‘All the Evidence’ Suggests Guccifer 2.0 is Linked to CIA, Not Russia, NSA Whistleblower Says

© Photo : Bill Binney
Sputnik | August 13, 2020

The internet is not capable of accommodating the download speeds necessary to validate the claims by Guccifer 2.0, that they hacked documents from across the Atlantic, according to a former technical director at the National Security Agency.
Guccifer 2.0, the cyber personality which claimed to have hacked documents belonging to members of the Democratic National Committee in 2016, is likely to be a front for the CIA, according to analysis conducted by members of Veteran Intelligence Professionals for Sanity (VIPS).
Bill Binney, a cryptogropher and former technical director at the US National Security Agency (NSA), blew the whistle on the agency’s mass surveillance programmes after serving with them for 30 years. Mr Binney explains to Sputnik that despite Guccifer 2.0 claiming to have hacked documents which the cyber criminal later published, the download speeds necessary to have obtained the documents simply are not available across the World Wide Web.
Sputnik: What were the conclusions that you came to regarding a cyber personality known as Guccifer 2.0 and his claims that he had hacked a trove of documents?

Bill Binney: Guccifer 2.0, posted files from the 5th of July [2016], the 1st of September [2016] in batch mode. He also put files out in the 15th of June that had Russian fingerprints. So to go straight at those, we had some collaborating analysts looking in the UK, looking at the data also. And they came up with a match of five files out of the Guccifer 2.0 batch on the 15th of June, they found five of those files also posted by Wikileaks in the Podesta emails, the same files. Now, the difference is the Guccifer 2.0 posts had Russian fingerprints. You know, Cyrillic characters and things like that implanted in the file. The WikiLeaks files posted, of those same five emails, did not have Russian signature prints in it. So that told us that Guccifer 2.0 was inserting these Russian fingerprints. And we had some other fingerprint evidence of them using that.
Then, when we looked at the 5th of July 2016 and the September 2016 data that was posted by Guccifer 2.0, he would give a bio, we had extracted file names, number of characters and the timestamp at the end of the file. And he did the batch. So there was one file after the other. It was timestamped at the end of each file. So all we had to do was [assess the] difference in time between the files and see how many characters were passed and we calculate the transfer rate. And when we did that we got rates between 14 and 49.1 megabytes per second. That’s between 19 and 49.1 million characters per second. And we knew that the international web across the Atlantic to Europe, somewhere in Eastern Europe could not handle that kind of rate transfer.
Some people here thought we could. So we said, okay, we’ll try it. And we tried it from Albania, Serbia, Netherlands and the UK. The fastest we got with between two data centres, one in New Jersey and one in the United Kingdom in London. And that was 12 megabytes per second, which is slightly less than one fourth necessary capacity to transfer just the data, not counting overhead that goes with it and all of that… So all of that said to us, it was not there.
Sputnik: Was there anything else?
Bill Binney: There was another factor. We looked at the files again and if you ignored the date and the hour, the two [batches] shuffled together like a deck of cards. That is the times, [if you] looked only at a minutes, seconds and milliseconds, the data from the 1st of September merged into the time holes of the 5 July data. Which meant it was shuffling like one of cards. You have one file, he separated in two, then they had a range change on the date and the hour. You can’t do it on minutes and seconds because they keep changing. I mean, you’d have to go up there every minute and every second you got to know it’s not possible to do that, without extreme effort I’d say. What that said to us was this guy is fabricating the data, he’s playing with the data, he’s playing with us…
Vault 7
Then we went back and looked at the Vault 7 material (descriptions of CIA hacking tools published by WikiLeaks), which said that there’s a programme called Marble Framework, which [the CIA can use to] modify an attack and make it look like someone else did the attack, and the countries they had the capability to do that [to] were Russia, China, North Korea, Iran and Arab countries. Also [Vault 7] said that the Marble Framework programme was [used] one time in 2016. Well, we think we found that one time. That one time came up and that fit very well with what was going on which we were finding out with the Guccifer 2.0 material. He was fabricating it. So that suggested us all the evidence was pointing back to CIA as the originator Guccifer 2.0. And that Guccifer 2.0 was inside CIA.
Sputnik: Just to clarify, the documents Guccifer 2.0 was publishing weren’t what is known as the DNC leaks or DNC hacks that WikiLeaks published in three batches?
Bill Binney: [Yes]. [Gucifer 2.0] claimed to have hacked [the documents he published].
The Hammer
There’s another whistleblower that we’re working with also and they’ve talked to us about a programme called The Hammer. This programme was set up inside CIA by, according to the whistleblower, by [former Director of National Intelligence James] Clapper and [former CIA chief John] Brennan. And it was done so that they could spy on anybody they wanted to, without anybody in the intelligence community or the US government or any other government knowing they were doing it. The programme actually goes… back to 2003, I believe, with you when they first set it up. But [the whistleblower] also said that after that they had a secret operation inside CIA, by this group of people inside CIA looking at the Trump campaign and anybody else they wanted to sign on.
And it was done in that way, because, see, if you go into the NSA data and which the Five Eyes can do that as well, if you do that, anybody going in there, you’re tracked and recorded [when you use the surveillance system]. It’s wherever you go and what you do. And that’s based on the network logs. And also if you do an unmasking, you have to make a request and that’s recorded, who did it, what time, what the subject was and what the justification was and what person they were after. So, you know, all that stuff is recorded to go there. But if you set up your own separate one, nobody knows what you’re doing. And that’s exactly what this [whistleblower] is claiming. I’m pointing to that group as the group that was probably the originator of Guccifer 2.0 and also this fabrication of the entire story of Russiagate.
This interview has been edited for clarity and concision.

Source