Amid an avalanche of self-replicating reports of “Russian hacking,” Donald Trump has questioned how the task of checking whether the DNC’s servers were indeed breached was outsourced by the FBI to a third party.
“The Democratic National Committee would not allow the FBI to study or see its computer info after it was supposedly hacked by Russia,” the president-elect tweeted after the DNC reportedly confirmed that the bureau failed to send their own staff to check the servers.
“So how and why are they so sure about hacking if they never even requested an examination of the computer servers? What is going on?,” the next US president asked.
Trump’s concerns were voiced the same day the Director of National Intelligence, James Clapper, defended the US intelligence assessment that Russian agents interfered in the US election.
Clapper stopped short of declaring the DNC server hacking an “act of war,” as he told the Senate Armed Services Committee that Russia had stepped up its cyber espionage operations.
Commenting on Clapper’s testimony, John McAfee, the founder of McAfee antivirus software, told RT that Clapper engaged in the “most deceptive propaganda” that was ever delivered to the American public. McAfee added, “our intelligence community is so ignorant and naive that they should all be replaced.”
While a redacted intelligence report on the alleged Russian spying activity will be released to the public next week, a joint “informational purposes only” report by the FBI and Homeland Security was released last week. The widely- publicized glitzy titled ‘GRIZZLY STEPPE – Russian Malicious Cyber Activity’ report, was used by President Obama as the basis to expel Russian diplomats and for Clapper to defend his allegations of Russian meddling.
But at the time when the hacking scandal is gaining hysteric proportions in the US, the DNC’s deputy communications director revealed that the US intelligence community never bothered to check or conduct forensic analysis on the DNC server which was allegedly hacked by the Russians.
“The DNC had several meetings with representatives of the FBI’s Cyber Division and its Washington (DC) Field Office, the Department of Justice’s National Security Division, and US Attorney’s Offices, and it responded to a variety of requests for cooperation, but the FBI never requested access to the DNC’s computer servers,” Eric Walker, the DNC’s deputy communications director, told BuzzFeed News in an email.
Instead, the FBI outsourced the computer forensics analysis to IT security company CrowdStrike which first pointed the finger at Moscow in May.
“CrowdStrike is pretty good. There’s no reason to believe that anything that they have concluded is not accurate,” one intelligence official told BuzzFeed, insisting that the company was “confident” Russia was behind the hacks.
“Beginning at the time the intrusion was discovered by the DNC, the DNC cooperated fully with the FBI and its investigation, providing access to all of the information uncovered by CrowdStrike — without any limits,” Walker added.
Three cyber security firms questioned by BuzzFeed confirmed it would be “par for the course” for the FBI to conduct their own forensic research into the alleged hacks, but this time for some reason, that task was outsourced.
The US president-elect also criticized the US intelligence agencies assessment of the DNC information security fiasco. Trump has joined a large, growing chorus of security experts which have questioned the lack of factual intelligence in the 13-page report designed to point finger at Moscow.
McAfee explained to RT that the 29 December report is based on four so-called pillars: a Russian language was found in the malware allegedly used to hack DNC server, a Russian keyboard was used to penetrate US systems, the malicious code was compiled at a time that corresponded with business hours in Moscow and the IP addresses were Russian.
READ MORE: ‘Propaganda intended to incite Americans’: John McAfee to RT on ‘Russian hacking’ claims
“If the CIA wanted to hack Russia, the things you would not do is: you would not include the English language in your software…you would certainly remove the date and time stamp from the program…and number four, you would absolutely not have an IP address that points to you,” the security specialist explained, speaking hypothetically.
“And here is why it cannot possibly be an organized nation-state: because the hack on the DNC used a piece of malware a year and a half old and there have been many updates since then,” McAfee said. “This was done by an independent one person kid that downloaded the software… Please, this is not an organized hack and certainly not a nation-state that did this.”
Robert M. Lee, the CEO and Founder of the critical infrastructure cybersecurity company Dragos, produced a large detailed critique of the initial Grizzly Steppe report. In particular, security specialist questions the list on page 4 of the report which has a table titled 'Reported Russian Military and Civilian Intelligence Services (RIS)'.
“The list of reported RIS names includes relevant and specific names such as campaign names, more general and often unrelated malware family names, and extremely broad and non-descriptive classification of capabilities,” Lee explained after examining the 13-page report.
“It was a mixing of data types that didn’t meet any objective in the report and only added confusion as to whether the DHS/FBI knows what they are doing or if they are instead just telling teams in the government 'contribute anything you have that has been affiliated with Russian activity,” he added in his in-depth explanation.
William Binney, an NSA security expert for 36 years, also questioned the US intelligence community’s rhetoric.
“With respect to the alleged interference by Russia and WikiLeaks in the US election, it is a major mystery why US intelligence feels it must rely on ‘circumstantial evidence,’ when it has NSA’s vacuum cleaner sucking up hard evidence galore,” Binney said in Thursday's op-edge in the Baltimore Sun. “What we know of NSA's capabilities shows that the email disclosures were from leaking, not hacking.”