Profile picture
Robᵉʳᵗ Graham 🤔 @ErrataRob
, 18 tweets, 3 min read Read on Twitter
1/ As a cybersec/hacking expert, I'm not sure I have much useful to add to the Mueller indictment of GRU officers in the hack of DNC. But that's not going to stop me from giving a few opinions anyway.
2/ Two years ago, I would've consoled that while we know it's Russians, we don't know that it's Putin. A lot of Russian hacking, as demonstrated by the so-called "Internet Research Agency", is not really tied to the Russian government, despite being pro Russian government.
3/ It's like soldiers in Ukraine. A lot are Russian mercenaries armed and paid for by Russian oligarchs, and not necessarily official Russian military. Disentangling this for proper attribution is hard.
4/ But now we have clear evidence pointing to which named GRU officers were involved in the DNC hacks, and which specific things they did. This should change your view of Putin's responsibility.
5/ Let's talk bitcoin. Yes, their technique of mining bitcoin themselves is an excellent way to get anonymous currency. But, if you pay for everything out of that same account, including things clearly attributable to you, then all those things become associated together.
6/ Bitcoin is pseudonymous not anonymous. If you mine it yourself, you need lots of addresses with small amounts, not one address with a large amount, because that ties all payments together.
7/ The Russian attacks were based on "phishing", sending emails designed to trick people. It's not really computer hacking, but human hacking, getting humans to disclose their passwords or install viruses/malware.
8/ Phishing is our primary nation state hacking threat, but organizations do little to defend against it. Sure, many solutions are hard, but many others are pretty straightforward, such as two-factor authentication.
9/ And I'll admit, two-factor authentication is harder and more costly than many of its proponents admit, but that's often because it's done wrong, such as requiring daily re-authentication to get email.
10/ The Russian hackers were lame. I don't know if there are other Russian hacker units doing smart things we haven't heard of, or whether they are all just as lame. I suspect they are a lame, at least the government ones.
11/ I mention this because smart hackers are able to earn a ton more money outside of their government, and are able to do much more creative hacks, and therefore long term, are probably more a threat than GRU hackers.
12/ Some of the "hackers" named in the indictment are just IT support, mere office workers maintaining computers, writing code, mining coins, etc. The actual hackers are just the tip of a very long spear.
13/ We idolize the "hackers" as the technical geniuses, but in the indictment, we see those doing the actual hacking as being probably those with the least technical skill. It's the IT workers with the technical skills.
14/ Hacking is less a factor of hackers being smart, but defenders being weak. The DNC computers were weak. Humorously it appears Hillary's infamous private email server was strong and un-hacked.
15/ I see political tweets that go off the rails on both sides of this, either ignoring clear evidence of Russian influence on the election, or pretending Trump was more involved than he was. Please stop that.
16/ Until Mueller comes up with something else, this isn't about Trump but about the Russians. They committed many felonies in order to influence our election and we should care about that, regardless who won the election.
17/ Indeed, it seems the goal of their meddling was less about supporting any one candidate and more about causing us to fight against ourselves. So the more you politicize this, one way or the other, the more Putin wins.
18/ Influence hacking is like terrorism, it can't work unless we give into it.
Missing some Tweet in this thread?
You can try to force a refresh.

Like this thread? Get email updates or save it to PDF!

Subscribe to Robᵉʳᵗ Graham 🤔
Profile picture

Get real-time email alerts when new unrolls are available from this author!

This content may be removed anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

More from @ErrataRob see all

Profile picture
1/ So I thought I'd write up a few notes on Trump's oval office address (transcript here). The reason I'm writing this is up is because Pelosi/Schumer derided Trump on the "facts" -- and then provided none of their own.
nytimes.com/2019/01/08/us/…
2/ First of all, I think the context is that Trump wants to declare a "state of emergency" to bypass congress. He's either trying to convince us, or test the waters to see if we'll accept it. We should not let him, this would be a horrible abuse of power, what despots do.
3/ There is legitimately a "humanitarian crisis" going on. As this Wikipedia article describes, there has been waves of refugees, including a lot of children, coming from the three countries immediately south of Mexico since 2014.
en.wikipedia.org/wiki/2014_Amer…
Read 28 tweets
Profile picture
1/ Well, to answer this, sign up for the phone company's family plans designed to allow you to track your children. It's hit or miss, sometimes very accurate, sometimes not.
2/ Modern phones and towers have multiple abilities to track your location. For one thing, because of speed-of-light delay, the tower must know your distance from the tower to within 100 meters.
3/ Next, towers know which directional antenna your signal arrives on. This gives them a 120° arc within which to locate you, the closer you are to the tower, the more accurate that is, of course.
Read 13 tweets
Profile picture
1/ In regards to my tweets today about "institutions" that make us great, let's talk about journalism and "both-sides-ism". Nobody likes it, but those who disagree with us are still reasonable people, the are multiple sides to every debate. This is why a free press is valuable.
2/ Let's take "anti-vaxxers" for a moment, which I assume you'll agree are "batshit crazy" and not "reasonable" in any fashion. Yet, we still have a "both sides" issue. Even if "vaccines cause autism" argument is garbage, we still debate whether governments can force vaccines.
3/ It's the same argument whether governments can force you to donate a kidney. Or force you to donate bone marrow (which is relatively harmless to the donor). Or force a woman to cary a baby to term.
Read 9 tweets

