Revealed: DNC Turned Down Help from DHS After Rebuffing FBI in 2016 ‘Hack’ Probe

In this June 14, 2016 file photo, people stand outside the Democratic National Committee (
AP/Paul Holston

In his prepared remarks before the House Permanent Select Committee on Intelligence, former Homeland Security (DHS) Secretary Jeh Johnson revealed that the Democratic National Committee (DNC) “did not feel it needed” DHS assistance into hacks of the Committee’s systems.

This means that the DNC, faced with hacks later attributed to Russia, turned down the possibility of assistance from at least two federal agencies – the DHS and the Federal Bureau of Investigation (FBI).

Johnson’s prepared remarks read:

Jeh Johnson

(Jeh Johnson)

Sometime in 2016 I became aware of a hack into systems of the Democratic National Committee. Fresh from the experience with the Office of Personnel Management, I pressed my staff to know whether DHS was sufficiently proactive, and on the scene helping the DNC identify the intruders and patch vulnerabilities. The answer, to the best of my recollection, was not reassuring: the FBI and the DNC had been in contact with each other months before about the intrusion, and the DNC did not feel it needed DHS’s assistance at that time.

In January testimony before the Senate Intelligence Committee, then-FBI Director James Comey confirmed that the FBI registered “multiple requests at different levels,” to review the DNC’s hacked servers.   Ultimately, the DNC and FBI came to an agreement in which a “highly respected private company” would carry out forensics on the servers and share any information that it discovered with the FBI, Comey testified.

A senior law enforcement official stressed the importance of the FBI gaining direct access to the servers, a request that was denied by the DNC.

“The FBI repeatedly stressed to DNC officials the necessity of obtaining direct access to servers and data, only to be rebuffed until well after the initial compromise had been mitigated,” the official was quoted by the news media as saying.

“This left the FBI no choice but to rely upon a third party for information. These actions caused significant delays and inhibited the FBI from addressing the intrusion earlier.”

Comey’s statement about a “highly respected private company” gaining access to the DNC servers was a reference to CrowdStrike, the third-party company ultimately relied upon by the FBI to make its assessment about alleged Russian hacking into the DNC.

As this reporter documented, CrowdStrike was financed to the tune of $100 million from a funding drive last year led by Google Capital.

Google Capital, which now goes by the name of CapitalG, is an arm of Alphabet Inc., Google’s parent company. Eric Schmidt, the chairman of Alphabet, has been a staunch and active supporter of Hillary Clinton and is a longtime donor to the Democratic Party.

CrowdStrike is a California-based cybersecurity technology company co-founded by experts George Kurtz and Dmitri Alperovitch.

In an Esquire profile, Alperovitch, a Russian expat, recalls he first discovered that Russia allegedly hacked into the DNC when one of his analysts installed a proprietary software package into the DNC’s system and immediately discovered the alleged Russian breach.

“Are we sure it’s Russia?” Alperovitch says he asked the analyst.

Esquire reported:

The analyst said there was no doubt. Falcon had detected malicious software, or malware, that was stealing data and sending it to the same servers that had been used in a 2015 attack on the German Bundestag. The code and techniques used against the DNC resembled those from earlier attacks on the White House and the State Department. The analyst, a former intelligence officer, told Alperovitch that Falcon had identified not one but two Russian intruders: Cozy Bear, a group CrowdStrike’s experts believed was affiliated with the FSB, Russia’s answer to the CIA; and Fancy Bear, which they had linked to the GRU, Russian military intelligence.

Alperovitch then called Shawn Henry, a tall, bald fifty-four-year-old former executive assistant director at the FBI who is now CrowdStrike’s president of services. Henry led a forensics team that retraced the hackers’ steps and pieced together the pathology of the breach. Over the next two weeks, they learned that Cozy Bear had been stealing emails from the DNC for more than a year. Fancy Bear, on the other hand, had been in the network for only a few weeks. Its target was the DNC research department, specifically the material that the committee was compiling on Donald Trump and other Republicans. Meanwhile, a CrowdStrike group called the Overwatch team used Falcon to monitor the hackers, a process known as shoulder-surfing.

According to the Esquire story, Alperovitch was surprised when the DNC, which had contracted CrowdStrike for cybersecurity, wanted to go public about the alleged Russia hack, which took place at around the same time Donald Trump was being accused of having a relationship with Russia.

Esquire documented:

Hacking, like domestic abuse, is a crime that tends to induce shame. Companies such as Yahoo usually publicize their breaches only when the law requires it. For this reason, Alperovitch says, he expected that the DNC, too, would want to keep quiet.

By the time of the hack, however, Donald Trump’s relationship to Russia had become an issue in the election. The DNC wanted to go public. At the committee’s request, Alperovitch and Henry briefed a reporter from The Washington Post about the attack. On June 14, soon after the Post story publicly linked Fancy Bear with the Russian GRU and Cozy Bear with the FSB for the first time, Alperovitch published a detailed blog post about the attacks.

Google financing

CrowdStrike advertises on its website that it is “proud to have received major funding from some of the world’s most prestigious technology providers and investment firms” – most prominently Google Capital, which “led (a) $100M investment in CrowdStrike.”

In November, Google Capital re-branded itself and now goes by the name of CapitalG. It is a venture capital arm of Alphabet Inc.

CapitalG explained: “Founded in 2013 in Mountain View, California, we began as Google Capital, a growth equity investment fund. We changed our name to CapitalG in 2016, after Google created Alphabet to serve as its parent company. Though our name has changed, our goal remains the same: to make return-driven investments in leading companies around the world and help entrepreneurs rapidly grow their businesses.”

