The company with F.B.I. links was responsible for a massive computer outage affecting airlines, banks, and hospitals, following its dodgy role in the Russiagate affair.
The cyber-security firm CrowdStrike, which was in the middle of the fake Russiagate scandal, suffered a serious blow beginning Thursday night when a faulty update to its security software that it sent out caused Microsoft computers across the world to crash, seriously affecting air and train travel; banking; broadcasting, health care and other industries.
The devastating episode was costly for company: it has lost 12 percent of its value on the stock market. The amount of money lost by companies that were affected has not yet been calculated. It is not the first time the 13-year old firm has been involved in controversy.
We are reprinting here an article written for Consortium News in 2020 by former C.I.A. analyst Ray McGovern that exposes closed-door testimony by CrowdStrike executive Shawn Henry to the U.S. House intelligence committee in which he says there is no definitive evidence that Democratic Party emails had been hacked from its servers.
That explosive testimony, which remained secret for nearly three years, exploded the myth that Russia had hacked the DNC and gave its emails to WikiLeaks.
Twin Pillars of Russiagate Crumble
For two and a half years the House Intelligence Committee knew CrowdStrike didn’t have the goods on Russia. Now the public knows too.
By Ray McGovern
Special to Consortium News
May 9, 2020
House Intelligence Committee documents released Thursday reveal that the committee was told two and half years ago that the F.B.I. had no concrete evidence that Russia hacked Democratic National Committee computers to filch the DNC emails published by WikiLeaks in July 2016.
The until-now-buried, closed-door testimony came on Dec. 5, 2017 from Shawn Henry, a protege of former F.B.I. Director Robert Mueller (from 2001 to 2012), for whom Henry served as head of the Bureau’s cyber crime investigations unit.
Henry retired in 2012 and took a senior position at CrowdStrike, the cyber security firm hired by the DNC and the Clinton campaign to investigate the cyber intrusions that occurred before the 2016 presidential election.
The following excerpts from Henry’s testimony speak for themselves. The dialogue is not a paragon of clarity; but if read carefully, even cyber neophytes can understand:
Ranking Member Mr. [Adam] Schiff: Do you know the date on which the Russians exfiltrated the data from the DNC? … when would that have been?
Mr. Henry: Counsel just reminded me that, as it relates to the DNC, we have indicators that data was exfiltrated from the DNC, but we have no indicators that it was exfiltrated (sic). … There are times when we can see data exfiltrated, and we can say conclusively. But in this case, it appears it was set up to be exfiltrated, but we just don’t have the evidence that says it actually left.
Mr. [Chris] Stewart of Utah: Okay. What about the emails that everyone is so, you know, knowledgeable of? Were there also indicators that they were prepared but not evidence that they actually were exfiltrated?
Mr. Henry: There’s not evidence that they were actually exfiltrated. There’s circumstantial evidence … but no evidence that they were actually exfiltrated. …
Mr. Stewart: But you have a much lower degree of confidence that this data actually left than you do, for example, that the Russians were the ones who breached the security?
Mr. Henry: There is circumstantial evidence that that data was exfiltrated off the network.
Mr. Stewart: And circumstantial is less sure than the other evidence you’ve indicated. …
Mr. Henry: “We didn’t have a sensor in place that saw data leave. We said that the data left based on the circumstantial evidence. That was the conclusion that we made.
In answer to a follow-up query on this line of questioning, Henry delivered this classic: “Sir, I was just trying to be factually accurate, that we didn’t see the data leave, but we believe it left, based on what we saw.”
Inadvertently highlighting the tenuous underpinning for CrowdStrike’s “belief” that Russia hacked the DNC emails, Henry added: “There are other nation-states that collect this type of intelligence for sure, but the — what we would call the tactics and techniques were consistent with what we’d seen associated with the Russian state.”
Interesting admission in Crowdstrike CEO Shaun Henry's testimony. Henry is asked when "the Russians" exfiltrated the data from DNC.
