U.S. government officials have been reluctant to blame Russia for hacks of the Democratic National Committee (DNC) and the Democratic Congressional Campaign Committee (DCCC). We should expect the same reluctance from them in response to recently reported hacks of the Clinton Foundation.
But private cybersecurity firms have spent months echoing (as shrilly and stridently as possible) the hysterical accusations of the DNC (whose former head, Debbie Wasserman-Schultz, casually invoked "Russian spies" to divert attention from her own professional failings in a recent debate with Tim Canova).
The most clear-headed and technologically competent analysis of the (mis)attribution of the cyberattacks to Russia is Jeffrey Carr's "Can Facts Slow the DNC Breach Runaway Train." However, my own summary of connections between various private cybersecurity firms remains relevant to the discussion.
One of the first companies to "corroborate" CrowdStrike's assertion of Russian involvement was FireEye/Mandiant. The Washington Post accepted Mandiant's conclusion as "independent" even though it was based on data provided to Mandiant not by the DNC itself, but by CrowdStrike as an intermediary.
Earlier today, The Daily Caller reported that FireEye has now been retained by the Clinton Foundation (CF) to investigate a suspected hack of that organization. We shouldn't expect FireEye to waste any time before assuring us that the same Russian fingerprints from the DNC hack are all over the CF hack.
This hire is significant for the Clinton media machine in two ways.
In the first place, it addresses the chief rhetorical weakness of the DNC's exclusive reliance on one private company (CrowdStrike) to diagnose the breach. Wherever we used to see "CrowdStrike" in stories about hacks relating to the Clintons and the Democrats, we'll start seeing "the cybersecurity industry" invoked as a whole.
But the second (and more insidious) development we should be able to foresee is that more and more cybersecurity firms will begin to issue press releases of their own in support of whatever CrowdStrike and FireEye have to say. Any such firms that have been paying attention have just learned that those who chime in with the appropriate take on the "blame Russia" campaign (as FireEye did back in June) will be first in line to receive consideration for contracts from the various outfits connected to Hillary Clinton's candidacy.
I predict that the next few months will show us that the Clinton media machine can play cybersecurity experts in exactly the same way that it currently plays journalists. The Clintons don't have to pay people to say whatever magic words they want to hear; they simply allow potential shills to observe that the easiest way to get a seat on the Clinton gravy train is to parrot whatever is being said by the people who are already on board.