Skip to content

CrowdStrike actions give appearance of Russian collusion. CrowdStrike knowingly allowed alleged Russian malware to remain on DNC computers for over a month (May 5-June 11), sat and watched emails go out the door leading up to 7/25 Democrat Convention. Were CrowdStrike personnel vetted in same way FBI agents are? Would DNC have paid FBI agents investigating its computers as it did CrowdStrike? Is DNC guilty of treason for using private intel and not FBI?

“The company hooked up monitoring software to the DNC system on May 5, 2016 and it ‘lit up,’ indicating a breach. The company immediately determined that the culprit was Russia….In the weeks that followed, CrowdStrike said it built an entirely new computer and phone system for the DNC and monitored the hackers as they pilfered emails and research files. Over a month passed before CrowdStrike finally booted the hackers out of the system on June 10, 2016.”…The Democrat Convention began on July 25, 2016. 

4/5/17, “EXCLUSIVE: Cybersecurity experts who were first to conclude that Putin hacked presidential election ABANDON some of their claims against Russia – and refuse to co-operate with Congress,” Daily Mail, Alana Goodman 

Alperovitch said the company hooked up monitoring software to the DNC system on May 5, 2016 and it ‘lit up,’ indicating a breach. The company immediately determined that the culprit was Russia, based on the hacking techniques and the location of the server that was stealing the data, he said…. 

In the weeks that followed, CrowdStrike said it built an entirely new computer and phone system for the DNC and monitored the hackers as they pilfered emails and research files. 

Over a month passed before CrowdStrike finally booted the hackers out of the system on June 10, 2016.

The vast majority of the email theft appears to have occurred during this time. Although hacker ‘Guccifer 2.0’ claimed to have had access for a year, there did not appear to be the publication of emails to back this claim.”…

………………………

Added: Only a few days earlier, April 29, 2016, CrowdStrike had completed another job for the DNC and apparently noticed no “Russian hacking”:


From March to late April 2016, over a period of five weeksCrowdStrike spent 128 hours performing an investigation for the DNC into unauthorized access by members of then-primary candidate Bernie Sanders’ campaign staff into Hillary Clinton’s section of the DNC’s voter file system.…For unknown reasons, no Russian hacking was detected at that time (March-April 2016), suggesting CrowdStrike missed one or both of the Russian hacking groups that were allegedly present in the DNC network at the time.”… 


…………………………….


CrowdStrike finally removed alleged Russian malware over weekend of June 11-12, 2016, per Washington Post

5/15/17, updated 6/14/17, Did Russia hack the DNC? Jeffrey Marty, fighting15th.com 

 “The DNC re-hired CrowdStrike to evaluate its computer network. [On May 5, 2016] The company quickly assessed, using its own software, that two hacker networks affiliated with Russian intelligence likely carried out the attacks, one entering in 2015 and remaining (obtaining emails and messages) and the other entering at the end of April 2016 (taking opposition research files). CrowdStrike speculated that spear-phishing emails, which when opened install malicious software, were the method used; however, the firm denied having “hard evidence” in that regard. Notably, CrowdStrike was “not sure how the hackers got in, per a Washington Post article covering the story two months lateron June 14, 2016, which began the “Russian hackers” media narrative.
Nearly the entire theory is based on one report, from one private cybersecurity firm, with little-to-no corroboration by any intelligence agencies….

From March to late April 2016, over a period of five weeks, private cybersecurity firm CrowdStrike spent 128 hours performing an investigation for the DNC into unauthorized access by members of then-primary candidate Bernie Sanders’ campaign staff into Hillary Clinton’s section of the DNC’s voter file system. The breach lasted a total of one hour on December 15, 2015, after an internal firewall failed and provided the Sanders employees with unexpected access to the files. The DNC issued a press release about CrowdStrike’s findings on April 29, 2016, which confirmed–five weeks and 128 hours later–that a few Sanders staffers accessed Hillary Clinton’s voter data for an hour. For unknown reasons, no Russian hacking was detected at that time, suggesting CrowdStrike missed one or both of the Russian hacking groups that were allegedly present in the DNC network at the time…. 


Presumably, a private security company’s employees [such as CrowdStrike’s] are not vetted in a similar manner to FBI agents. It goes without saying that no one would ever find it acceptable for the DNC to pay the salaries of FBI agents investigating its network, but that’s exactly what happened in the business relationship between the DNC and Crowdstrike-a blatant conflict of interest. Further, choosing not to testify about methods and conclusions at an oversight hearing is not optional for the FBI, which is controlled (in theory) by our Constitution.”…

………………………….


Added: Malware was allowed to remain until June 11-12, 2016, per Washington Post: DNC Chair Wasserman Schultz said: When we discovered the intrusion, we…reached out to CrowdStrike immediately. Our team moved as quickly as possible to kick out the intruders and secure our network.””…Yes, CrowdStrike was there “immediately” on May 5, but didn’tkick out the intruders” until June 11-12, 2016:


6/14/2016, Russian government hackers penetrated DNC, stole opposition research on Trump, Washington Post, Ellen Nakashima  


Some of the hackers had access to the DNC network for about a year, but all were expelled over the past weekend in a major computer cleanup campaign, the committee officials and experts said.” [“The past weekend” was June 11-12, 2016] 


DNC leaders were tipped to the hack in late April (2016)….DNC leadership acted quickly after the intrusion’s discovery to contain the damage.”…

Rep. Debbie Wasserman Schultz (Fla.), DNC chairwoman: 

When we discovered the intrusion, we treated this like the serious incident it is and reached out to CrowdStrike immediately. Our team moved as quickly as possible to kick out the intruders and secure our network.””..