Henry: "We did not have concrete evidence that the data was exfiltrated from the DNC, but we have indicators that it was exfiltrated." ? pic.twitter.com/TyePqd6b5P
— Aaron Maté (@aaronjmate) May 8, 2020
Not Transparent
Try as one may, some of the testimony remains opaque. Part of the problem is ambiguity in the word “exfiltration.”
The word can denote (1) transferring data from a computer via the Internet (hacking) or (2) copying data physically to an external storage device with intent to leak it.
As the Veteran Intelligence Professionals for Sanity has been reporting for more than three years, metadata and other hard forensic evidence indicate that the DNC emails were not hacked — by Russia or anyone else.
Rather, they were copied onto an external storage device (probably a thumb drive) by someone with access to DNC computers. Besides, any hack over the Internet would almost certainly have been discovered by the dragnet coverage of the National Security Agency and its cooperating foreign intelligence services.
Henry testifies that “it appears it [the theft of DNC emails] was set up to be exfiltrated, but we just don’t have the evidence that says it actually left.”
This, in VIPS view, suggests that someone with access to DNC computers “set up” selected emails for transfer to an external storage device — a thumb drive, for example. The Internet is not needed for such a transfer. Use of the Internet would have been detected, enabling Henry to pinpoint any “exfiltration” over that network.
Binney
Bill Binney, a former NSA technical director and a VIPS member, filed a sworn affidavit in the Roger Stone case. Binney said: “WikiLeaks did not receive stolen data from the Russian government. Intrinsic metadata in the publicly available files on WikiLeaks demonstrates that the files acquired by WikiLeaks were delivered in a medium such as a thumb drive.”
The So-Called Intelligence Community Assessment
There is not much good to be said about the embarrassingly evidence-impoverished Intelligence Community Assessment (ICA) of Jan. 6, 2017 accusing Russia of hacking the DNC.
But the ICA did include two passages that are highly relevant and demonstrably true:
(1) In introductory remarks on “cyber incident attribution”, the authors of the ICA made a highly germane point: “The nature of cyberspace makes attribution of cyber operations difficult but not impossible. Every kind of cyber operation — malicious or not — leaves a trail.”
(2) “When analysts use words such as ‘we assess’ or ‘we judge,’ [these] are not intended to imply that we have proof that shows something to be a fact. … Assessments are based on collected information, which is often incomplete or fragmentary … High confidence in a judgment does not imply that the assessment is a fact or a certainty; such judgments might be wrong.” [And one might add that they commonly ARE wrong when analysts succumb to political pressure, as was the case with the ICA.]
The intelligence-friendly corporate media, nonetheless, immediately awarded the status of Holy Writ to the misnomered “Intelligence Community Assessment” (it was a rump effort prepared by “handpicked analysts” from only C.I.A., F.B.I., and NSA), and chose to overlook the banal, full-disclosure-type caveats embedded in the assessment itself.
Then National Intelligence Director James Clapper and the directors of the C.I.A., F.B.I., and NSA briefed President Obama on the ICA on Jan. 5, 2017, the day before they gave it personally to President-elect Donald Trump.
On Jan. 18, 2017, at his final press conference, Obama saw fit to use lawyerly language on the key issue of how the DNC emails got to WikiLeaks, in an apparent effort to cover his own derriere.
Obama: “The conclusions of the intelligence community with respect to the Russian hacking were not conclusive as to whether WikiLeaks was witting or not in being the conduit through which we heard about the DNC e-mails that were leaked.”
So we ended up with “inconclusive conclusions” on that admittedly crucial point. What Obama was saying is that U.S. intelligence did not know—or professed not to know—exactly how the alleged Russian transfer to WikiLeaks was supposedly made, whether through a third party, or cutout, and he muddied the waters by first saying it was a hack, and then a leak.
