Anyone that’s been following the news lately has probably noticed that major US media outlets and a sizeable handful of higher-up American politicians have been perfectly comfortable disseminating accusations regarding who’s responsible for the onslaught of cyber attacks that have been waged against US government organizations.
The US Democratic National Committee’s servers were hacked months back and more recently suffered from major humiliation as a result of the leak of emails demonstrating the supposedly neutral committee’s clear favoring of Hillary Clinton over Bernie Sanders throughout the Democratic primary process. Shortly after the leak, the Democratic Congressional Campaign Committee (DCCC) reported its discovery of anonymous hackers snooping on its servers.
More recently, news outlets are covering an even more impressive leak; a hacker group calling itself “ShadowBrokers” recently announced its plan to auction the coding for malware created by the NSA itself. While there is still some debate as to whether the hack is real, documents recently provided by ex-NSA contractor Edward Snowden and the opinions of cyber security experts and ex-NSA employees all seem to back up the credibility of the hackers’ claims.
In the wake of all of this cyber chaos, presidential nominees Hillary Clinton and Donald Trump have already gone so far as to assume that Russian state-sponsored hackers are responsible. Russian politicians and diplomats have vehemently denied the accusations, claiming that the entire narrative is “surprisingly childish.” Some ex-NSA employees have stated that it’s more likely a rogue insider was responsible for the leak than a foreign entity.
But what do current NSA employees and higher-ups think of this chain of events? The enormous and controversial US government agency has remained conspicuously silent in this whirlwind of relatively groundless explanations.
According to Edward Snowden, “evidence that could publicly attribute responsibility for the DNC hack certainly exists at the NSA,” given that the agency has access to a powerful tool called XKeyscore, which collects huge amounts of information and would likely be able to identify the criminals behind the intrusion.
Some strategists believe that because the NSA must know who’s responsible for the attack, they must be holding back their accusations in hopes of maintaining the secrecy of future attacks. After all, if the NSA had covert computers that could identify and watch foreign entities as they attacked, it wouldn’t make sense to make that ability known.
“You give away capabilities and maybe even access if you reveal that,” said Dr. Peter Singer, member of the think tank New America and coauthor of “Ghost Fleet.”
Singer says that the NSA is caught in a “I can’t show you my homework because it means I’ll give up this intelligence goldmine” situation.
That said, other cyber security experts have made their suspicions known. According to CrowdStrike, digital fingerprints left behind by two separate hacker groups linked to the Russian state were found within the DNC servers.
The American public is unlikely to find out if the NSA shares those suspicions anytime soon. Chris Thomas, a strategist at Tenable Network Security, said that the agency was unlikely to dump an enormous flood of information the way that President John F. Kennedy did in 1962 during the Cuban missile crisis:
“President Kennedy famously gave his press briefing where he actually showed U-2 spy plan photos, and this gave away great secrets of the Untied States, but it also proved to the world that there were, in fact, missiles in Cuba,” he explained.
According to Thomas, the United States should say “‘this is why we think this country did this thing… here’s our evidence, here’s our IP addresses, here’s our packet captures,’ just so that it’s not a he-said/she-said type of thing.”