Menu
FBI dispute with DNC over hacked servers may fuel doubt on Russia role

FBI dispute with DNC over hacked servers may fuel doubt on Russia role

The FBI never gained access to the DNC's hacked servers, instead relying on evidence provided from CrowdStrike

The FBI may have been forced into a misstep when investigating whether Russia hacked the Democratic National Committee -- the agency never directly examined the DNC servers that were breached.

Instead, the FBI had to rely on forensic evidence provided by third-party cybersecurity firm CrowdStrike, which the DNC hired to mitigate the breach.

“The FBI repeatedly stressed to DNC officials the necessity of obtaining direct access to servers and data, only to be rebuffed,” the agency said on Thursday in a statement.

The incident threatens to spark more skepticism over whether the U.S. properly arrived at its conclusion that Russian cyberspies were responsible for the breach.

“The FBI may have all the evidence or not,” said John Bambenek, a researcher with Fidelis Cybersecurity. “But this case has been handled so unusually, it gives everyone a reason to latch on and cast doubt.”

News that the FBI failed to directly examine the hacked servers came on Wednesday, when Buzzfeed reported that a DNC spokesman said that the agency had never requested access.

On Thursday, the FBI contested that claim, saying the denial of access "caused significant delays and inhibited the FBI from addressing the intrusion earlier."

It's unclear why the DNC allegedly blocked access to the servers. But companies that have been breached are sometimes fearful of exposing sensitive data to outside parties, said Andrei Barysevich, a director at security firm Recorded Future. 

“The FBI was investigating Hillary Clinton at the time (over her private email server),” he said. “So it’s totally possible, the DNC didn’t want them involved at any stage of the investigation because of that.”

Nor can the FBI force an affected party to turn a server over, Barysevich said. However, the whole incident may raise questions over whether federal agents saw all the evidence related to the breach. “CrowdStrike is not obligated to share everything with law enforcement,” Barysevich said. “That could have potentially interfered with the investigation.”

CrowdStrike didn’t immediately respond to a request for comment. But it wasn’t the only private security firm to examine the breach. Fidelis Cybersecurity was brought in to look at the malware samples, and concluded that suspected elite Russian hackers were behind the intrusion.

Nevertheless, the FBI should have conducted its own review of the hacked servers, Bambenek said. “This is a highly political case, and perception matters,” he said. "In this situation, they need to be building credibility." 

Critics might now question if the FBI missed pieces of evidence in its investigation or if U.S. intelligence agencies rushed to blame Russia for the hack. 

“You’re telling me the law enforcement community didn’t actually look at the (server) drives themselves? Are you trying to sow conspiracy theories?” Bambenek said.

U.S. intelligence agencies, including the FBI, have blamed the DNC breach and other high-profile political hacks on the Kremlin attempting to influence last year’s election. To retaliate, the White House last month expelled Russian diplomats from the U.S. and ordered sanctions against the country.

U.S. President Barack Obama may very well shed more light on why the U.S. believes Russia was involved. He has ordered U.S. intelligence agencies to come out with a full report that will detail the Kremlin's role in the election-related hacks. A declassified version of that report is scheduled to become public on Monday.

However incoming President Donald Trump remains skeptical that Russia is to blame. His camp previously rejected U.S. intelligence findings on the matter, saying “these are the same people that said Saddam Hussein had weapons of mass destruction.”

Follow Us

Join the New Zealand Reseller News newsletter!

Error: Please check your email address.

Slideshows

Top 50 defining moments of the New Zealand channel in 2016

Top 50 defining moments of the New Zealand channel in 2016

Reseller News looks back on a tumultuous 12 months for the New Zealand channel, assessing the fallout from a year of sizeable industry change. Whether it be local or global mergers and acquisitions, distribution deals or job changes, the channel that started the year differs somewhat to the one set to finish it - Reseller News assesses the key moments that made 2016.​

Top 50 defining moments of the New Zealand channel in 2016
​Hewlett Packard Enterprise honours high achieving NZ channel

​Hewlett Packard Enterprise honours high achieving NZ channel

Hewlett Packard Enterprise honoured its top performing Kiwi partners at the second running of its HPE Partner Awards in New Zealand, held at a glitzy ceremony in Auckland. Recognising excellence across eight categories - from distributors to resellers - the tech giant celebrated its first year as a standalone company, following its official split from HP in 2015.

​Hewlett Packard Enterprise honours high achieving NZ channel
Nutanix treats channel partners to Christmas cruise

Nutanix treats channel partners to Christmas cruise

Nutanix recently took to the seas for a Christmas Cruise around Sydney Harbour with its Australia and New Zealand staff, customers and partners to celebrate a stellar year for the vendor. With the sun out, they were all smiles and mingled over drinks and food.

Nutanix treats channel partners to Christmas cruise
Show Comments