From the very outset, in the absence of any hard evidence, from NSA or from its foreign partners, of an Internet hack of the DNC emails, the claim that “the Russians gave the DNC emails to WikiLeaks” rested on thin gruel.
In November 2018 at a public forum, I asked Clapper to explain why President Obama still had serious doubts in late Jan. 2017, less than two weeks after Clapper and the other intelligence chiefs had thoroughly briefed the outgoing president about their “high-confidence” findings.
Clapper replied: “I cannot explain what he [Obama] said or why. But I can tell you we’re, we’re pretty sure we know, or knew at the time, how WikiLeaks got those emails.” Pretty sure?
Preferring CrowdStrike; ’Splaining to Congress
F.B.I. Director James Comey briefs President Barack Obama in June 2016. (Official White House Photo by Pete Souza/Flickr)
CrowdStrike already had a tarnished reputation for credibility when the DNC and Clinton campaign chose it to do work the F.B.I. should have been doing to investigate how the DNC emails got to WikiLeaks. It had asserted that Russians hacked into a Ukrainian artillery app, resulting in heavy losses of howitzers in Ukraine’s struggle with separatists supported by Russia. A Voice of America report explained why CrowdStrike was forced to retract that claim.
Why did F.B.I. Director James Comey not simply insist on access to the DNC computers? Surely he could have gotten the appropriate authorization. In early January 2017, reacting to media reports that the F.B.I. never asked for access, Comey told the Senate Intelligence Committee there were “multiple requests at different levels” for access to the DNC servers.
“Ultimately what was agreed to is the private company would share with us what they saw,” he said. Comey described CrowdStrike as a “highly respected” cybersecurity company.
Asked by committee Chairman Richard Burr (R-NC) whether direct access to the servers and devices would have helped the F.B.I. in their investigation, Comey said it would have. “Our forensics folks would always prefer to get access to the original device or server that’s involved, so it’s the best evidence,” he said.
Five months later, after Comey had been fired, Burr gave him a Mulligan in the form of a few kid-gloves, clearly well-rehearsed, questions:
BURR: And the F.B.I., in this case, unlike other cases that you might investigate — did you ever have access to the actual hardware that was hacked? Or did you have to rely on a third party to provide you the data that they had collected?
COMEY: In the case of the DNC, … we did not have access to the devices themselves. We got relevant forensic information from a private party, a high-class entity, that had done the work. But we didn’t get direct access.
BURR: But no content?
COMEY: Correct.
BURR: Isn’t content an important part of the forensics from a counterintelligence standpoint?
COMEY: It is, although what was briefed to me by my folks — the people who were my folks at the time is that they had gotten the information from the private party that they needed to understand the intrusion by the spring of 2016.
In June last year it was revealed that CrowdStrike never produced an un-redacted or final forensic report for the government because the F.B.I. never required it to, according to the Justice Department.
By any normal standard, former F.B.I. Director Comey would now be in serious legal trouble, as should Clapper, former C.I.A. Director John Brennan, et al. Additional evidence of F.B.I. misconduct under Comey seems to surface every week — whether the abuses of FISA, misconduct in the case against Gen. Michael Flynn, or misleading everyone about Russian hacking of the DNC. If I were attorney general, I would declare Comey a flight risk and take his passport. And I would do the same with Clapper and Brennan.
Schiff: Every Confidence, But No Evidence
Both pillars of Russiagate — collusion and a Russian hack — have now fairly crumbled.
Thursday’s disclosure of testimony before the House Intelligence Committee shows Chairman Adam Schiff lied not only about Trump-Putin “collusion,” [which the Mueller report failed to prove and whose allegations were based on DNC and Clinton-financed opposition research] but also about the even more basic issue of “Russian hacking” of the DNC.
[See: “The Democratic Money Behind Russia-gate”]
Five days after Trump took office, I had an opportunity to confront Schiff personally about evidence that Russia “hacked” the DNC emails. He had repeatedly given that canard the patina of flat fact during an address at the old Hillary Clinton/John Podesta “think tank,” The Center for American Progress Action Fund.