CapitalG’s website documents its close links to Google:

“Our Google connection is our key asset. We call on experts from Google’s offices around the world to help our portfolio companies grow… CapitalG works with Google experts to advise on product, engineering, marketing, sales, operations, and other essential areas to help companies scale effectively. The Googlers draw upon knowledge from their day to day roles to offer valuable technical advice—from scaling architecture, to making the transition to the cloud, to mobile development, to cybersecurity, and much more.”

Eric Schmidt, the chairman of Alphabet, which owns CapitalG, has been a staunch and active supporter of Hillary Clinton.

In November, the Wall Street Journal reported on an email released that month claiming Schmidt was “ready to fund, advise recruit talent” for Clinton’s campaign and that he “clearly wants to be head outside advisor.”

The Journal reported:

Mr. Schmidt in April 2014 backed a startup dubbed Timshel that helped develop some of the technology behind Mrs. Clinton’s campaign website, including functions to sign up supporters and accept donations, according to the emails.

Around that time, Mr. Schmidt sent a Clinton campaign official a lengthy memo with advice on running the campaign. He told campaign officials he was “ready to fund, advise recruit talent,” and “clearly wants to be head outside advisor,” according to a 2014 email from Clinton campaign Chairman John Podesta to campaign manager Robby Mook. Mr. Schmidt’s memo to Clinton aide Cheryl Mills is included in the leaked emails.

Schmidt drew up a plan for Clinton’s campaign a year before she announced her White House bid, released emails showed. He sent the memo to top Clinton aide Cheryl Mills, chief of staff to Clinton when she was secretary of state.

The Daily Mail reported:

The Google titan outlined a number of things, including one Clinton definitely listened to – where she should base her campaign headquarters. ‘Its important to have a very large hiring pool (such as Chicago or NYC) from which to choose enthusiastic, smart and low paid permanent employees,’ Schmidt argued.

He also nixed Washington, D.C., as an idea, even though it’s a thriving city for millennials. ‘DC is a poor choice as its full of distractions and interruptions,’ he wrote in the memo, emailed to Mills.

She then passed it along to John Podesta, whose emails were hacked and made public by Wikileaks.

Schmidt was spotted at Clinton’s nixed election night party wearing a “staff” badge.

Meanwhile, Shawn Henry, president of CrowdStrike Services and CSO of the firm, is a retired executive assistant director of the FBI.

“Henry, who served in three FBI field offices and at the bureau’s headquarters, is credited with boosting the FBI’s computer crime and cybersecurity investigative capabilities,” his CrowdStrike bio says.

Last April, CrowdStrike General Counsel and Chief Risk Officer Steven Chabinsky was appointed to President Obama’s White House Commission on Enhancing National Cybersecurity.

A CrowdStrike press release explained:

Under the Commission, Chabinsky and 11 other industry leaders have been directed by the White House to recommend “bold, actionable steps that the government, private sector, and the nation as a whole can take to bolster cybersecurity in today’s digital world.”

President Obama, in an official statement, commended the members for bringing ”a wealth of experience and talent to this important role,” and charged the Commission with “the critically-important task of identifying the steps that our nation must take to ensure our cybersecurity in an increasingly digital world.”

CrowdStrike co-founder Alperovitch, meanwhile, has a bad taste for Russia, according to the Esquire profile:

Alperovitch knows a thing or two about what the Russians call “active measures,” in which propaganda is used to undermine a target country’s political systems. He was born in 1980 in Moscow, in an era when people were afraid to discuss politics even inside their homes. His father, Michael, was a nuclear physicist who barely escaped being sent to Chernobyl as part of a rescue mission in 1986. Many of Michael’s close friends and colleagues died of radiation poisoning within months of flying to the burning power plant. The takeaway for Dmitri was that “life is cheap in the Soviet Union.”

Alperovitch is a nonresident senior fellow of the Cyber Statecraft Initiative at the Atlantic Council.  The Council takes a hawkish approach toward Russia and has released numerous reports and briefs about Russian aggression.

The Council is funded by the Rockefeller Brothers Fund, Inc, the U.S. State Department, and NATO ACT.

Another Council funder is the Ploughshares Fund, which in turn has received financing from billionaire George Soros’ Open Society Foundations.

In an interview with PBS, host Judy Woodruff asked Alpervotich whether he had a conflict of interest in the alleged Russia hacking case since his firm, which was helping to publicize the Russia claims, was employed by the DNC.

Here is a transcript of that section of the interview:

JUDY WOODRUFF: Now, Dmitri Alperovitch, we want to point out and we said earlier, you were — your company was the one that uncovered this in the first place. You were working for the Democratic National Committee. Are you still working — doing work for them?

DMITRI ALPEROVITCH: We’re protecting them going forward. The investigation is closed in terms of what happened there. But certainly, we’ve seen the campaigns, political organizations are continued to be targeted, and they continue to hire us and use our technology to protect themselves.

JUDY WOODRUFF: I ask you that because if there’s a question of conflict of interest, how do you answer that?

DMITRI ALPEROVITCH: Well, this report was not about the DNC. This report was about information we uncovered about what these Russian actors were doing in eastern Ukraine in terms of locating these artillery units of the Ukrainian army and then targeting them. So, what we just did is said that it looks exactly as the same to the evidence we’ve already uncovered from the DNC, linking the two together.

Aaron Klein is Breitbart’s Jerusalem bureau chief and senior investigative reporter. He is a New York Times bestselling author and hosts the popular weekend talk radio program, “Aaron Klein Investigative Radio.” Follow him on Twitter @AaronKleinShow. Follow him on Facebook.

With research by Joshua Klein.

COMMENTS

Please let us know if you're having issues with commenting.