The So Far Non-Existent Vulkan Leaks 81
The Guardian, Washington Post and Der Spiegel have today published “bombshell” revelations about Russian cyber warfare based on leaked documents, but have produced only one single, rather innocuous leaked document between them (in the Washington Post), with zero links to any.
Where are these documents and what do they actually say? Der Spiegel tells us:
This is all chronicled in 1,000 secret documents that include 5,299 pages full of project plans, instructions and internal emails from Vulkan from the years 2016 to 2021. Despite being all in Russian and extremely technical in nature, they provide unique insight into the depths of Russian cyberwarfare plans.
OK. So where are they?
Ten different media houses have cooperated on the leaks, and the articles have been produced by large teams of journalists in each individual publication.
The Guardian article is by Luke Harding, Stilyana Simeonova, Manisha Ganguly and Dan Sabbagh. The Washington Post Article is by Craig Timberg, Ellen Nakashima, Hannes Munzinga and Hakan Tanriverdi. The Der Spiegel article is by 22 named journalists!
So that is 30 named journalists, with each publication deploying a large team to produce its own article.
And yet if you read through those three articles, you cannot help but note they are (ahem) remarkably similar.
From Der Spiegel:
“These documents suggest that Russia sees attacks on civilian critical infrastructure and social media manipulation as one-and-the-same mission, which is essentially an attack on the enemy’s will to fight,” says John Hultquist, a leading expert on Russian cyberwarfare and vice president of intelligence analysis at Mandiant, an IT security company.
From the Washington Post:
“These documents suggest that Russia sees attacks on civilian critical infrastructure and social media manipulation as one and the same mission, which is essentially an attack on the enemy’s will to fight,” said John Hultquist, the vice president for intelligence analysis at the cybersecurity firm Mandiant
From the Guardian:
John Hultquist, the vice-president of intelligence analysis at the cybersecurity firm Mandiant, which reviewed selections of the material at the request of the consortium, said: “These documents suggest that Russia sees attacks on civilian critical infrastructure and social media manipulation as one and the same mission, which is essentially an attack on the enemy’s will to fight.”
Note that it is not just the central Hultquist quote which is the same. In each case the teams of thirty journalists have very slightly altered a copy-and-pasted entire paragraph.
In fact the remarkable sameness of all three articles, with the same quotes and sources and same ideas, makes plain to anybody reading that all these articles are taken from a single source document. The question is who produced that central document? I assume it is one of the “five security services”, which all of the articles say were consulted.
Revealingly all three articles include the comprehensively debunked claim that Russia hacked the Clinton or DNC emails. They all include it despite the fact that none of the three articles makes the slightest attempt to connect this allegation to any of the leaked Vulkan documents, or to provide any evidence for it at all.
The casual reader is led to the conclusion that in some way the Vulkan leak proves the Clinton hack – despite the fact that no evidence is adduced and in fact, on close reading, none of the articles actually makes any claim that there is any reference at all to the Clinton hack in the Vulkan documents, or any other kind of evidence in them supporting the claim.
That all three teams of journalists independently decided to throw in a debunked claim, unrelated to any of the leaked material they are supposedly discussing, is not very probable. Again, they are plainly working from a central source that highlights the Clinton nonsense.
The Washington Post does actually deign to give us a facsimile of one page of one of the leaked emails, which does indeed appear to reference cyberwarfare capabilities to control or disable vital infrastructure.
But the problem is they are showing us page 4 of a document, devoid of context. Why no link to the whole document? We can see it is about research into these capabilities, but presumably the whole document might reveal something about the purpose of such research – for example, is it offensive or to develop defence against such attacks?
I am always suspicious of leaks where the actual documents are kept hidden, and we only know what we are told by – in this case – a propaganda operation which, even on the surface of it, involves western security services, US government funded “cyber security firms”, and Microsoft and Google.
When Wikileaks releases documents, they actually release the whole documents so that you can look at them and make up your own mind on what they really say or mean. Such as, for example, the Vault 7 release on CIA Hacking Tools.
My favourite Vault 7 revelation was that the CIA hackers leave behind fake “fingerprints”, including commands in Cyrillic script, to create a false trail that the Russians did it. Again you can see the actual documents on Wikileaks.