Fortunately, the cameras were still on when I approached Schiff during the Q&A: “You have every confidence but no evidence, is that right?” I asked him. His answer was a harbinger of things to come. This video clip may be worth the four minutes needed to watch it.
Ray McGovern works with Tell the Word, a publishing ministry of the ecumenical Church of the Saviour in inner-city Washington. A former C.I.A. analyst, his retirement he co-founded Veteran Intelligence Professionals for Sanity.
We have known now for some time that every word uttered by James Clapper, Adam Schiff and James Comey is not only a lie, but intentional disinformation. They are the Three Stooges of Deep State subterfuge.
Any company foolish enough to do business with ‘CrowdStrike’ has become subject to their role as part of the Deep State apparatus. If our media were not entirely owned by the DNC and Deep State, CrowdStrike should have been hounded out of business after they conspired with the Clinton campaign, FBI, NSA and CIA to rig the election for Hillary and destroy Trump.
In terms of the software failure itself, this is another example of how Microsoft’s inherent design of top-down central control of servers, often fails in spectacular ways.
Lessons learned for businesses are to ditch CrowdStrike outright and avoid Microsoft Windows whenever possible.
It’s one thing for anyone even slightly left of center to dislike Trump. It’s another when the neolib/neocon cabal seems to.
Why did the Cheney trained neocons shift to a D administration? One answer: because it”s there. Because uniparty. Because the Ds represent the administrative and professional elite. The class who as bureaucrats keep oligarchies, plutocracies, and outright dictatorships in operation.
However, that doesn’t explain why the neocons appear to be anti-Trump. Except for the occasional right wing brand populist remarks to keep his base loyal, he seems fine with neolib trickle-up economics. So are the neocons leery of his inconsistencies, his unpredictability, therefore that he’s not fully controllable? Or is he insufficiently pro-empire and endless wars? Or is there something else?
I believe it would be helpful to the public if we had “least untruthful truths” contests to edify the voters.
These would be inspired by that patriot James Clapper who coined this phrase in his effort to do his best to serve the country by stating “the least untruthful truth” whenever possible.
This candidate, from Ray’s account here, might serve as the type of entry worthy of considering:
“In answer to a follow-up query on this line of questioning, Henry delivered this classic: ‘Sir, I was just trying to be factually accurate, that we didn’t see the data leave, but we believe it left, based on what we saw’.”
While I am hardly anyone to talk about avoiding Google at every juncture (as, e.g., someone who still has an active Gmail account, while using YouTube and Google Maps on an almost daily basis, albeit not to the exclusion of other video-sharing and digital mapping sites), I have tried to diversify my online presence to a variety of other search engines, such as Brave, Startpage, Ecosia, DuckDuckGo, Swisscows, and (more ambivalently) Bing, Yahoo, Yandex, and Baidu, while consciously avoiding using Google (or any other large platform) as an intermediary for storing new passwords or logging into accounts on other sites. When there is a will, there is a way (at least to a greater extent than many who have internalized a degree of learned helplessness are often wont to suppose)!
Many thanks for your in-depth article . . . sadly not on MSM anywhere. Wonder if you might try getting on Glenn Greenwald’s podcast
Please continue working for peace . . . with thanks and admiration and as Roy Bourgeoise signs off “in solidarity”, Carolyn
I am totally baffled at how a company this seedy managed to not only grow after 2016 but somehow became the “industry standard”. Is marketing that powerful? Do Windows users just do absolutely zero vetting of their IT services? I wouldn’t be at all surprised to learn at some point that they were the recipient of some kind of spook agency money via In-Q-Tel or some other cutout.
Please tell me why this ridiculous made-up word exfiltrated keeps being used as if it has some intrinsic meaning.
