mandag 2. januar 2017

Two false stories about Russia in 3 days: the Moscow school and the Vermont grid 

Though complaining of Russian disinformation and propaganda, the US media spread completely false stories about Russia being about to close the Anglo-American school in Moscow and having hacked into the Vermont electricity grid in just three days, though the first story originated with a US not a Russian source, and the second story would not have survived basic fact checking with the electricity utility involved.
 
In a Western media world where the words “Russia” and “fake news” are rapidly becoming conflated, it is interesting to note that two stories about Russia which gained unusual prominence in the Western media over the last few days were both false, and that Russia far from being responsible for either was the target of both.

The first of these stories concerned the Anglo-American school in Moscow.

In the immediate aftermath of US President Obama’s announcement of further sanctions against Russia, following his claims of Russian hacking and of Russian interference in the recent US Presidential election, rumours that Russia would retaliate by closing the school spread like wildfire across the media.

The story began with a CNN tweet on 29th December 2016

: A US official says Russian authorities ordered the Anglo-American School of Moscow to close as retaliation for US sanctions

Note that the CNN cited no Russian source for the story.  Instead it originated with our old friend, the anonymous US (ie. Obama administration) official.

The story was then immediately picked up Politico, which began its piece by claiming wrongly that the closure of the school had been “announced” by “Russian officials”
Russian authorities on Thursday announced the closure of the Anglo-American School of Moscow, hours after the Kremlin vowed to retaliate against recent U.S. sanctions.
(bold italics added)
“Russian officials” of course “announced” no such thing.  The story originated as we saw not with Russian officials but with a single unnamed US official.

The CNN report was then picked up by Radio Free Europe, and was widely re-tweeted, until Maria Zakharova, Russia’s Foreign Ministry spokeswoman, acted to refute to it on her Facebook page.

Two days later, the Western media was gripped by a further story of how Russia had hacked into the US electricity grid.  This time the story originated in the Washington Post – the newspaper which has been the most assiduous in spreading the CIA’s claims about Russian hacking – which claimed that
A code associated with the Russian hacking operation dubbed Grizzly Steppe by the Obama administration has been detected within the system of a Vermont utility, according to U.S. officials.
Again the story spread like wildfire, being picked up not just by the media (including incidentally the British media) but by various US politicians, including the Governor of Vermont, and local politicians there.

The story was however untrue.  No sinister Russian code was found “within the system of a Vermont utility”.  The code was found in a single laptop owned by Burlington Electric that was not connected to the electric grid.  The Washington Post has now modified the story, changing the headline, and providing an explanatory editorial note.  Glenn Greenwald at The Intercept has provided a full and thorough account, exposing the story.

The only point I would add to the points Glenn Greenwald makes is that if the Washington Post is right and the code found in the laptop is “associated with the Russian hacking operation dubbed Grizzly Steppe by the Obama administration” then that would seem to bear out the point made by the cyber specialist Jeffrey Carr that it can be wrong to try to use malware to identify a hacker
A common misconception of “threat group” is that refers to a group of people. It doesn’t…..Once malware is deployed, it is no longer under the control of the hacker who deployed it or the developer who created it. It can be reverse-engineered, copied, modified, shared and redeployed again and again by anyone. In other words — malware deployed is malware enjoyed!
It is not obvious why Russian intelligence would want to hack into a utility company in Vermont.  If malware associated with the alleged Clinton hacks really was found in the laptop then it is more likely the malware was being used by someone else, in which case it is less likely that Cozy Bear and Fancy Bear are groups of hackers working for Russian intelligence.

Putting that aside, the key point about the Russians hacking into Vermont’s electricity grid is that it was untrue, just as the story of Russia’s closure of the Anglo-American school in Moscow was untrue.
Mistakes of course happen, and it is likely the Washington Post’s story of the Russians hacking into Vermont electric grid was one, though as Glenn Greenwald says, the sloppy journalism and absence of basic fact checking in a story involving Russia is concerning.

However the fact the story about the closure of the Anglo-American school in Moscow originated with an unnamed US official suggests that it at least was part of a deliberate if ultimately unsuccessful disinformation exercise.  
Presumably someone in the Obama administration, expecting a strong reaction to Obama’s sanctions from the Russians, sought to hype up the hysteria further by spreading stories the Russians were about to close the school.  In the event Russian President Putin’s refusal to be goaded by Obama made the effort look flat-footed.

Nonetheless the fact remains that two demonstrably false stories have appeared in the Western media about Russia in the course of just three days.

That in turn tends to bear out my longstanding impression that Russia is far more likely to be the target of false news than the creator of it.