The cybersecurity firm that investigated and remediated the alleged hack of the Democratic National Committee’s servers in 2016 found no direct evidence that hackers stole any data or emails, according to a newly declassified interview transcript.
Shawn Henry, the president of CrowdStrike Services, told the House Intelligence Committee in late 2017 that his firm had no evidence that the alleged Russian hackers stole any data from the Democratic National Committee (DNC) servers.
“There’s not evidence that they were actually exfiltrated,” Henry said. “There’s circumstantial evidence, but no evidence that they were actually exfiltrated.”
Of the more than 44,000 emails published by WikiLeaks, more than 98 percent were sent and received by senior DNC officials between April 18 and May 25 of 2016. During more than half of that time frame, CrowdStrike had already installed its software on the DNC’s servers and was monitoring the network.
In its response for an explanation for how the hackers pilfered the emails on its watch without leaving a trace, CrowdStrike pointed to a portion from Henry’s testimony which does not address the alleged breach.
“So the analysis started the first day or two in May, and then that was about 4 to 6 weeks, I think, on June 10th, we started what we call the remediation event. So we collected enough intelligence. We identified where the adversaries were in the environment. We came up with a remediation plan to say we see them in multiple locations. These are the actions that we need to execute in order to put a new infrastructure in place and to ensure that the adversaries don’t have access to the new infrastructure. So that would have been June 10th when we started. And we did the remediation event over a couple of days,” Henry said.
A CrowdStrike spokesperson, referencing the period after the alleged hack, wrote in an email to The Epoch Times that, “to be clear, there is no indication of any subsequent breaches taking place on the DNC’s corporate network or any machines protected by CrowdStrike Falcon.”
The company did not respond to a request to explain how the emails were allegedly pilfered under its watch and why it failed to find evidence despite closely monitoring the servers with full awareness that hackers were present.
Mueller’s indictment alleges that Russian hackers broke into a DNC server and stole emails on or about May 25 and June 1 of 2016, roughly three weeks after CrowdStrike installed its software on the DNC servers and assessed that Russian hackers had gained access.
Henry was not the only one to contradict Comey. The DNC’s director of technology, Andrew Brown, told the House Intelligence Committee the DNC fully cooperated with every FBI request. The DNC’s IT director, Yared Tamene, told the committee the FBI never requested access to the physical servers. And Michael Sussmann, the DNC’s outside counsel, told the committee that the FBI declined a DNC offer for full access to its servers.
According to Tamene, the DNC handed over images of its servers to CrowdStrike, which then handed them over to the FBI in May and June of 2016. Mueller’s final report on the Russia investigation cites these images, alongside redacted grand jury material, as the source for the allegation that Russian hackers stole the DNC emails. The FBI never examined the physical DNC servers.
According to a CrowdStrike report cited by Rep. Adam Schiff (D-Calif.) the hackers allegedly “staged” a trove of DNC files for exfiltration on April 22. According to the Netyshko indictment, the hackers allegedly “compressed gigabytes of data from DNC computers, including opposition research” and “later moved the compressed DNC data” to a computer leased in Illinois. The indictment does not allege that the hackers moved the files from the Illinois system.
The charges in the Netyshko indictment remain alleged as the case is unlikely to be heard before a court since the defendants are in Russia. The government recently moved to drop the charges against an alleged Russian social media influence operation after the defendants mounted a defense in court.
The special counsel concluded his 22-month investigation last year finding insufficient evidence that anyone on the Trump campaign colluded with Russia to influence the 2016 election.
The DNC did not respond to a request for comment.
