Climate of Fear in Cyber-Security, More Evidence

On Dec 30, 2016 – Jan 2, 2017, Mark Maunder, CEO of the security company Wordfence, was among many vocal critics of the wrong and incompetent FBI-DHS report GRIZZLY STEPPE, purporting to provide technical indications of “Russian hacking.” A month and a half later he decided not to criticize the new version of the same report, citing political nature of this issue.

Dec 30, 2016. “US Govt Data Shows ‘Russia’ Used Outdated Ukrainian PHP Malware”

Mark Maunder suggested that ‘Russia’ is put in quotes in his next post on the subject.

Jan 2, 2017. Mark confirms the results he had published. Mark and two other security researchers from Wordfence analyzed and compared to the real world the data from GRIZZLY STEPPE report (FBI & DHS, Dec 29, 2016). They concluded (emphasis is mine):

“On Friday we published an analysis of the FBI and DHS Grizzly Steppe report. The report was widely seen as proof that Russian intelligence operatives hacked the US 2016 election. We showed that the PHP malware in the report is old, freely available from a Ukrainian hacker group and is an administrative tool for hackers. We also performed an analysis on the IP addresses included in the report and showed that they originate from 61 countries and 389 different organizations with no clear attribution to Russia.”

The post also quoted opinions of Jeffrey Carr (founder of the Suits and Spooks conference and a lecturer at the Army War College and the Defense Intelligence Agency) and Robert M Lee (CEO and founder of the security company Dragos), who independently analyzed the same report and arrived to similar conclusions.  The article also references general media articles, using the same researchers: White House fails to make case that Russian hackers tampered with election (Ars Technica) and Grizzly Misstep: Security Experts Call Russia Hacking Report “Poorly Done,” “Fatally Flawed” (

February 13, 2017. A post on the freshly cooked “Enhanced Grizzly Steppe Report” entirely avoids criticizing or even analyzing its data or methodology. Why? The author was intimidated by the Big Tech. The Big Tech, triggered by the travel ban, joined “the resistance”! A small note in the end of the article hints of this duress:

“Final note regarding comments: Please note that due to the political nature of this issue, we won’t be publishing any comments with political overtones. Our focus is simply on the data that DHS released and the data we are seeing ourselves and our analysis of it. Thank you.”

via Dealing with the Con in Consensus

February 6, 2019 at 12:01PM

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: