President Barack Obama approved a statement by the U.S. intelligence community in October 2016 accusing Russia of stealing emails from the Democratic National Committee (DNC), despite the U.S. government not having obtained the DNC server images crucial to ascertaining whether Moscow was involved in the theft.
FBI emails recently made public during the trial against now-acquitted DNC attorney Michael Sussmann show the bureau was still in the process of requesting images of the DNC servers on Oct. 13, 2016. The server images, which are equivalent to a virtual copy of the alleged crime scene, were taken by private cybersecurity firm CrowdStrike.
On Oct. 7, six days before CrowdStrike agreed to mail the server images to the FBI, the Department of Homeland Security (DHS) and the Office of the Director of National Intelligence (ODNI) released a statement accusing Russia of hacking U.S. political organizations and disseminating emails allegedly stolen through the hack. The statement was approved and encouraged by Obama, according to then-DHS Secretary Jeh Johnson.
“The president approved the statement. I know he wanted us to make the statement. So that was very definitely a statement by the United States government, not just Jim Clapper and me,” Johnson told the House Intelligence Committee in June 2017, referring to then-Director of National Intelligence James Clapper.
The DHS, ODNI, and the office of Barack Obama did not respond to requests for comment.
The Oct. 7, 2016, statement said that the U.S. intelligence community, which is composed of more than a dozen agencies including the FBI, was “confident that the Russian Government directed the recent compromises of e-mails from US persons and institutions, including from US political organizations.”
“The recent disclosures of alleged hacked emails on sites like DCLeaks.com and WikiLeaks and by the Guccifer 2.0 online persona are consistent with the methods and motivations of Russian-directed efforts,” the statement said.
The lack of server images at the time the statement was released highlights the question of what the intelligence community used to establish Russia’s involvement.
On Aug. 31, 2016, CrowdStrike provided a report on the DNC hack to the FBI. The FBI special agent who reviewed the report called it “heavily redacted,” according to the Senate Intelligence Committee’s report on the Russia investigation. FBI Assistant Director James Trainor was so frustrated with the redactions that “he doubted its completeness because he knew that outside counsel had reviewed it.”
The “outside counsel” Trainor referred to is all but certainly Michael Sussmann, who served as the DNC’s point of contact for all intrusion-related matters. Sussmann was acquitted last month of one charge of lying to the FBI about whether he was representing the DNC when he took a white paper to the FBI that alleged a connection between then-presidential candidate Donald Trump and Russia. The FBI agents who reviewed the paper found the claims in it unfounded within 24 hours.
On Sept. 30, 2016, one week before the release of the statement accusing Russia of the hack, the FBI was still seeking copies of the CrowdStrike reports without the redactions. That day, FBI Agent Adrian Hawkins listed copies of the unredacted CrowdStrike reports as the number one priority request to the DNC, according to another email made public as a trial exhibit in the Sussman case.
The FBI never received the unredacted reports, according to a government court filing in the case against Roger Stone. According to the filing, lawyers for the DNC told prosecutors that “no redacted information” in the CrowdStrike reports “concerned the attribution of the attack to Russian actors.”
Special counsel Robert Mueller alleged that the hack of the DNC during which emails were stolen took place on or around May 25 to June 1, 2016. That timeframe is significant because CrowdStrike has since told The Epoch Times that the DNC systems were not hacked during that time frame. Crowdstrike had deployed 200 sensors and other counter-intrusion technologies on the committee’s network within the first week of its engagement, which began on May 1, 2016.
“There is no indication of any subsequent breaches taking place on the DNC’s corporate network or any machines protected by CrowdStrike Falcon,” the company told The Epoch Times in August 2020.
CrowdStrike President Shawn Henry, who was in charge of the firm’s work on the DNC intrusion, has told congressional investigators that his company did not have concrete evidence that emails had been stolen from the DNC.
“We have indicators that data was exfiltrated. We did not have concrete evidence that data was exfiltrated from the DNC, but we have indicators that it was exfiltrated,” Henry told lawmakers on Dec. 5, 2017.
The alleged hacking of the DNC and the subsequent release of the committee’s emails was the nexus of allegations of collusion with Russia that plagued the administration of President Donald Trump.