January 4, 2017
It’s quite ironic that the one newspaper most hysterical in warning the American public about the dangers of “fake news,” has become the most prolific publisher of it.
The most recent example, of course, relates to the entirely made up story that those dastardly Russians had hacked into the U.S. power grid through a Vermont utility. The paper’s source for the story? Anonymous government officials. Unsurprisingly, the entire thing was a fairytale.
Most of you will already be aware of the story, but this is such a monumental example of journalistic malpractice, it deserve far more attention and scrutiny.
In that regard, Forbes contributor Kalev Leetaru, has done an excellent job of shining further light on how it all went down in his piece, “Fake News” And How The Washington Post Rewrote Its Story On Russian Hacking Of The Power Grid. Here are some key excerpts:
On Friday the Washington Post sparked a wave of fear when it ran the breathless headline “Russian hackers penetrated U.S. electricity grid through a utility in Vermont, U.S. officials say.” The lead sentence offered “A code associated with the Russian hacking operation dubbed Grizzly Steppe by the Obama administration has been detected within the system of a Vermont utility, according to U.S. officials” and continued “While the Russians did not actively use the code to disrupt operations of the utility, according to officials who spoke on condition of anonymity in order to discuss a security matter, the penetration of the nation’s electrical grid is significant because it represents a potentially serious vulnerability.”
Yet, it turns out this narrative was false and as the chronology below will show, illustrates how effectively false and misleading news can ricochet through the global news echo chamber through the pages of top tier newspapers that fail to properly verify their facts.
The original article was posted online on the Washington Post’s website at 7:55PM EST. Using the Internet Archive’s Wayback Machine, we can see that sometime between 9:24PM and 10:06PM the Post updatedthe article to indicate that multiple computer systems at the utility had been breached (“computers” plural), but that further data was still being collected: “Officials said that it is unclear when the code entered the Vermont utility’s computers, and that an investigation will attempt to determine the timing and nature of the intrusion.” Several paragraphs of additional material were added between 8PM and 10PM, claiming and contextualizing the breach as part of a broader campaign of Russian hacking against the US, including the DNC and Podesta email breaches.
Despite the article ballooning from 8 to 18 paragraphs, the publication date of the article remained unchanged and no editorial note was appended, meaning that a reader being forwarded a link to the article would have no way of knowing the article they were seeing was in any way changed from the original version published 2 hours prior.
Yet, as the Post’s story ricocheted through the politically charged environment, other media outlets and technology experts began questioning the Post’s claims and the utility company itself finally issued a formal statement at 9:37PM EST, just an hour and a half after the Post’s publication, pushing back on the Post’s claims: “We detected the malware in a single Burlington Electric Department laptop not connected to our organization’s grid systems. We took immediate action to isolate the laptop and alerted federal officials of this finding.”
From Russian hackers burrowed deep within the US electrical grid, ready to plunge the nation into darkness at the flip of a switch, an hour and a half later the story suddenly became that a single non-grid laptop had a piece of malware on it and that the laptop was not connected to the utility grid in any way.
However, it was not until almost a full hour after the utility’s official press release (at around 10:30PM EST) that the Post finally updated its article, changing the headline to the more muted “Russian operation hacked a Vermont utility, showing risk to U.S. electrical grid security, officials say” and changed the body of the article to note “Burlington Electric said in a statement that the company detected a malware code used in the Grizzly Steppe operation in a laptop that was not connected to the organization’s grid systems. The firm said it took immediate action to isolate the laptop and alert federal authorities.” Yet, other parts of the article, including a later sentence claiming that multiple computers at the utility had been breached, remained intact.
The following morning, nearly 11 hours after changing the headline and rewriting the article to indicate that the grid itself was never breached and the “hack” was only an isolated laptop with malware, the Post still had not appended any kind of editorial note to indicate that it had significantly changed the focus of the article.
Only after numerous outlets called out the Post’s changes did the newspaper finally append an editorial note at the very bottom of the article more than half a day later saying “An earlier version of this story incorrectly said that Russian hackers had penetrated the U.S. electric grid. Authorities say there is no indication of that so far. The computer at Burlington Electric that was hacked was not attached to the grid.”
