FBI Relied on a Private Firm’s Investigation of the DNC Hack—Which Makes the FBI Harder to Trust

By Josephine Wolff, Slate, May 9 2017


Ray comments: This is step in the right direction, but Ms. Wolff apparently is unaware of WikiLeaks’s publication of Vault 7, part 3, to connect the dots and understand how this apparently went down.  The New York Times published stories, based on original CIA documents, on Vault 7, parts 1 and 2, but avoided like the plague publishing anything about part 3 (which WikiLeaks published on March 31).


In a word, even perceptive folks like Ms. Wolff may not realize that the motto of the New York Times has changed to: “ALL THE NEWS THE CIA SAYS IS OKAY TO PRINT.”


After reading the original CIA documents in Vault 7, part three, Ray concluded – and started pointing out – that easily-connected dots lead to John Brennan (probably in connection with Hillary’s people and perhaps including the unsavory Crowdstrike – itself of ill repute – itself) as the likely hacker, using the capabilities of the ‘MARBLE” program revealed in Vault 7, part 3, to leave behind the “tell-tale” Cyrillic to blame the Russians.  This has worked famously – at least up till now – large because educated folks still seem to believe the NY Times operates under the old motto.


And “highly respected” Comey behaved the way he did because he was in on the CIA/NSA/FBI operation, in Ray’s view.  Could he not have gotten the proper authority to get access to the DNC computers, if he really wanted to?  Hard to believe that he could not.


Ray is getting a little frustrated; he gets zero reaction (pro or con) to his piecing together of the evidence.  Please let him know what you think.


Here’s the meat of Josephine Wolff’s article:

“When will the Fake Media ask about … why the DNC wouldn’t allow the FBI to check their server or investigate?” President Trump tweeted on Sunday at 4:15 a.m. … there’s actually an interesting question worth revisiting. … Why wouldn’t the Democratic National Committee allow the FBI to check their servers during the investigation of the DNC breaches during the 2016 election?

The DNC maintains there’s a simple answer to this question: According to the group, the FBI never asked to see their servers. But FBI Director James Comey told the Senate Intelligence Committee back in January that the FBI did, in fact, issue “multiple requests at different levels” to the DNC to gain direct access to their computer systems and conduct their own forensic analysis.

Instead, whether because they were denied access or simply never asked for it, the FBI instead used the analysis of the DNC breach conducted by security firm CrowdStrike as the basis for its investigation. Regardless of who is telling the truth about what really happened, perhaps the most astonishing thing about this probe is that a private firm’s investigation and attribution was deemed sufficient by both the DNC and the FBI.

That’s not meant as an insult to CrowdStrike … But it’s one thing to trust tech companies to provide email servers and cloud storage and quite another to rely exclusively on them to collect and analyze evidence of a major security incident attributed to a foreign national government.

Good security companies … can certainly, at times, provide useful assistance to law enforcement investigations—but when they end up essentially doing law enforcement’s job for them, as seems to have been the case with the DNC breach, it becomes exceedingly difficult to know whom to trust and whether to take the results of that investigation at face value. In fact, the president made this point himself, in a Jan. 5 tweet about the FBI investigation, back when he apparently believed the DNC’s version of events: “So how and why are they so sure about hacking if they never even requested an examination of the computer servers? What is going on?”

Knowing who conducted a breach investigation is particularly important when it comes to international cyber conflicts because just about everything the government tells us about those conflicts we are expected to take on faith. Consider the declassified summary of the Intelligence Community’s assessment of “Russian Activities and Intentions in Recent US Elections.”

The DNC breaches feature prominently in that summary but, more to the point, the primary rationale readers are given for why they should believe that the Russian government meddled in the U.S. election is because the FBI, CIA, and NSA believe that to be the case. We are given very little actual detail about what happened or how the incidents were traced to Russia specifically, while we are treated to numerous statements along the lines of: “We assess with high confidence that Russian President Vladimir Putin ordered an influence campaign in 2016 aimed at the US presidential election” or “We further assess Putin and the Russian Government developed a clear preference for President-elect Trump. We have high confidence in these judgments.”

Of course, there are many reasons the Intelligence Community might have decided not to reveal any actual evidence for these claims. But in the absence of that evidence, whether or not you believe their conclusions rests entirely on your confidence in the judgment and investigative abilities of the FBI, CIA, and NSA. And if the evidence that they’ve used to level major accusations at a foreign government comes not from agencies of the U.S. government or direct law enforcement investigations, but rather from private sector firms like CrowdStrike, then the “high confidence” of the government counts for very little.

The DNC breach is not the only incident attributed to Russia in the Intelligence assessment summary and it’s likely that some of the others were directly investigated by the government. But even so, this conflation of government- and industry-gathered evidence without clear distinctions makes it harder to take the agencies’ assessments at face value.

… turning over an entire law enforcement investigation to the private sector is a serious mistake. Companies have very different agendas and motivations from those of law enforcement agencies—companies want to raise their own profiles, satisfy their clients, and draw new customers, while law enforcement agencies aim to identify criminals and hold them accountable. Especially when the government is going to justify an accusation by urging citizens to trust its judgment, it matters that they have actually conducted an investigation themselves and drawn their own conclusions based on a first-hand examination of the available evidence.

So if the FBI didn’t ask for access the DNC’s servers out of laziness or negligence, it certainly should have. And if the DNC denied them that access for fear of being embarrassed by what they might find, or because they had more faith in CrowdStrike than the FBI, then it served only to undermine confidence in the ultimate results of the investigation and give the impression of having something shameful to hide. Neither the DNC nor the FBI should have been satisfied with an investigation that did not involve the FBI conducting a first-hand look at the compromised systems. And all of us should be concerned about the seeming acceptance of both parties to let a private company singlehandedly carry out an investigation with such significant political consequences.