Tuesday, July 5, 2016

Guccifer Vs. Guccifer 2.0

Earlier today, FBI Director James Comey held a press conference concerning his decision not to recommend prosecution of Hillary Clinton for her use of a private email server.

During his statement to the press, Comey indicated that there was no evidence that Clinton's server had been "successfully hacked."

The #Guccifer2 hashtag on Twitter soon exploded with a number of puzzling claims akin to this:

It's been clear for weeks now that only a fraction of the U.S. population is following the Guccifer 2.0 story. Today, however, it became clear that even those who are following Guccifer 2.0 have blurred distinctions between this new hacker and his namesake.

For the key differences between the original Guccifer and Guccifer 2.0, let's review some basic facts, some reasonable inferences, and some conjectures.

Facts about Guccifer

We know who the original Guccifer is. He's a Romanian hacker named Marcel Lazar Lehel who first gained notoriety in 2013 by revealing some weird (not unsettling, just naif) paintings done by former President George W. Bush. The images were included in an email Bush sent his sister Dorothy, whose email account Guccifer had hacked.

Lehel subsequently hacked the AOL account of Clinton crony Sidney Blumenthal and found emails from Blumenthal to Hillary Clinton at her clintonemail.com email account. Clinton's decision to rely on a private server for her email (rather than her government-issued state.gov account) received some attention in the press before getting lost in the haze of the Benghazi controversy--reemerging two years later when the New York Times reported on the consternation that Clinton's unorthodox record-keeping arrangements had caused officials at the National Archives and Records Administration. 

Although Lehel claimed to have accessed Clinton's private server (famously remarking that it was "like an open orchid on the internet"), no proof that he did so has been released to the public. We know he's a hacker who is capable of accessing the data of high-profile politicians (Bush) and that he discovered the existence of the clintonemail.com server before the general public knew about it, but he may be lying about having breached that server.

Facts about Guccifer 2.0

We do not know who Guccifer 2.0 is. He claims to be a lone male Romanian hacker who chose his moniker as an homage to Lehel, but Guccifer 2.0 may not be Romanian or male or even necessarily an individual human being. Whatever the identity of Guccifer 2.0 really is, he communicates with the public via his Twitter account (@Guccifer_2) and by periodically uploading documents (ostensibly stolen from the Democratic National Committee) to his blog.

The DNC has yet to confirm that the documents on the Guccifer 2.0 blog are authentic, but the blog itself definitely exists--with more hacked documents expected to appear today.

Whether the operator of the @Guccifer_2 Twitter account is really a male Romanian hacker or not, there's definitely someone there, as I have engaged in multiple DM exchanges with that entity (none of them very satisfying to my curiosity, regrettably).

Unlike Lehel, Guccifer 2.0 does not claim to have hacked the clintonemail.com server, though he does claim to have been inside the DNC network for "almost a year."

Reasonable Inferences about Guccifer

In his statement this morning, Comey acknowledged that even though the clintonemail.com server might have been breached by hackers who left no trace, the FBI found no evidence of a successful hack. So maybe Guccifer is lying about his access to the server--or maybe the FBI is lying about Guccifer's access.

It's reasonable to wonder as long as one doesn't wonder too hard--since one quickly ends up speculating about FBI speculation.

Reasonable inferences can quickly deteriorate into conspiratorial fantasy with a little help from unreliable sources such as Sorcha Faal, who contended (in an article for WhatDoesItMean.com) that Lehel recently escaped from prison. This sensational claim was debunked earlier today by a Snopes article whose author verified that the original Guccifer is "alive, well, and in custody" in the Virginia prison where he is supposed to be.

Reasonable Inferences about Guccifer 2.0

The fact that the DNC has yet to deny the authenticity of the materials on the Guccifer 2.0 blog suggests that those materials really do come from the DNC.

But even if the materials are genuine, that doesn't prove they were hacked. The data Guccifer 2.0 has exposed to the public has not been especially damaging to Clinton, and much of it (such as the negative press coverage of Donald Trump in what appears to be a genuine opposition report) is common knowledge.

People talk about the DNC hack as if it undoubtedly occurred, but the evidence is hardly conclusive. Those who accept the hack as an unquestionable part of reality do so because 1) the DNC claimed it happened, 2) the cybersecurity firm they hired repeated the claim, and 3) an unidentified source with access to Wordpress and Twitter claims to have been responsible for the breach.

Although the evidence that a DNC data breach occurred is substantial enough to make the hack more likely than not, we should remember that if hacks can occur, they can also be faked.

Conjectures about Guccifer

The most reasonable conjecture I've seen about Lehel is that hackers who seek notoriety often exaggerate their expertise--and that his claim to have had easy access to the clintonemail.com server was probably a bid for attention.

The most outrageous claim I've encountered about Lehel is that he was squirreled away on Loretta Lynch's private plane for the Phoenix Sky Harbor International Airport meeting between Lynch and Bill Clinton.

I can't prove or disprove either claim. Maybe you know something I don't.

Conjectures about Guccifer 2.0

The most reasonable conjecture I've encountered about Guccifer 2.0 is that he probably isn't who he claims to be. Most hackers must conceal their identities to survive and achieve their objectives.

The most outrageous claim that I've seen about Guccifer 2.0 is that he is part of a coordinated disinformation campaign managed by Russian intelligence agencies. This claim (first floated by CrowdStrike in mid-June) remains commonplace even though it's unclear how Russia is better off creating a digital persona that could still conceivably be traced back to governmental operatives instead of relying on the outright denail they already issued. (When it comes to disinformation campaigns, denials are much less expensive and troublesome than the concoction of cyberpersonae.)

I can't prove or disprove either claim. Maybe you know something I don't.

No comments:

Post a Comment