So the “private agency” that the FBI relied on – without checking on, or confirming it, by examination of the actual DNC servers on which the e-mails in question were located – is the same “security agency” – CrowdStrike – that has crashed the Internet with its incompetence –
Obama – “The conclusions of the intelligence community with respect to the Russian hacking were not conclusive as to whether WikiLeaks was witting or not in being the conduit through which we heard about the DNC e-mails that were leaked.”
“Leaked” – a Freudian slip? Nice diversion – by focusing on the “wittingness” of Wikileaks – gee, maybe they accidentally released the e-mails? – from the real issue – how did Wikileaks get them – but he “accidentally” spills the beans when he says they were, indeed, leaked …
This of course re-opens, or should, but won’t, the question of who leaked them …. and if the leaker has been silenced.
If, when, Trump wins again – Russiagate will be resurrected, 3rd Parties will be blamed and assoc. with Russia (its already happening), and the DP will once again fail to look in the mirror and understand, let alone acknowledge, that it was/is its betrayal in failing to deliver anything of real value to “we the people” that is a significant, if not defining, reason for people turning to the “only other” Party they have been told is available to them – the GOP
And the duopoly, esp. the DP, is doing its best to make sure that there is no other Party on the ballot people can choose …
I am far beyond being “frustrated” by the DP, even beyond being disgusted by it – but I am frustrated by the failure of too much of “progressive/lefty” media with its failure to point out, and discuss, how that duopoly is making sure there is no opposition to it – the silence is deafening ….
Frankly, I am pretty much fed up, perhaps more bored, actually by reading piece after piece on multiple sites about how bad, by turns, the Ds and/or the Rs are – without pointing out and discussing how we the people have had alternatives to them, on the ballot, for decades – I have voted 3rd Party since ’96 – but so many “Lefty” sites persist in, what amounts to, carrying water for that duopoly by failure to discuss at least, if not actually promote, the alternatives we do have, and how that apparently “hated” duopoly is doing its best, in word (3rd Parties can’t win, are spoilers) and deed, out of debates, off ballots to keep us not only from being able to choose them, but in wanting to …
The World Socialist Web Site has not been silent on this issue. Your implied slur on “progressive/lefty” media reveals your hostility to socialism, which I find unacceptable. I have voted for the Socialist Equality Party since 2000 and fully support that party. Just recently there was published an article about how the Democratic Party works to prevent third (or fourth or fifth) parties from obtaining ballot status. Go to the WSWS and read all about it.
Gotta admit the WSWS is not on my routine reading list – but this site and others are – and crickets …
One article, on one site …. if that’s all you’ve got, it seems to me that rather bolsters my “complaint”
Your assumption that my putting “progressive/lefty” in quotes implies an antipathy toward socialism, seems rather specious to me, or perhaps it is more indicative of the other thing that frustrates me enormously – the failure of lefty/progressive/socialist etc. parties to come together around single candidates and run unified campaigns, as they appear to have done in France, on pretty short notice. There seem to be more of such parties here than you can shake a stick at – e.g. DSA, or SA. I thought political parties were about elections, and putting people in office who would enact, and not just talk about, all the issues that are so vitally important to so many. I am registered “independent” or “non- aligned” – I vote person and principle, not ideology – sorry if that is “unacceptable” to you – but time is running out on so many fronts, and insisting on purity in ideology will not get us where we need to go – if there is one thing all these different parties agree on it is that the duopoly must go! It is leading us ever more rapidly to extinction …
So who’s your candidate, how many ballots is (s)he on? What and where is the SEQ running and how does its platform mesh with other parties ….
BREAKING
There is an unconfirmed rumor that FBI chief Christopher Wray had planned to announce that CrowdStrike had just been selected — on the advice of his predecessors James Comey and Robert Mueller — to conduct the “thorough and swift investigation” ordered by President Biden on the attempted assassination of Donald Trump … And that, lacking a “totally reliable” alternative to CrowdStrike, Wray was going to select it anyway — despite its responsibility for yesterday’s worldwide software crash … And that, having read Consortium News this morning, Wray has now decided, instead, to ask former CIA Director John Brennan to summon his “totally reliable”, hand-picked analysts to do the same kind of “thorough and swift investigation” that they did earlier in conjuring up “Russian hacking” in the first place.
