On June 12, 2016, WikiLeaks announced it would soon release stolen computer files that pertained to Hillary Clinton’s presidential campaign.
Two days later, CrowdStrike, a computer security company working for the Democratic National Committee, announced that it had detected Russian malware on the DNC’s computer server. The next day, a self-described Romanian hacker, Guccifer 2.0, claimed he was a WikiLeaks source and had hacked the DNC’s server. He then posted online DNC computer files that contained metadata that indicated Russian involvement in the hack.
Much to the embarrassment of Hillary Clinton, the released files showed that the DNC had secretly collaborated with her campaign to promote her candidacy for the Democratic presidential nomination over that of Bernie Sanders. Clearly, the Clinton campaign needed to lessen the political damage. Jennifer Palmieri, Clinton’s public relations chief, said in a Washington Post essay in March that she worked assiduously during the Democratic nominating convention to “get the press to focus on … the prospect that Russia had not only hacked and stolen emails from the DNC, but that it had done so to help Donald Trump and hurt Hillary.”
Thus was laid the cornerstone of the Trump-Russia-collusion conspiracy theory.
Since then, the mainstream media have created a climate of hysteria in which this unsubstantiated theory has been conjured into accepted truth. This has resulted in investigations by Congress and a special counsel into President Trump, his family and his campaign staff for supposed collusion with the Russians.
But in their frenzied coverage, the media have downplayed the very odd behavior of the DNC, the putative target of the alleged hack. For, when the Department of Homeland Security and the FBI learned of the hacking claim, they asked to examine the server.
The DNC refused. Without explanation, it continues to deny law enforcement access to its server.
Why would the purported victim of a crime refuse to cooperate with law enforcement in solving that crime? Is it hiding something? Is it afraid the server’s contents will discredit the Russia-hacking story?
The answers to those questions are beginning to emerge thanks to an exacting forensic examination of the available evidence by the Veteran Intelligence Professionals for Sanity, an organization of former CIA, FBI, National Security Agency, and military intelligence officers, technical experts, and analysts.
By way of background, VIPS has a well-established record of debunking questionable intelligence assessments that have been slanted to serve political purposes. For example, in the run-up to the invasion of Iraq, VIPS courageously and correctly challenged the accuracy and veracity of the CIA’s intelligence estimates that Saddam Hussein possessed weapons of mass destruction and that he posed a threat to the United States. Similarly, VIPS has condemned the use of “enhanced interrogation techniques” on suspected terrorists. In short, VIPS can hardly be described as either a right-wing cabal or as carrying water for the Republican Party.
In its ongoing analysis of the purported DNC hack, VIPS has brought to bear the impressive talents of more than a dozen experienced, well-credentialed experts, including William Binney, a former NSA technical director and co-founder of the NSA’s Signals Intelligence Automation Research Center; Edward Loomis, former NSA technical director for the Office of Signals Processing; and Skip Folden, former manager of IBM’s information technology. As the French would say, these are l’hommes serieux, as are the other computer-system designers, program architects and analysts with whom they are investigating the Clinton-DNC hack story.
Recently, VIPS released its initial investigative findings, and they are stunning.
First, VIPS has concluded that the DNC data were not hacked by the Russians or anyone else accessing the server over the internet. Instead, they were downloaded by means of a thumb drive or similar portable storage device physically attached to the DNC server.
How was this determined? The time stamps contained in the released computer files’ metadata establish that, at 6:45 p.m. July 5, 2016, 1,976 megabytes of data were downloaded from the DNC’s server. This took 87 seconds, which means the transfer rate was 22.7 megabytes per second, a speed, according to VIPS, that “is much faster than what is physically possible with a hack.” Such a speed could be accomplished only by direct connection of a portable storage device to the server. Accordingly, VIPS concludes the DNC data theft was an inside job by someone with physical access to the server.
VIPS also reports that, if there had been a hack, the NSA would have a record of it that could quickly be retrieved and produced. But no such evidence has been forthcoming. Can this be because no hack occurred?
Even more remarkable, the experts have determined that files released by Guccifer 2.0 have been “run, via ordinary cut and paste, through a template that effectively immersed them in what could plausibly be cast as Russian fingerprints.” In other words, the files were deliberately altered to give the false impression that they were hacked by Russian agents.
Up to this point, Russiagate has been notable as an irrational, self-levitating media jihad devoid of any material-supporting evidence. Now, thanks to the VIPS experts, the Russia-hacking story — the very genesis of the Trump-Russia conspiracy theory — appears to have been affirmatively and convincingly undercut. And this raises many questions concerning the purveyors of the Russia hacking story, as well as the heretofore semicomatose federal investigation of the alleged hack.
After the DNC denied law enforcement access to its server, the FBI — under James Comey’s flaccid leadership — meekly agreed to accept the findings of CrowdStrike, the DNC’s private computer security firm, as to the server’s contents. This was in lieu of the FBI’s using the legal process to search the server for Russian malware and evidence of hacking.
Why did Comey and the FBI agree to such an impotent, absurd and self-defeating arrangement? And why to this day has this bizarre situation been allowed to continue?
Special counsel Robert Mueller has been tasked with investigating the alleged Trump-Russia conspiracy. Unlike the feckless Comey, he has used a grand jury and at least one search warrant to obtain evidence. May we expect Mueller to use similar tactics in dealing with the mysteriously recalcitrant DNC? Will the server at long last be subjected to a non-DNC-controlled forensic analysis? Will the server and CrowdStrike’s work product be analyzed to either confirm or disprove the presence of Russian malware? And, if none is found, will the special counsel investigate the persons responsible for that deception?
Will the DNC files released by Guccifer 2.0 be analyzed to determine if they were, as VIPS has concluded, altered to give the false impression that the Russians had hacked the server? If so, will Mueller pursue those responsible for the adulteration? If, as appears likely, the server was not hacked, will Mueller investigate why Hillary Clinton and the DNC claimed it was? Will he investigate whether the DNC files were stolen by someone who had direct physical access to the DNC server? Will he try to determine who at the DNC had a motive to leak the files? Could it be someone who wanted to make public Clinton and the DNC’s underhanded treatment of Sanders?
These are but a few of the areas of inquiry that any fair and competent investigator intent on getting to the truth would pursue. Will Mueller honestly and vigorously investigate them at the risk of incurring the anti-Trump media’s wrath and possibly exposing the Russia-hacking story as a carefully orchestrated falsehood by Clinton and the DNC?
Or will the unraveling Russiagate fable continue to be a fig leaf for a one-sided, politically motivated effort by Mueller and his staff of Hillary Clinton supporters to undo the outcome of the 2016 presidential election?
George Parry is a former state and federal prosecutor practicing law in Philadelphia.