On 5 August, the US Cybersecurity and Infrastructure Security Agency (CISA) announced the creation of the Joint Cyber Defence Collaborative (JCDC) initiative bringing together federal intelligence and military agencies, state and local governments, as well as Big Tech to defend “national critical functions from cyber intrusions”.
The initial industry partners that are participating in CISA’s new joint cyber defence endeavour include Amazon Web Services, AT&T, Crowdstrike, FireEye Mandiant, Google Cloud, Lumen, Microsoft, Palo Alto Networks, and Verizon. The Joint Cyber Defence Collaborative (JCDC) initiative is expected to design and implement “whole-of-nation defence plans” to address cyber risks, share information within the newly established agency, and conduct “coordinated defensive cyber operations”.
‘Bad Russian Hackers’ as Pretext to Shut Down Whistleblowers, Dissent
CISA’s move follows ransomware attacks, some of which were groundlessly attributed to Russia, having reportedly targeted US infrastructure and government entities over the past year. In early July, Joe Biden vowed action over alleged “Russian” cyberattacks, while levelling new accusations against Moscow at the end of the month claiming that the latter is infringing upon American sovereignty by “interfering” in the upcoming midterm elections in 2022.
Meanwhile, Russia’s “bugaboo” role “has nowhere been more laughingly debunked than in the puerile Western media’s four-year-long bedazzlement by the Russiagate scandal, in which it was alleged that Russian-enabled hackers had penetrated the servers and computers of the DNC in 2016”, Boyd-Barrett highlights.
It was CrowdStrike, one of the new participants in the JCDC, who raised the red flag about the alleged breach of DNC servers by supposed “Russian hackers”, suggesting with a “low-” to “medium”-level of confidence that they may be affiliated with Russia’s Federal Security Service (FSB) and Main Intelligence Department (GRU). While Moscow refuted the allegations as absurd, cyber experts and former US intelligence agents expressed doubts that the DNC breach could be attributed to Russian-speaking key punchers, since the “intrusion tools” described by CrowdStrike as proof of Russia’s “involvement” are widely accessible in the public domain. On top of this, CrowdStrike President Shawn Henry admitted under oath in 2017 that the company does not have “concrete evidence” that the alleged “Russian hackers” exfiltrated any data from the DNC servers.
Veteran Intelligence Professionals for Sanity (VIPS), a group of former US intelligence officers from the CIA, the FBI, and the NSA, conducted their own investigation and found that the alleged “hack” was nothing but an inside job. Yet, despite the aforementioned controversies surrounding CrowdStrike’s conclusions, the FBI has never challenged them and never conducted a forensic examination of the DNC’s physical servers.
In addition, it is no secret that US intelligence cyber teams can leave false fingerprints in electronic communication trails so as to smear innocent parties, Boyd-Barrett highlights. WikiLeaks’ “Vault 7” dump revealed that the CIA maintains a substantial library of foreign malware and attack techniques that they can employ to attribute their own attacks to specific foreign players.
According to Vault 7, the CIA hacking group also used a “Marble” tool that reportedly supported the ability to “add foreign languages” to specific malware, thus helping US spooks to hide its traces and pin the blame on other parties.
The disclosure immediately threw into question Washington’s attempts to link Guccifer 2.0 – who claimed to have hacked the DNC alone – to Moscow under the pretext that DNC emails published by the hacker had Cyrillic notifications in the metadata as well as the user name “Felix Edmundovich” – a reference to the famous founder of the Soviet security service “Cheka”.
The fuss surrounding the alleged Russian cyberattacks is just an excuse to amplify the powers of the US government spy machine through cooperation with Big Tech to control and manipulate public information flows, shut down legitimate but dissident whistleblowers, and undesired online conversations, according to the academic.
AP Photo / Armando FrancaFormer U.S. National Security Agency contractor Edward Snowden addresses attendees through video link at the Web Summit technology conference in Lisbon, Monday, Nov. 4, 2019
Big Tech Appears to Have Been in Bed With US Spooks for Quite a While
It is unsurprising to see Big Tech giants like Amazon and Microsoft cooperating with US intelligence agencies, according to Toby Walsh, a professor at the University of New South Wales and a leading Australian AI expert.
In 2013, former NSA contractor Edward Snowden revealed that the US National Security Agency (NSA) had direct access to the systems of Google, Facebook, Apple, and some other tech companies. The NSA secret programme, codenamed Prism, allowed the US intelligence community to collect vast amounts of data on Americans and foreign citizens alike. Prism was launched in 2007 in the wake of the passage of the Protect America Act under the administration of George W. Bush.
“The way to secure cyberspace is to have good encryption and strong laws to prevent anyone, companies or governments, from eavesdropping”, argues Walsh.
According to him, the involvement of private companies possessing huge troves of sensitive user data in the government’s new cyber initiative “sets a dangerous precedent”: “Companies are even less accountable than governments”, the professor warns.