The above information, at this time of writing, remains unconfirmed. It comes from Washington Post-type sources who prefer to remain anonymous because they are not authorized to share this information — given the sensitivity of the matter.
LOL! “Given the sensitivity of the matter” – indeed, screwing things up usually is a very sensitive matter ….
Considering CrowdStrike was the FBI’s example of a “totally reliable” source, one wonders what it was considered totally “reliable” in doing – covering up? BSing?
Am popping the corn in anticipation of what this “thorough and swift investigation” will conjure up …
Thanx, Ray – spot on, as usual …
I am still curious why, in light of all the new evidence, or lack thereof, hasn’t the case of Seth Rich’s unsolved murder not been re-opened so the public can seek the truth. We all know the DNC hired lawyers for his parents who later sued Fox News and Murdoch wrote a seven figure check to them without Hannity having to admit wrongdoing. Why doesn’t the Rich family want the truth? Was it part of Murdoch’s settlement?
I have believe from the beginning, and I believe Tulsi Gabbard knows as well, that Seth downloaded the emails of the conspiracy by the Clinton campaign against Bernie Sanders. Even Julian Assange eluded to Seth being the one who provided the flash drive – meaning DNC leaks versus hack. That would mean CrowdStrike also knew it was a leak and not a hack. CS probably told the DNC what happened and politically, the FBI and CIA covered it up and also blamed it on the Russians.
It would be nice to finally get the truth. Maybe Assange, now that he’s free, can place a few pieces in the puzzle.
I think that although it would indeed be nice to identify and prosecute the miscreants in this affair – there is another, , and, and in my mind, perhaps a more important consideration, and that is re the families of both Assange and Rich. Of course it could be argued that they deserve “justice”, but, at this point, for both, perhaps what they want, more than “justice”, which would require a long, drawn out, publicity filled investigation, which, lets be honest, would not result in such “justice” – is peace. I know the phrase “no justice, no peace”, but I would posit that perhaps, for some families, peace does not require “justice” – they and their loved ones who have suffered from all the negative attention that goes along with a long drawn out endless search for that Justice, may need, more than anything, peace, and time to heal …..
For those of us who know the truth about these folks, they will be remembered as heroes, but I suspect that both would wish for their families to be left alone, something a search for “justice” would not allow. And I can’t help feeling that perhaps a good part of Assange’s agreement to “take a plea” was for the sake of his family …
You mean Julian “alluded” to Seth Rich being the leaker.
It is so dangerous that a few private companies have so much power and many people rely on.them for much of their activities. I try to avoid social media but cannot avoid google
All you need to know at this point is that it is literally forbidden to mention the name Seth Rich. Why would anyone be so upset about mentioning someone’s name? The fact that it is a taboo tells you something is amiss. I am certain that it would be very enlightening if a full and real investigation was done on the circumstances of his death, but we are not even supposed to bring the topic up.
John,
See the article on my website raymcgovern.com titled “FBI: Another Fraud on the Court?”
hxxps://raymcgovern.com/2020/12/29/fbi-another-fraud-on-the-court/
Not to worry, John. As you will see, the FBI is on it!
Ray
Just read your article and i have 2 questions – why did you use the term “emasculate” with regard to Trump, and was Wikileaks in the habit of paying its sources? Was Rich paid?
“Suffered a serious blow” ??? Companies like these don’t even suffer shame.
But they do suffer a dramatic drop in their valuation and that’s a blow.
Revenge is a dish best served cold. How many other little land mines have the Russians left in Crowdstrikes services?
Your Russophobia is really disgusting.
I hope their stock tanks. As Wendell Berry says, “Long live gravity!”