CrowdStrike: a Conspiracy Wrapped in a Conspiracy Inside a Conspiracy

Frontpage Mag ^ | Nov 29, 2019 | Oleg Atbashian

[semimojo]

Until a report comes out I consider Footnote 135 as just one more lie among many. You can take it as gospel truth, but I'm not that gullible.

You've just perfectly made my point.

The Mueller Report unambiguously says the FBI got the images and the logs (yes, they're electronic files so almost by definition they're copies) and you choose to disbelieve it simply because the facts are at odds with you conspiracy theory.

[semimojo]

...the people who were my folks at the time is that they had gotten the information from the private party that they needed to understand the intrusion by the spring of 2016.

Comey's saying his forensic team at the FBI got what they needed to do their analysis (server images and logs) from CrowdStrike.

Just like I've been saying.

They would have liked to get access to the physical servers too but that didn't stop them from reaching the same conclusion that CrowdStrike had.

I don't see the controversy here.

[philman_36]

And we know what “They” say is not true.
At least you've moved off of your previous position.
Everything "they" say is not true? How do you know that? You must have really good sources.

The President and his lawyer think that there is a DNC server in Ukraine.

Crowdstrike is not a Ukranian company owned by a very wealthy Ukranian.
Isn't that called "bait"? "They" seem adept at throwing out "bait" and man, oh man, do "they" ever get strikes on that bait.

So there is no need for an investigation.
Thanks for sharing your opinion. I don't agree with you.

[philman_36]

The Mueller Report unambiguously says the FBI got the images and the logs...

Then where is the report on what was discovered by the FBI? There is always paperwork.
Why did the FBI need to get copies of the logs if they had imaged drives of the servers?

You've just perfectly made my point.
You're avoiding my points.

[oincobx]

>>>Everything “they” say is not true? How do you know that?

Now you are playing word games. I did not say everything. I pointed out two things that they say that are false. If they can’t get those simple, easily verifiable facts right, why should we trust them on the other things?

[oincobx]

Crowdstrike is a publicly owned US company whose founders are US citzens. Shouldn’t we be looking for the server in the US instead kf Ukraine? Why does anyone think the server is in Ukraine?

[semimojo]

Then where is the report on what was discovered by the FBI? There is always paperwork. Why did the FBI need to get copies of the logs if they had imaged drives of the servers?

I don't know if those reports have been released or not - I haven't looked for them.

As to the logs, I don't know that either but it may be a function of the security architecture employed. Perhaps the logs were from dedicated perimeter monitoring devices?

Either way, does the fact that we haven't seen everything mean the FBI is lying when they say they got enough to confirm CrowdStrike's analysis?

[philman_36]

How many employees did the DNC have?
This site...NAICS Profile Page...says 155. No year given.

Why did they need 140 servers?

I would guess to hold all of the information they have on voters.
DNC gears up for 2020 with voter data overhaul

Since thread readers/responders like Wired so much...
Inside the Democrats’ Plan to Fix Their Crumbling Data Operation

Since 2011, Vertica has been the Democratic Party's central repository for data—a place to store every state's voter file, every door knock and phone call organizers make, and every bit of commercially available data that campaigns collect. Snip... Now, Krikorian’s team is preparing to pull the plug on Vertica and stand up a new, more powerful system called, simply, the Data Warehouse. It will be backed by Google’s analytics tool called BigQuery, a cloud-based platform capable of handling massive data sets at the scale and speed necessary for an organization the size of the Democratic party.And why did they have to “decommission” all 140? Can't you just install a new hard drive and re-program it?
Can't help you on those two. I will look into it.

And what happened to the John Podesta computer/server that got hacked? Where is that?

First off, phishing isn't hacking and Podesta didn't get "hacked", per se. People may claim they are the same thing but they are two separate things.
Phishing only needs a gullible subject, which Podesta was.
Hacking requires specific skills.

"podesta laptop" nypd

Not much "officially" is out there.

[oincobx]

>>>I have been following this story for 3 plus years

So can you tell me why it is thought that the server is in Ukraine and not France, Ghana or Sunnyvale, California.

[philman_36]

And why did they have to “decommission” all 140?

DEMOCRATIC NATIONAL COMMITTEE, Plaintiff, v. THE RUSSIAN FEDERATION, et al., Defendants. Case No. 1:18-cv-3501-JGK-SDA (page 31)

113. In order to remove the unauthorized users from its network, the DNC had to decommission more than 140 servers, remove and reinstall all software, including the operating systems, for more than 180 computers, and rebuild at least 11 servers. Of note... 114. Both CrowdStrike’s forensic analysis and the U.S. Government concluded that the DNC’s computer systems had been hacked by two independent, sophisticated Russian state-sponsored adversaries, both with a nexus to Russia’s intelligence services.⁷⁹

⁷⁹ Department of Homeland Security and the Federal Bureau of Investigation,GRIZZLY STEPPE –Russian Malicious Cyber Activity(December 29, 2016),available athttps://www.us-cert.gov/sites/default/files/publications/JAR_16-20296A_GRIZZLY%20STEPPE-2016-1229.pdf.

It doesn't say "Both CrowdStrike’s forensic analysis and the U.S. Government's forensic analysis concluded that the DNC’s computer systems had been hacked..."

Can't you just install a new hard drive and re-program it?

I suppose you could do that on laptops/computers. It seems they just reinstalled all the software, including the operating systems. If they didn't replace the hard drives they could still be vulnerable to BIOS/Boot Sector code hacks still resident on the old drives if they weren't cleaned up properly.

[philman_36]

So can you tell me why it is thought that the server is in Ukraine and not France, Ghana or Sunnyvale, California.

