with Wall Street bankers and fossil fuel partisans. And as we've seen, Trump is not without allies in the IC, notably within the FBI. But my goodness, the man does have some powerful enemies. 

That's because the Deep State isn't monolithic; like any large institution, it's riven with factions who sometimes compete and sometimes cooperate with each other. But the rise of the pro-Trump faction and its alliance with the Russian kleptocracy is a disturbing new development, indicative of a Deep State schism or possibly a civil war. It's hard to see how this ends well. 

Trump's core message of ethnic and economic nationalism, and his theatrical contempt for political elites and norms won him the allegiance of the GOP base, and an uneasy alliance with the party itself. And his coalition of hardcore racists, climate change deniers, eccentric fellow billionaires and Russian oligarchs, however unstable in the long term, has the potential to do some serious (and lasting) damage in the short term. Our fraying national and international institutions may give way to an increasingly unstable future. Combine this with Trump's obviously deteriorating mental condition, and the imperative to have him removed from power is hard to ignore. 

That's one reason why the Russian connection is worth caring about, whether it did or didn't swing the election. Long before anyone thought he could win, Putin placed a bet on Trump as a chaos agent, someone who could destabilize his adversaries in the West. No matter what policy agenda is adopted, that bet is paying off. And Putin has common interests with key elements of Trump's coalition: the fossil fuel barons who could help him unlock trillions of dollars in Siberian reserves; the feral financiers who interface with the Russian oligarchy, and the white nationalists who have long looked to the autocratic Putin as a kindred spirit. 

Putin and his cronies owe much of their wealth to fossil fuels. More specifically, the state oil company, Rosneft, is sitting on a half-trillion dollar deal with Rex Tillerson's Exxon that can only go forward if sanctions are lifted. Trump's portfolio is different from Putin's, but both share an interest in denying climate change, as Trump is heavily invested in big oil companies. As the reality of a warming planet becomes more and more undeniable, it becomes clear that the fate of mankind hinges on leaving most of the world's remaining oil reserves in the ground. Any agreement to do so would plunge the valuation of corporations who count those reserves among their assets. This is known as the carbon bubble, and when it pops it could cause a worldwide financial collapse that would make 2008 look like a slight "course correction." The carbon bubble also affects the value of oceanfront property, including many of the Trump Organization's assets. This shared affinity for looting the fossil fuel economy while the getting is good explains much of the rationale for the Trump/Putin alliance. 

When the collapse comes, we will likely be as unprotected as we were in 2008, given Trump's commitment to financial deregulation. This is unsurprising, despite his campaign rhetoric about taxing Wall Street, since he holds investments in Citigroup, JP Morgan Chase, Wells Fargo, Morgan Stanley and Goldman Sachs. But Trump's financial empire is also heavily leveraged into less conventional banking procedures. After his string of bankruptcies left him unable to get loans from most Western banks, Trump became increasingly dependent on money-laundering, much of it tied to Russian oligarchs looking to get their assets out of the home country. The special counsel may uncover the extent of the corruption at the heart of the Trump/Putin alliance, but in the meantime, protections put in place after Wall Street tanked the global economy are already being weakened

Trump attracted voters by playing on their financial anxieties and their resentment of global elites, but his pitch also played on their racial anxieties. Racists, nazis and neo-confederates embraced Trump as one of their own, and his winking comments in the wake of racial violence in Charlottesville and elsewhere have delighted the white supremacists and energized their movement. That movement shares both philosophical and financial affinities with Vladimir Putin, who has backed far-right parties in as many as 45 countries. Putin's contempt for liberal democracy is well-known, and it appears Trump, who has endorsed many of the same European neo-fascists, has this in common with him. Here at home, the potential for increased violence from the pro-Trump shock troops is disturbingly real. Skeptics of the importance of Trump's Russia scandals should be less afraid of a new Cold War and more afraid of a new Fascist International. 


Almost Done Here

Whatever else you can say about the corruption of the Democrats, it's unlikely that a Clinton Restoration would have led to reversals of climate change policies and wholesale financial deregulation, let alone encouragement of the white nationalist movements. But this is what the pro-Trump faction, including their alliance with the Russian oligarchy, have invested in. It matters how he was elected, because it's intrinsic to how he governs. 

