By Robert Romano
Lost over the weekend amid President Donald Trump’s very serious and important allegation over Twitter that former President Barack Obama’s administration had engaged in surveillance of the Trump campaign in 2016 was another tweet from Trump that goes to the heart of claims that Russia had anything at all to do with the supposed hack of the Democratic National Committee (DNC) and John Podesta emails.
The second tweet on March 4 stated, “Is it true the DNC would not allow the FBI access to check server or other equipment after learning it was hacked? Can that be possible?”
Here, Trump was referring apparently to a CNN report from January that the Democratic National Committee (DNC) refused to give the FBI access to its computer servers after it claimed in June it had been hacked by the Russian government.
Although the DNC tells the story a different way, with DNC deputy communications director Eric Lake offering to Buzzfeed News, “The DNC had several meetings with representatives of the FBI’s Cyber Division and its Washington Field Office, the Department of Justice’s National Security Division, and US Attorney’s Offices, and it responded to a variety of requests for cooperation, but the FBI never requested access to the DNC’s computer servers.”
But, either the FBI tried to get access to the servers, and was refused, or the FBI simply never requested access. Either way, per the CNN report, “The FBI instead relied on the assessment from a third-party security company called CrowdStrike,” which had performed its own audit of the DNC server.
This raises the obvious question of how the U.S. government ever proved on its own that Russia was behind the hack — if there even was a hack — if it never accessed the DNC computers. For, this goes to the heart of all claims central to Russia and the 2016 election.
Namely, if Russia was not behind any hacking of the DNC or John Podesta, then the Trump campaign could not have possibly colluded with Russia in such efforts.
Enter into the mix Wikileaks once again with its bombshell disclosure of CIA cyber warfare hacking tools and capabilities, which, besides Edward Snowden, appears to be the most impactful dump of classified information in U.S. history. Included in the disclosure is the ability of the agency — and presumably other hackers — to mask who is performing a hack.
According to Wikileaks’ press release, “The CIA’s Remote Devices Branch‘s UMBRAGE group collects and maintains a substantial library of attack techniques ‘stolen’ from malware produced in other states including the Russian Federation. With UMBRAGE and related projects the CIA cannot only increase its total number of attack types but also misdirect attribution by leaving behind the ‘fingerprints’ of the groups that the attack techniques were stolen from.”
On its face, the revelations on UMBRAGE appear to contradict a key finding from the CrowdStrike audit of the DNC server last year, which relied on an analysis of the techniques used by the supposed hackers.
Wrote Crowdstrike, “we identified advanced methods consistent with nation-state level capabilities including deliberate targeting and ‘access management’ tradecraft — both groups were constantly going back into the environment to change out their implants, modify persistent methods, move to new Command & Control channels and perform other tasks to try to stay ahead of being detected. Both adversaries engage in extensive political and economic espionage for the benefit of the government of the Russian Federation and are believed to be closely linked to the Russian government’s powerful and highly capable intelligence services.”
But if those techniques can be co-opted by other hackers or intelligence agencies — as the UMBRAGE program appears designed to do — it appears that the list of potential intruders on the DNC server should have been longer than just Russia. How does analyzing techniques tell you who perpetrated a hack?
Because, not only did the U.S. government apparently not physically investigate the DNC servers, it should have known full well that the hacking techniques identified by Crowdstrike as being used by state actors could be mimicked.
Add to that the fact that the DNC servers were already compromised in Dec. 2015, not because of a hack, but because of its internal voter and donor database software, NGP VAN, kept dropping its firewall. The problems were so bad that opposing campaigns could access each other’s files. Josh Uretsky was Bernie Sanders’ national data director but was fired after he accessed and stored files from the Clinton campaign he was able to access via NGP VAN before a software patch was issued. Has the FBI investigated these internal vulnerabilities? Might they explain how somebody internally might have gotten to the files that did wind up on Wikileaks?
That leads to multiple possibilities for the DNC servers to have been intruded. Then, what made everyone think it was Russia?
Bear in mind that right before the supposed hack was reported, on June 12, 2016, Wikileaks founder Julian Assange told ITV in an interview that “We have upcoming leaks in relation to Hillary Clinton, which is great, Wikileaks has a very big year ahead… We have emails related to Hillary Clinton which are pending publication, that is correct.”
Just two days later, on the Washington Post on June 14, 2016, it was preannounced that the hackers had accessed opposition research on then-GOP presidential candidate Donald Trump, which stated, “Russian government hackers penetrated the computer network of the Democratic National Committee and gained access to the entire database of opposition research on GOP presidential candidate Donald Trump, according to committee officials and security experts who responded to the breach.”
