Still No Proof Or Compelling Evidence Of Russian Involvement In DNC Leaks

On Dec 29, 2016 the FBI and DHS released a Joint Analysis Report (JAR-16-20296) in which federal investigators claim that "technical indicators" link the Russian government to hacks of "a U.S. political party". For unexplained reasons the Democratic National Committee and Hillary Clinton campaign chairman John Podesta are not mentioned by name but it's clear that this report is intended as a reaction to Wikileaks' publishing emails that appear to be theirs.

The technical details in the report are limited and include a short list of tools and infrastructure that were allegedly used to “compromise and exploit networks and endpoints associated with the U.S. election, as well as a range of U.S. Government, political, and private sector entities.”

The technical indicators are provided in Structured Threat Information Expression (STIX) and Coma Separated (CSV) format and could be used to search for attack patterns, malware, exploits and to defend networks or systems against cyber threats.  Unfortunately this report has been released too late to be of much use to security experts who potentially review thousands of port scans every minute.

The "technical indicators" include tools and techniques such as Powershell Backdoor and HAVEX which are commonly known to an average white hat hacker. The list of IP addresses and fully-qualified domain names are not very useful to identify the perpetrators of these cyber attacks because the compromised systems have probably been repaired or taken offline by now.

UPDATE on Jan 4, 2017 Micah Lee from The Intercept determined that since 367 of the 876 IP addresses in the Grizzly Steppe report "are actually just Tor exit nodes, this means that anyone in the world — not just Russian hackers — can use the internet from those IP addresses."

A "Fact Sheet" published by the White House says that the Joint Analysis Report "includes information on computers around the world that Russian intelligence services have co-opted without the knowledge of their owners in order to conduct their malicious activity in a way that makes it difficult to trace back to Russia." So even the Obama administration plainly admits that this is not proof of Russia's involvement.

During a presidential debate, Hillary Clinton claimed, "We have 17 intelligence agencies, civilian and military, who have all concluded that these espionage attacks, these cyberattacks, come from the highest levels of the Kremlin, and they are designed to influence our election." However, there is still no proof or compelling evidence provided to justify why these intelligence agencies believe that Russia was involved in the hacking of Democratic Party emails.

Furthermore,  the U.S. has a long history of influencing elections in other countries and their tactics frequently include cyber espionage and dissemination of propaganda. So the hypocrisy and double standard applied to Russia's alleged action is quite perplexing.

This Joint Analysis Report is too little too late and those responsible for its content should be ashamed of its tardiness and limited usefulness. Congress must investigate the gross negligence in handling this public disclosure. We the people of these Unites States deserve better explanation of the reasons behind our government's sanctions against Russia and the labeling of their diplomats as "persona non grata."

The Obama administration's actions are tantamount to a declaration of war on Russia. We deserve proof or at least compelling evidence of Russia's involvement in the DNC leaks. We also deserve a select committee investigation into the alleged authors of the leaked emails to determine if indeed the DNC rigged the Democratic Party primaries against Bernie Sanders and laundered money from the Democratic Party into the Clinton campaign instead of the down-ballot candidates who should have received funds.

UPDATE: On Jan 6, 2017 the Office of the Director of National Intelligence released a new report that states, "We did not make an assessment of the impact that Russian activities had on the outcome of the 2016 election. The US Intelligence Community is charged with monitoring and assessing the intentions, capabilities, and actions of foreign actors; it does not analyze US political processes or US public opinion."

Amateur Radio in the 2014 National Emergency Communications Plan

DHS has published the 2014 update to the National Emergency Communications Plan (NECP) and it recommends greater cooperation beetween federal, state and local government agengies and with the Amateur Radio Service.

Source: Department of Homeland Security

The Amateur Radio Service is defined as "A radio communication service for the purpose of self-training, intercommunication, and technical investigations carried out by amateurs, who are duly authorized persons interested in radio technique solely with a personal aim and without pecuniary interest."

The NECP says that amateur radio operators "can be important conduits for relaying information to response agencies and personnel when other forms of communications have failed or have been disrupted."

"With assistance from DHS, State, local, tribal, and territorial jurisdictions should assess their existing governance structures to ensure they are positioned to address current and emerging policy, technology, and planning developments.  This could include adding representatives to Statewide Interoperability Governing Bodies and Statewide Interoperability Executive Committees from associations, organizations, or agencies that support or rely on communications during response and recovery operations (e.g., emergency management agencies, 9-1-1 boards, hospital associations, utilities, and amateur radio organizations)."

"Federal, State, local, tribal, and territorial jurisdictions should identify domestic and international entities with potential roles in information sharing and the delivery of emergency communications during emergencies (e.g., utility companies, amateur radio operators, nongovernmental organizations, media companies, and telecommunications owners, operators, manufacturers, and suppliers).  As appropriate, these entities should be incorporated into training and exercise activities on a more regular basis.  This includes involving the appropriate stakeholders in curriculum or exercise design and execution, as necessary."

"Likewise, volunteer organizations such as community emergency response teams and auxiliary communications volunteers (e.g., amateur radio operators; also called Hams) play key roles in emergency communications and preparedness.  Volunteer emergency communications operators and groups using amateur radio have been providing backup communications to event planners, public safety officials, and emergency managers at all levels of government for nearly 100 years.  Often, amateur radio services have been used when other forms of communications have failed or have been disrupted.  Today, nearly all the States and territories have incorporated some level of participation by amateur radio auxiliary communication operators into their Tactical Interoperable Communications Plans and Statewide Communication Interoperability Plans; this allows them to quickly integrate the operators into response efforts, which can strengthen communications and operations during incidents of any scale.

FCC:  Uses and Capabilities of Amateur Radio Service Communications in Emergencies and Disaster Relief
http://hraunfoss.fcc.gov/edocs_public/attachmatch/DA-12-1342A1.pdf