Yet, even this correction is not a true reflection of public facts as known. The utility indicated only that a laptop was found to contain malware that has previously been associated with Russian hackers. As many pointed out, the malware in question is actually available for purchase online, meaning anyone could have used it and its mere presence is not a guarantee of Russian government involvement. Moreover, a malware infection can come from many sources, including visiting malicious websites and thus the mere presence of malware on a laptop computer does not necessarily indicate that Russian government hackers launched a coordinated hacking campaign to penetrate that machine – the infection could have come from something as simple as an employee visiting an infected website on a work computer.
Now here’s the best part. Does this sound like journalism or propaganda to you?
Particularly fascinating that the original Post story mentioned that there were only two major power utilities in Vermont and that Burlington Electric was one of them, meaning it would have been easy to call both companies for comment. However, while the article mentions contacting DHS for comment, there is no mention of any kind that the Post reached out to either of the two utilities for comment. Given that Burlington issued its formal statement denying the Post’s claims just an hour and a half later, this would suggest that had the Post reached out to the company it likely could have corrected its story prior to publication.
Well yeah, why do actual journalism when you can just copy/paste government press releases.
Perhaps most intriguing is that, as with the Santa Claus story, the Post did not respond to repeated requests for comment regarding how it conducts fact checking for its stories. This marks twice in a row that the Post has chosen not to respond in any fashion to my requests for more detail on its fact checking processes. Given the present atmosphere in which trust in media is in freefall and mainstream outlets like the Post are positioning themselves as the answer to “fake news” it certainly does not advance trust in the media when a newspaper will not even provide the most cursory of insight into how it checks its facts.
As with the Santa Claus story, the Post appears to have run this story without even attempting to perform the most basic of fact checks before publication. The original story noted that there were only two utilities in Vermont and yet the article states that the Post only attempted to contact DHS and does not mention any attempt to contact either of the utilities. Standard journalistic practice would have required that the Post mention that it attempted to reach either utility even if neither responded. The Post did not respond to a request for comment when I asked if it had attempted to reach either utility for comment prior to publication.
Putting this all together, what can we learn from this? The first is that, as with the Santa Claus and PropOrNot stories, the journalism world tends to rely far more on trust than fact checking. When one news outlet runs a story, the rest of the journalism world tends to follow suit, each writing their own version of the story without ever going back to the original sources for verification. In short – once a story enters the journalism world it spreads without further restraint as each outlet assumes that the one before performed the necessary fact checking.
The second is that the news media is overly dependent on government sources. Glenn Greenwald raises the fantastic point that journalists must be more cautious in treating the word of governments as absolute truth. Indeed, a certain fraction of the world’s false and misleading news actually comes from the mouths of government spokespeople. Yet, in the Post’s case, it appears that a government source tipped off the post about a sensational story of Russians hacking the US power grid and instead of reaching out to the utilities themselves or gathering further detail, the Post simply published the story as fed to them by the government officials.
As damning as the above is, it gets worse. A lot worse. As more information has come in illuminating the extraordinary fakeness of The Washington Post piece, the paper itself has had to come out and essentially rewrite it. For example, we learn:
As federal officials investigate suspicious Internet activity found last week on a Vermont utility computer, they are finding evidence that the incident is not linked to any Russian government effort to target or hack the utility, according to experts and officials close to the investigation.
An employee at Burlington Electric Department was checking his Yahoo email account Friday and triggered an alert indicating that his computer had connected to a suspicious IP address associated by authorities with the Russian hacking operation that infiltrated the Democratic Party. Officials told the company that traffic with this particular address is found elsewhere in the country and is not unique to Burlington Electric, suggesting the company wasn’t being targeted by the Russians. Indeed, officials say it is possible that the traffic is benign, since this particular IP address is not always connected to malicious activity.
The entire thing was a fabrication. A utility company employee checked his Yahoo email account and The Washington Post turned it into Russia has hacked into the U.S. power grid without doing any fact checking. Mind-boggling incompetence.
In conclusion, I’ll just leave this here.
Since the @washingtonpost called me "fake news", I've published zero fake news articles. How many has the Washington Post published?
— Michael Krieger (@LibertyBlitz) January 3, 2017
This article was posted: Wednesday, January 4, 2017 at 6:29 am