FBI dispute with DNC over hacked servers may fuel doubt on Russia role

The FBI never gained access to the DNC's hacked servers, instead relying on evidence provided from CrowdStrike

The FBI may have been forced into a misstep when investigating whether Russia hacked the Democratic National Committee -- the agency never directly examined the DNC servers that were breached.

Instead, the FBI had to rely on forensic evidence provided by third-party cybersecurity firm CrowdStrike, which the DNC hired to mitigate the breach.

“The FBI repeatedly stressed to DNC officials the necessity of obtaining direct access to servers and data, only to be rebuffed,” the agency said on Thursday in a statement.

The incident threatens to spark more skepticism over whether the U.S. properly arrived at its conclusion that Russian cyberspies were responsible for the breach.

“The FBI may have all the evidence or not,” said John Bambenek, a researcher with Fidelis Cybersecurity. “But this case has been handled so unusually, it gives everyone a reason to latch on and cast doubt.”

News that the FBI failed to directly examine the hacked servers came on Wednesday, when Buzzfeed reported that a DNC spokesman said that the agency had never requested access.

On Thursday, the FBI contested that claim, saying the denial of access "caused significant delays and inhibited the FBI from addressing the intrusion earlier."

It's unclear why the DNC allegedly blocked access to the servers. But companies that have been breached are sometimes fearful of exposing sensitive data to outside parties, said Andrei Barysevich, a director at security firm Recorded Future. 

“The FBI was investigating Hillary Clinton at the time (over her private email server),” he said. “So it’s totally possible, the DNC didn’t want them involved at any stage of the investigation because of that.”

Nor can the FBI force an affected party to turn a server over, Barysevich said. However, the whole incident may raise questions over whether federal agents saw all the evidence related to the breach. “CrowdStrike is not obligated to share everything with law enforcement,” Barysevich said. “That could have potentially interfered with the investigation.”

CrowdStrike didn’t immediately respond to a request for comment. But it wasn’t the only private security firm to examine the breach. Fidelis Cybersecurity was brought in to look at the malware samples, and concluded that suspected elite Russian hackers were behind the intrusion.

Nevertheless, the FBI should have conducted its own review of the hacked servers, Bambenek said. “This is a highly political case, and perception matters,” he said. "In this situation, they need to be building credibility." 

Critics might now question if the FBI missed pieces of evidence in its investigation or if U.S. intelligence agencies rushed to blame Russia for the hack. 

“You’re telling me the law enforcement community didn’t actually look at the (server) drives themselves? Are you trying to sow conspiracy theories?” Bambenek said.

U.S. intelligence agencies, including the FBI, have blamed the DNC breach and other high-profile political hacks on the Kremlin attempting to influence last year’s election. To retaliate, the White House last month expelled Russian diplomats from the U.S. and ordered sanctions against the country.

U.S. President Barack Obama may very well shed more light on why the U.S. believes Russia was involved. He has ordered U.S. intelligence agencies to come out with a full report that will detail the Kremlin's role in the election-related hacks. A declassified version of that report is scheduled to become public on Monday.

However incoming President Donald Trump remains skeptical that Russia is to blame. His camp previously rejected U.S. intelligence findings on the matter, saying “these are the same people that said Saddam Hussein had weapons of mass destruction.”

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Michael Kan

IDG News Service
Show Comments

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Kurt Hegetschweiler

Brother PocketJet PJ-773 A4 Portable Thermal Printer

It’s perfect for mobile workers. Just take it out — it’s small enough to sit anywhere — turn it on, load a sheet of paper, and start printing.

Matthew Stivala

HP OfficeJet 250 Mobile Printer

The HP OfficeJet 250 Mobile Printer is a great device that fits perfectly into my fast paced and mobile lifestyle. My first impression of the printer itself was how incredibly compact and sleek the device was.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?