Sure enough, a day later, on June 15, 2016, the WordPress blog by Guccifer 2.0 appeared, taking credit for the DNC hack described in the Washington Post story. The blog posted some of the documents including the opposition research as proof of the hack. Critically, Guccifer 2.0 claimed, “The main part of the papers, thousands of files and mails, I gave to Wikileaks. They will publish them soon.”
Here Guccifer 2.0 was going out of its way to associate itself with Wikileaks, not the other way around. Wikileaks never confirmed that Guccifer 2.0 was the source of either the DNC or Podesta emails.
It was always peculiar that Wikileaks’ supposed source for the organization’s biggest story ever had preempted Wikileaks’ disclosure by more than a month claiming responsibility. Guccifer 2.0 also left behind a trail of bread crumbs that make the hack look Russian. For example, it was revealed that metadata in one of the files posted by Guccifer 2.0 was modified by a user whose name in Cyrillic was “Felix Edmundovich,” an apparent reference to a founder of the Soviet-era secret police.
So, what if the DNC supposed hack and Guccifer 2.0 was actually staged to make it look like Russia was responsible in order to get out front of Assange’s pending leaks against Clinton?
Former United Kingdom Ambassador to Uzbekistan Craig Murray has maintained that there was no hack for months. “Neither of [the leaks] came from the Russians. The source had legal access to the information. The documents came from inside leaks, not hacks,” Murray is quoted as saying in an interview with the Daily Mail published Dec. 14, 2016.
Later, at a tech conference in London in Sept. 2016, Guccifer 2.0 claimed he or she had accessed the DNC servers via the same NGP VAN breach that Uretsky had been fired from the Sanders campaign over.
Add to that, then, the Christopher Steele dossier commissioned by the Clinton campaign — eventually published and discredited by Buzzfeed — that only started linking the Trump campaign to the Wikileaks disclosures after the DNC emails had appeared on Wikileaks in July. Somehow, Steele’s sources had no idea what bombshells were coming from Assange in the initial memos, but suddenly, in late July after Wikileaks published the emails, he had already gotten to the bottom of it. Not only was Russia behind Wikileaks, but the Trump campaign was colluding with them. It was too good to be true.
At some point, the FBI apparently offered to commission Steele to continue his Russia, Trump reporting, according to a Feb. 28 report from the Washington Post. In a March 6 letter by Senate Judiciary Committee Chairman Chuck Grassley (R-Iowa) to FBI director James Comey, Grassley blasted the agency for getting involved in politics — and using unsubstantiated opposition research by the Clinton campaign to apparently initiate a national security investigation into the Trump campaign, then the opposition party.
“The idea that the FBI and associates of the Clinton campaign would pay Mr. Steele to investigate the Republican nominee for President in the run-up to the election raises further questions about the FBI’s independence from politics, as well as the Obama administration’s use of law enforcement and intelligence agencies for political ends,” wrote Grassley.
Indeed, it offers the appearance that the Trump campaign was framed — by the Clinton campaign using vendors like Steele and CrowdStrike — for crimes that were never committed. What’s worse, the FBI appears to have relied on these Democrat sources for material related to Russia — without apparently verifying it for itself.
Next, information was used to engage in surveillance against the Trump campaign — or at least spy on Russian contacts with the Trump campaign — which were then leaked to the media to create the appearance of collusion. FBI probes were launched into one-time campaign advisor Carter Page, former campaign manager Paul Manafort and former National Security Advisor Mike Flynn. These men’s reputations were destroyed at the altar of this madness.
So far, the Russia supposed hacks of the DNC and John Podesta emails have been compared to Pearl Harbor and 9/11. But who were these hackers? What were their names? Which branch of the Russian government did they represent? What city were they operating out of? Were there any operatives in the U.S.?
Or don’t we know? Consider that. The Clinton campaign and the Obama administration have virtually destroyed U.S-Russian relations — with both governments sitting atop thousands of nuclear weapons — bringing us to the brink of war, with claims that were never proven. It has become an article of faith. Something politicians say to sound tough but who have not at all made the case publicly to justify escalating tensions in theaters like Syria or Ukraine.
This is all making war more likely. And one way or another it’s time to come clean.
If the government can’t prove the case against Russia — if the supposed hack was not even physically investigated by the FBI — then for the sake of diplomacy alone, the claim ought to be disavowed. Those intelligence assessments by the Obama administration should have never been made public. They, lacking proof, added nothing but poison to the discussion, and their continued exhibition to date in news reports purporting to show fantastical connections between Trump and Russia contribute nothing but further deteriorating the possibility of relations.
To be fair, we don’t know what we don’t know. But given these glaring inconsistencies in the record — plus the specter that the Obama administration used the national security apparatus against the opposition party to win an election and afterward to overturn it and now to simply save face — the House and Senate Intelligence Committees must consider and investigate the possibility we’ve all been had.
Robert Romano is the senior editor of Americans for Limited Government.