Wednesday, May 13, 2020

You say Denmark, I say State Agencies.

From Hidden Over 2 Years: Dem Cyber-Firm's Sworn Testimony It Had No Proof of Russian Hack of DNC by By Aaron Maté.
CrowdStrike, the private cyber-security firm that first accused Russia of hacking Democratic Party emails and served as a critical source for U.S. intelligence officials in the years-long Trump-Russia probe, acknowledged to Congress more than two years ago that it had no concrete evidence that Russian hackers stole emails from the Democratic National Committee’s server.

CrowdStrike President Shawn Henry's admission under oath, in a recently declassified December 2017 interview before the House Intelligence Committee, raises new questions about whether Special Counsel Robert Mueller, intelligence officials and Democrats misled the public. The allegation that Russia stole Democratic Party emails from Hillary Clinton, John Podesta and others and then passed them to WikiLeaks helped trigger the FBI's probe into now debunked claims of a conspiracy between the Trump campaign and Russia to steal the 2016 election. The CrowdStrike admissions were released just two months after the Justice Department retreated from its its other central claim that Russia meddled in the 2016 election when it dropped charges against Russian troll farms it said had been trying to get Trump elected.

Henry personally led the remediation and forensics analysis of the DNC server after being warned of a breach in late April 2016 – he was paid by the DNC, which refused to turn over its serves to the FBI. Asked for the date when alleged Russian hackers stole data from the DNC server, Henry testified that CrowdStrike did not in fact know if such a theft occurred at all: "We did not have concrete evidence that the data was exfiltrated [moved electronically] from the DNC [servers], but we have indicators that it was exfiltrated," Henry said.

Henry reiterated his claim on multiple occasions:
"There are times when we can see data exfiltrated, and we can say conclusively. But in this case it appears it was set up to be exfiltrated, but we just don’t have the evidence that says it actually left."

"There’s not evidence that they were actually exfiltrated. There's circumstantial evidence but no evidence that they were actually exfiltrated."

"There is circumstantial evidence that that data was exfiltrated off the network. … We didn't have a sensor in place that saw data leave. We said that the data left based on the circumstantial evidence. That was the conclusion that we made."

"Sir, I was just trying to be factually accurate, that we didn't see the data leave, but we believe it left, based on what we saw."

Asked directly if he could "unequivocally say" whether "it was or was not exfiltrated out of DNC," Henry told the committee: "I can't say based on that."
Interesting. I followed this with some attention a few years ago.

At the time of the discovery of the hack, it appeared to me from the reported data transfer rates, that this appeared to be a leak, not a hack. Someone copied the data directly within the system rather than someone tapping in from outside.

It was a hypothesis, unprovable at the time owing to a complete absence of transparency. It seems more likely now.

Astonishingly, for all the time and accusations, they 1) Don't know if any data was actually stolen and 2) Don't know who might have done the stealing. They have suspicions but no evidence. Which means all the hoopla was based on opinion and speculation and not on any real evidence.

"Something is rotten in the state of Denmark" said Shakespeare in Hamlet. Perhaps. But certainly something is rotten in the state of many of our government agencies.

No comments:

Post a Comment