Related threads

Profile picture
Im not sure if your aware. While Trump made that speech last night #Mueller was closing in....on the [DEMOCRATS] Remember [AS] the leaker. What happens when MSM finds out he was giving DISINFO leaks?
After Q dropped that post few days ago about Adam Schiff the leaker... [AS] leaked IMO true data yesterday in this article. REMEMBER disinfo is necessary. But so are HAMMERs

#Qanon
dailycaller.com/2019/01/08/dem…
If you look LEFT and right the curtain is fading away. I will proceed with the Mueller news I saw last night...Remember Mueller is working to SAVE himself.

#Qanon
Read 22 tweets
Profile picture
1/ nobody seems to have paid much attention to Russian news articles on cybercrime. if Mueller indictment against GRU officers proceeded to trial, most obvious defence is that Russian hacker, Konstantin Kozlovsky (of Lurk gang) already confessed to hack
thebell.io/jailed-russian…
2/ earlier this year (then unaware of Russian news articles), I had pointed out a curious infrastructure linkage between APT28 (X-Agent using hackers) and Lurk banking gang. So arrest of Lurk member for hack not surprising to me.
climateaudit.org/2018/03/11/arr…
3/ Koslovsky claimed that he was directed by two senior FSB officials, Dmitri Dokuchaev and Sergey Mikhailov, both of whom have been arrested, together with Ruslan Stoyanov of Kaspersky - who, only a few months earlier, was praised for breaking Lurk gang thebell.io/ya-byl-zaverbo…
Read 11 tweets
Profile picture
What are the big takeaways from today's #Mueller indictment?

Our analysis from @AndyMcCanse, @alexgwhiting,@rgoodlaw & @K8brannen: justsecurity.org/59418/big-take…
Takeaway No. 1: Based on today's allegations, WikiLeaks was deeply involved in a Russian intelligence operation.
Takeaway No. 2: Russian State Attribution: ... The special counsel’s earlier indictment of 13 Russian nationals and 3 Russian organizations did not allege Russian State responsibility. That’s something new here.
Read 3 tweets
Profile picture
Latest Mueller indictment: GRU units "conducted large-scale cyber operations to interfere with the 2016 U.S. presidential election."

Something else for Trump to discuss with Putin on Monday?...

justice.gov/file/1080281/d…
Interesting amount of detail on the DCLeaks persona, including the registration email and cryptocurrency account.
Here, per Mueller, the Guccifer 2.0 persona sent a US Congressional candidate hacked mails about an opponent.

That's Russian military intelligence feeding leaks to a US candidate.
Read 8 tweets
Profile picture
🔥MEANWHILE >> A NEW MUELLER INDICTMENT‼️

How surreal to watch pomp and circumstance for Trump in London alongside mass protests. And now new charges in Russia probe on Friday 13th.

#TGIF #TFIMueller
#TrumpRussia
BREAKING Rosenstein: Mueller indicts 12 Russian military intelligence officers from 2 GRU units in hacking DNC and disseminating documents via DCLeaks and Guccifer2.0—both created and controlled by Russia's GRU.
NEW #Mueller indictment makes 25 Russians now charged for crimes in Russia's 2016 election interference. Hacking includes election boards & stealing voter data. Rosenstein told Trump last week. He emphasized that this shouldn't be approached politically. "We must be united." Wow.
Read 15 tweets
Profile picture
Was this a ‘sudden’ retirement for Justice Kennedy?

How long has he been mulling it over?

And why now for God’s sake?

Why at this singular moment in history?

Something stinks
Of course we could follow the money

🤔

Maybe he knows one of Mueller’s lines of investigation led to him. And he knew staying in that position of power was too steep a conflict of interest in light of the overwhelming and damning facts against Trump he may have gotten wind of.
Ppl need to remember we’re dealing w/potential historic US Constitutional changes in light of Trump’s abuses of Office.

We’re on new ground imo

Who’s to say the SC office hasn’t ‘already’ secretly conferred with the Justices over the Constitutionality of this Trump debacle?
Read 29 tweets

Trending hashtags

#Treason #Russia #TrumpTower #Assange #NeverForget #FBI #MoneyLaundering #CANCELPUTIN #ChristopherSteele #Russian #Maddow #FoxNews #keepOnYourToes #FoxAndFriends #TrumpTeam #Kallstrom #October #Democrats #NewYearsEve #Mueller #DNChack #nwo #Manafort #MaxineWaters #Nikulin

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member and get exclusive features!

Premium member ($3.00/month or $30.00/year)

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!