Now oincobx wants you, Pete Dovgan, to speak for someone else.

I wouldn't bother answering if I were you as the rhetorical question (which isn't really a question since there is no question mark I might add) is being asked simply for effect, not in any desire to get an actual answer.

[philman_36]

Perhaps the logs were from dedicated perimeter monitoring devices?

Why would the Cyber Crime unit/FBI even need that if they had the images? The logs would be resident on them.
The only logical answer is that CrowdStrike gave them the copies since their forensic analysis is the ONLY stated forensic analysis to have been conducted.

Either way, does the fact that we haven't seen everything mean the FBI is lying when they say they got enough to confirm CrowdStrike's analysis?

That isn't the issue. The issue is the claim that the FBI did a forensic analysis when it can't be shown that they did in fact carry out their own independent forensic analysis.

[philman_36]

Use your Find/Search function with "cybersecurity firm".

Report On The Investigation Into Russian Interference In The 2016 Presidential Election

Everything about the DNC "hacking" is based upon that cybersecurity firm's reporting.

¹⁹ Bears in the Midst: Intrusion into the Democratic National Committee, CrowdStrike (June 15,2016) (post originally appearing on June 14, 2016, according to records of the timing provided by CrowdStrike); Ellen Nakashima, Russian government hackers penetrated DNC, stole opposition research on Trump, Washington Post (June 14, 2016).Bears in the Midst: Intrusion into the Democratic National Committee

Russian government hackers penetrated DNC, stole opposition research on Trump

[philman_36]

An interesting aside...

Russian Hackers Penetrate Democratic National Committee, Steal Trump Research

Alperovitch said CrowdStrike was able to clear the hackers out of the computer network last weekend.

No mention of decommissioning anything, they were simply cleared out.

[oincobx]

Now oincobx wants you, Pete Dovgan, to speak for someone else.

No. He says he has been following this closely for 3 years. I assume that someone that has invested so much time in this might be able to tell me why it is thought to be in Ukraine. There has to be some reason Rudy Giuiliani is so intent on getting the Ukraine governnment to do an investigation.

[philman_36]

Comey's saying his forensic team at the FBI got what they needed to do their analysis (server images and logs) from CrowdStrike.

He doesn't say that. That's your own interpretation of what he said.

Reply 43...

COMEY: In the case of the DNC, and I believe the D triple C, but I'm sure the DNC, we did not have access to the devices themselves. We got relevant forensic information from a private party, a high class entity, that had done the work but we didn't get direct access.
BURR: But no content.
COMEY: Correct.
BURR: Isn't content an important part of the forensics from a counter-intelligence standpoint?
COMEY: It is but what was briefed to me by the people who were my folks at the time is that they had gotten the information from the private party that they needed to understand the intrusion by the spring of 2016.

If he meant a forensic team he would have said forensic team.
Why are you putting words in his mouth?

Here is some more info for you...
27:42... January 10, 2017 Russia's Role in Election-Year Hacking

Pick on the associated transcript link below the video. I can't seem to find a transcript of that hearing yet.

FBI Director Comey: Agency requested access to DNC servers

In a hearing with the Senate Intelligence Committee Tuesday afternoon outlining the intelligence agencies’ findings on Russian election interference, Comey said there were “multiple requests at different levels” for access to the Democratic servers, but that ultimately a “highly respected private company” was granted access and shared its findings with the FBI.
“Ultimately what was agreed to is the private company would share with us what they saw,” he said. The company to which Comey was referring is CrowdStrike, a cybersecurity company doing the internal defense and investigation for the DNC.

[philman_36]

Here ya go...ODNI Statement on Declassified Intelligence Community Assessment of Russian Activities and Intentions in Recent U.S. Elections Start at 40:00 mark. Chairman Burr. Director Comey, let me talk about forensics for just a minute, because the FBI has the expertise there. I know there's tremendous investigative value when the FBI is actually able to conduct their own forensics review on devices that have suffered cyber intrusions and attacks. I believe there's some confusion, though, or at least some conflicting reporting as to whether the FBI requested access to the DNC's services, the Democratic Congressional Committee servers, and John Podesta's personal devices. Did the FBI request access to those devices to perform forensics on them?

Director Comey. Yes, we did.

Chairman Burr. Would that access have provided intelligence or information helpful to your investigation and possibly to the findings included in the intelligence community assessments?

Director Comey. Our forensics folks would always prefer to get access to the original device or server that's involved. So it's the best evidence.

Chairman Burr. Were you given access to do the forensics on those servers?

Director Comey. We were not. A highly respected private company eventually got access and shared with us what they saw there.

Chairman Burr. But is that typically the way the FBI would prefer to do the forensics, or would your forensics unit rather see the servers and do the forensics themselves?

Director Comey. We'd always prefer to have access hands-on ourselves if that's possible.

Chairman Burr. Do you know why you were denied access to those servers?

Director Comey. I don't know for sure. I don't know for sure.

Chairman Burr. Was there one request or multiple requests?

Director Comey. Multiple requests at different levels, and ultimately what was agreed to is the private company would share with us what they saw.

No forensic study was conducted by any division of the FBI. If there had been one it would have violated the agreement that was made.

Sorry, but from the evidence at hand that is the only conclusion that I can draw.

[philman_36]

20 minutes to find the transcript?! You’re getting slow, old chap.

[KC Burke]

This has been discussed here for two years. it wasn’t ignored except by thed media and the FBI.

[oincobx]

>>>This has been discussed here for two years. it wasn’t ignored except by the media and the FBI.

Perhaps then you can answer my question from earlier. Why is the server believed by some (though perhaps not the President or philman_36, I don’t want to be accused of putting words in their mouths) to be in Ukraine?