I have no reason to doubt that Russia employs techniques of cyber warfare. But I have absolutely no reason to believe that Russia does so any more than Western security services.
In fact there is some indication in this Vulkan information that Russian cyber warfare capability is less advanced than Western. With absolutely zero self-awareness of the implications of what they are saying, Luke Harding and his team at the Guardian tell us that:
One document shows engineers recommending Russia add to its own capabilities by using hacking tools stolen in 2016 from the US National Security Agency and posted online.
It is, of course, only bad when the Russians do it.
The fact there is virtually no cross-referencing to the Snowden or Vault 7 leaks in any of the publications, shows this up for the coordinated security service propaganda exercise that it is.
But there are numerous examples given of various hacks alleged to be committed by Russian security services, with no links whatsoever to any document in the Vulkan leaks, and in fact no evidence given of any kind, except for multiple references to allegations by US authorities.
The Washington Post article has the best claim to maintain some kind of reasonable journalistic standard. It includes these important phrases, admissions notably absent from the Guardian’s Luke Harding led piece:
These officials and experts could not find definitive evidence that the systems have been deployed by Russia or been used in specific cyberattacks
The documents do not, however, include verified target lists, malicious software code or evidence linking the projects to known cyberattacks.
Still, they offer insights into the aims of a Russian state that — like other major powers, including the United States — is eager to grow and systematize its ability to conduct cyberattacks with greater speed, scale and efficiency.
The last quote is of course the key point, and the Washington Post does deserve some kudos at least for acknowledging it, which is more than you can say for the Guardian or Der Spiegel. Even the Washington Post, having acknowledged the point, in no way allows it to affect the tone or tenor of its report.
But in truth there is no reason to doubt that the Russian state is developing cyberwarfare capabilities, and there is no reason to doubt that commercial companies including Vulkan are involved in some of the sub-contracted work.
But exactly the same thing is true of the United States, the United Kingdom, or any major Western nation. Tens of billions are being poured into cyberwarfare, and the resources deployed on it by NATO states vastly outnumber the resources available to Russia.
Which puts in perspective this large exercise in anti-Russian propaganda. Here are some key facts about it for you:
Taking the Guardian, Washington Post and Der Spiegel articles together:
- Less than 2% of the articles consist of direct quotes from the alleged leaked documents
- Less than 10% of the articles consist of alleged description of the contents of the documents
- Over 15% of the articles consist of comment by western security services and cyber warfare industry
- Over 40% of the articles consist of descriptions of alleged Russian hacking activity, zero of which is referenced in the acutal Vulkan leaks
We get to see one page of an alleged 5,000 leaked, plus a couple of maps and graphics.
It took 30 MSM journalists to produce this gross propaganda. I could have done it alone for them in a night, working up three slightly different articles from what the security services have fed them, directly and indirectly.
I can see the attraction of being a “journalist” shill for power, it has been very easy money for the mucky thirty.
————————————————
Forgive me for pointing out that my ability to provide this coverage is entirely dependent on your kind voluntary subscriptions which keep this blog going. This post is free for anybody to reproduce or republish, including in translation. You are still very welcome to read without subscribing.
Unlike our adversaries including the Integrity Initiative, the 77th Brigade, Bellingcat, the Atlantic Council and hundreds of other warmongering propaganda operations, this blog has no source of state, corporate or institutional finance whatsoever. It runs entirely on voluntary subscriptions from its readers – many of whom do not necessarily agree with the every article, but welcome the alternative voice, insider information and debate.
Subscriptions to keep this blog going are gratefully received.
Choose subscription amount from dropdown box:
Paypal address for one-off donations: [email protected]
Alternatively by bank transfer or standing order:
Account name
MURRAY CJ
Account number 3 2 1 5 0 9 6 2
Sort code 6 0 – 4 0 – 0 5
IBAN GB98NWBK60400532150962
BIC NWBKGB2L
Bank address Natwest, PO Box 414, 38 Strand, London, WC2H 5JB
Bitcoin: bc1q3sdm60rshynxtvfnkhhqjn83vk3e3nyw78cjx9
Ethereum/ERC-20: 0x764a6054783e86C321Cb8208442477d24834861a
Subscriptions are still preferred to donations as I can’t run the blog without some certainty of future income, but I understand why some people prefer not to commit to that.