A Cyber-Culprit Other Than Russia?

Buffeted on all sides, from the unceremonious (literally) departure from Afghanistan to various cyber crimes blamed on Russia, President Biden is being challenged by the likes of the New York Times’s David Sanger to show he has cojones (free translation from Spanish – manliness). ( See: Biden Weighs a Response to Ransomware Attacks.

Will Biden let himself be shamed into taking "some kind of visible action" against Russia; something much stronger than just another "verbal warning"? What could possibly go wrong?

The answer? A whole lot can go wrong. Even the Times article, while taunting Biden to show he’s a man, includes a trace of responsible maturity (yes, you must read down to paragraph 21, but it’s there) by including this caution: "… although the U.S. may possess what Mr. Biden calls ‘significant cybercapability’", using it offensively runs serious risk.

The Times warns that the US"is also more vulnerable to cyberattacks than most nations because it is so digitized, and most of its critical infrastructure is owned by businesses that have not adequately invested in their digital defense. Thus, any escalation risks blowback." In addition, the Times typically plays down the many key uncertainties regarding the perpetrators of the cyber crimes.

The "Red Line" Gambit

Two critical assumptions underly the Times’s approach that: (1) the Russian government is the default-actor – the responsible party perpetrating, or allowing, the recent flurry of cyber attacks; and (2) ipso facto, those attacks cross an assumed "red line" laid down by Biden in warning Putin at the June 16 summit.

Joe Biden is not the first president to be mousetrapped into setting a flammable "red line’’ that comes back to bite him. Perhaps Biden can recall how President Obama almost fell for it.

On August 20, 2012 NBC’s Chuck Todd primed that mousetrap with some cheese by asking Obama about Syrian chemical weapons. Obama answered:

"I have, at this point, not ordered military engagement … We have been very clear to the Assad regime … that a red line for us is we start seeing a whole bunch of chemical weapons moving around or being utilized. That would change my calculus. That would change my equation."

Sure enough, there was a sarin chemical attack near Damascus on August 21, 2013 at a time when President Bashar al-Assad’s army had been advancing steadily taking territory back from the rebels. The last thing Assad seemed likely to do was mount a chemical attack and trip the mousetrap for Obama. That made no sense and, to its credit, US intelligence refused to blame Assad. Nevertheless, on August 30, 2013, then-Secretary of State John Kerry shook the rafters at the State Department, blaming Assad no fewer than 35 times, and bellowing for a US attack on Syria.

According to Jeffrey Goldberg, who later conducted a series of interviews with Obama for a lengthy article in The Atlantic, the President boasted about his decision, on the same day Kerry spoke, to resist pressure for military action from many of his advisers and instead step outside what he called "the Washington playbook."

Having ‘Caved In’ on Afghanistan

Goldberg explained that having already caved in under hardline pressure to double down on sending more troops to Afghanistan for a feckless "counterinsurgency" operation in 2009, Obama was not in the mood for "seeking new dragons to slay" merely to preserve his "credibility."

Nevertheless, Washington’s neocons and liberal hawks – along with the Saudis, Israelis and French – argued strenuously that Obama was obliged to "retaliate" for Syria’s alleged violation of the "red line" he had set a year earlier against Syria’s using – or merely moving – chemical weapons.

But at least on this occasion, Obama proved too smart to let himself be trapped. He even added, in talking with Goldberg, that then-National Intelligence Director James Clapper visited the president during the last week of August to warn him that Kerry’s case against Assad was "not a slam dunk." In other words, Kerry’s blaming Assad 35 times was not based on intelligence.

Other Candidates for "Cybercriminal"?

Speaking of false-flag attacks: It is not widely known that the CIA has an array of versatile offensive cybertools called Vault 7, one of which, "Marble Framework" enables the CIA to hack into computers and servers, disguise who hacked in, and attribute the hack to others. Vault 7, including "Marble Framework" was leaked to WikiLeaks, which revealed and described in 2017 several of the offensive cyber tools. The developers, it turned out, worked with five languages to enable eventual attribution: Chinese, Korean, Persian, Arabic, and – you guessed it – Russian. And Marble was used at least once during 2016.

The capabilities shown in the Vault 7 trove of CIA documents required the creation of 700 million lines of source code. At $25 per line of code, that amounts to about $2.5 billion for each 100 million code lines (which is what Marble may have required). But the Deep State has that kind of money and would probably consider the expenditure a good return on investment for "proving" the Russians are cybercriminals.

Who Knows About This?

Not readers of the New York Times and other "major" media that received the customary do-not-dare-publish-on-this memo from Langley. Perhaps not even President Biden – or even CIA Director William Burns. They might well have been kept off what is called the "bigot list" (of people involved in the operation) on grounds that they have "no need to know".

Ironically, President Putin seems to know chapter and verse. During an interview with Megyn Kelly on June 2, 2017, two months after Vault 7 was disclosed, Putin pointed out that "today’s technology" enables hacking to be "masked and camouflaged to an extent that no one can understand the origin" of the hack. "And, vice versa, it is possible to set up any entity or any individual that everyone will think that they are the exact source of that attack. Modern technology is very sophisticated and subtle and allows this to be done. And when we realize that we will get rid of all the illusions. …"

When Kelly showed absolutely no interest in pursuing this, Putin came back to the issue of hacking and expanded on the difficulty in tracing the source of cyber attacks.

"Hackers may be anywhere, There may be hackers, by the way, in the United States who very craftily and professionally passed the buck to Russia. Can’t you imagine such a scenario? In the middle of an internal political fight, it was convenient for them, whatever the reason, to put out that information. And put it out they did. And, doing it, they made a reference to Russia. Can’t you imagine it happening? I can.

Checking earlier today with Veteran Intelligence Professionals for Sanity technical experts and a VIPS advisor who managed cyber security for IBM for decades, I got this terse response:

No way can we rule out the potential use of the "Marble Framework" tool. Marble was specifically developed for this purpose. Cyber false flags are known fact. Someone tell Biden.

Ray McGovern works with Tell the Word, a publishing arm of the ecumenical Church of the Saviour in inner-city Washington. His 27-year career as a CIA analyst includes serving as Chief of the Soviet Foreign Policy Branch and preparer/briefer of the President’s Daily Brief. He is co-founder of Veteran Intelligence Professionals for Sanity (VIPS).

Author: Ray McGovern

Ray McGovern works with Tell the Word, the publishing arm of the ecumenical Church of the Saviour in inner-city Washington. In the Sixties he served as an infantry/intelligence officer and then became a CIA analyst for the next 27 years. He is on the Steering Group of Veteran Intelligence Professionals for Sanity (VIPS).