How he governs is as an authoritarian, who will brook no dissent. That's what distinguishes his loyal base from other conservatives: their longing for an authoritarian leader. Such movements are increasing across the globe, and both Trump and Putin are trying to encourage them. Trump's affinity for dictators is well known; he can't get along with some of our most reliable allies, but praises and cozies up the the likes of Erdogan, Duterte... and Putin. He's clearly following Putin's playbook when it comes to his communications strategy, and is even trying to set up his own propaganda outlets. It's a guide to how he would govern if he were free of restraints -- and he's just one mass casualty event away from having that kind of freedom. 

No matter how reviled he is now, a traumatized citizenry would rally around the flag and look to the Dear Leader for guidance and protection. The Deep State has followed the "shock doctrine" (as described by Naomi Klein) to ratchet away the protections of the Madisonian framework after other such events, like passing the Gulf of Tonkin Resolution after the JFK assassination, or the Patriot Act after 9/11. In this case the traumatic event was the 2016 election itself. Only Trump's pathology, ineptitude and organic brain damage, along with the internal dissension amongst his GOP allies, has prevented a similar consolidation of power, which is why a major terrorist attck would be a godsend to the Trump coalition. But his brief tenure will leave a lasting effect on the federal courts, environmental protections, our international relationships, and more. Assuming it is brief. 

One thing hack skeptics have pointed out, when arguing for the relative unimportance of Russian interference in our elections, is that beyond Hillary's own errors, the ongoing vote suppression efforts in the red states, including the notorious Crosscheck program, more than explain Trump's margin of victory in the crucial swing states. And they're not wrong about this. Many of them also refused to back the Democratic nominee due to alleged vote-rigging during the primary that robbed Bernie Sanders of the nomination, opting instead to vote for third party candidates, or sitting out the vote. But it has to be clear that for anyone concerned about election integrity, we have leapt from the frying pan into the fire.

Kris Kobach is now the national Crosscheck Czar, and the GOP is poised to deploy nationwide all the vote suppression techniques they have honed to a science, including computerized gerrymandering, cancellation of early voting, misallocation of voting machines, challenging voters at the polls, and purging the voter registration rolls. Now imagine those efforts augmented by an army of professional hackers, trolls and bot specialists who have weaponized social media, buttressed by billionaires who hold a database of information on 200 million voters. Of course, you don't have to, because that's what just happened in 2016, and we ignore it at our peril because that one was just a dress rehearsal. And Trump not only denies that it happened (most days) but is actively preventing any measures to ameliorate the situation. 


The reason this Russian operation matters is that we will need all hands on deck to remove and defeat Trump and Trumpism; a unified left would vastly outnumber these goons, and we can make sure the next election is nowhere near close enough to steal. But the anti-Trump coalition is fractured and squabbling, still divided over the last election, just as they were during the last election. It was a disaster that the Democrats were so committed to nominating a walking poster child for the establishment in an obviously anti-establishment year, and a symbol of Wall Street elites when resentment of them was at an all-time high. It was an even bigger disaster that they failed to elect her. 

Anyone who wants to argue the counterfactual that Bernie would have won has some statistical analysis to back them up, but you know who isn't focused on the last election? Bernie. He's the guy who said from the start that he would endorse the eventual nominee, and not go third party if he lost, because the danger of a Trump victory was too perilous. He's the one who said she'd be infinitely better, even on her worst day. He's the one who failed to take the bait of the stolen emails, strategically released to divide the left. Bernie Sanders is most definitely not looking for a new Cold War. And he was, and is, quite clear that the Russians were behind this, and that their social media operations were being used to drive a wedge between centrists and progressives. In fact, it was his campaign that helped blow the whistle on Russian-backed Facebook groups in the first place. 

If you're not willing to join a coalition of centrist and progressive Democrats to defeat these death eaters, you had best be hard at work creating a new party that can compete in all 435 districts. You may be sick of hearing about Russia, but it's the most potent weapon we have for thwarting the plans of this coalition of fascist billionaires. Trump is on the defensive, unable to govern effectively, and may be just a few weeks from wandering the White House ranting at the paintings. Removing him is the most imperative issue of our times. Every single day with him in power is like watching a toddler playing with a loaded handgun. If you'd rather argue that his opponent's files were stolen with a flash drive instead of a modem, be my guest. But let's make sure were all in this struggle together. Because it matters.