……………………

Added: DNC received professional cybersecurity warnings and advice in fall 2015 but ignored them: Bloomberg
7/27/2016,Democrats Ignored Cybersecurity Warnings Before Theft,” Bloomberg, Michael Riley

The Democratic National Committee was warned last fall (2015) that its computer network was susceptible to attacks but didn’t follow the security advice it was given, according to three people familiar with the matter.

The missed opportunity is another blow to party officials already embarrassed by the theft and public disclosure of e-mails that have disrupted their presidential nominating convention in Philadelphia and led their chairwoman to resign.

Computer security consultants hired by the DNC made dozens of recommendations after a two-month review, the people said. Following the advice, which would typically include having specialists hunt for intruders on the network, might have alerted party officials that hackers had been lurking in their network for weeks — hackers who would stay for nearly a year. 

Instead, officials didn’t discover the breach until April (2016). The theft ultimately led to the release of almost 20,000 internal e-mails through WikiLeaks last week on the eve of the convention.“…

………………..  

Added source about CrowdStrike:


Oct. 24, 2016, The Russian Expat Leading the Fight to Protect America, Esquire, Vicky Ward


On the morning of May 6, Dmitri Alperovitch woke up in a Los Angeles hotel….Late the previous night, his company had been asked by the Democratic National Committee to investigate a possible breach of its network. A CrowdStrike security expert had sent the DNC a proprietary software package, called Falcon, that monitors the networks of its clients in real time. Falcon “lit up,” the email said, within ten seconds of being installed at the DNC: Russia was in the network.”… 

………………………

Added: Everybody loves CrowdStrike: The Republican Establishment is also a CrowdStrike client: 

7/5/17, Hacked computer server that handled DNC email remains out of reach of Russia investigators, Washington Times, Dan Boylan

CrowdStrike has added the National Republican Congressional Committee to its client list. The NRCC also declined to answer questions for this report.”…
 
The firm (Crowdstrike) also has found success in generating venture capital support. Fortune magazine reported that it has raised $256 million and boasts a “valuation exceeding $1 billion.” 

Investors include Warburg Pincus, whose president, Timothy Geithner, worked for the Clinton and Obama administrations. [Weapons manufacturers such as Lockheed Martin, Raytheon, and Northrop Grumman are also CrowdStrike investors]. The Clinton campaign’s largest corporate contributor, Google, whose employees donated more than $1.3 million to Mrs. Clinton’s campaign last year, also has funded CrowdStrike.

During the election cycle last year, the DNC paid CrowdStrike more than $410,000. This year, it has collected more than $121,000 from the party.

The DNC declined to answer questions about CrowdStrike. During a telephone call with The Times, DNC communications staff also refused to discuss the location of its infamous server….

CrowdStrike has added the National Republican Congressional Committee to its client list. The NRCC also declined to answer questions for this report.”…

………………..

You’re Fake News because you’re a political institution: Public sees media as a political institution says PBS analyst Stuart Rothenberg. Poll shows more Americans trust Trump than the media by 7 points, NPR/PBS NewsHour/Marist Poll-July 3, 2017 PBS News Hour…Poll dates 6/21-6/25/17, land line and cell phone

7/6/17,PBS Poll: More Americans Trust Trump Than the Media; ‘Horrible Trend’, NewsBusters, Matthew Balan

“Monday’s [7/3] PBS NewsHour spotlighted the low trust in the news media, according to the results of their latest poll. Only 30 percent of those surveyed by NPR/PBS NewsHour/Marist trust the press “a good deal” or “a great amount.” The Trump administration scored seven points better in the same poll.”…

[Ed. note: I was unable to locate questions about trust in “news media” or “Trump administration” on the linked poll. Perhaps these results were made available to PBS but not to the general public, or perhaps I just missed them.]

(continuing): “Guest Stuart Rothenberg bemoaned the “horrible trend” towards distrust of the media over the past several decades. NPR’s Tamara Keith underlined that “these numbers are part of a very long trend of institutions losing trust from the American people; and that…puts America at risk.”

Host Judy Woodruff zeroed on the media’s poll numbers near the end of the segment with Rothenberg and Keith. She noted that “one of the things we looked at was…[the] high distrust of the news media.” 

After outlining the numbers, she turned to Rothenberg and asserted that “the bottom line here, Stu, is that the media may be a good whipping boy.”

The guest (Rothenberg) replied, “I think the public sees the media as a political institution — just as they see the White House, the President, and Congress.” After pointing out the “horrible trend,” Rothenberg pointed out “Gallup numbers in the early 1970s…[where] those of us in the media are regarded much worse than we were back then.”

Keith responded to the poll results by citing Senator Ben Sasse, who recently lamented that “we are at risk of getting to a place where we don’t have a shared set of public facts. A republic will not work if we don’t have shared facts.” She addded, “These numbers are part of a very long trend of institutions losing trust from the American people; and that…puts America at risk.”

The transcript of the relevant portion of the Stuart Rothenberg/Tamara Keith segment from the July 3, 2017 edition of PBS NewsHour:

“JUDY WOODRUFF: I do want to raise, in our last few minutes, this new CNN — I’m sorry. I had CNN on the brain from the video — the new poll that the NewsHour and NPR did in conjunction with Marist, where one of the things we looked at was what Stu — exactly what you mentioned — high distrust of the news media. More than two-thirds of Americans — they were asked, what do you think about trust in institutions? And here it is: thirty-seven percent, a good deal or a great amount of trust in the Trump administration; thirty percent — even less — trust in the news — in the media; and twenty [nine] — about on the same par as trust in Congress. And you go on to see trust in the intelligence community, twice that much — sixty percent — and in the courts, sixty percent. But the bottom line here, Stu, is that the media may be a good whipping boy. 

STUART ROTHENBERG, INSIDE ELECTIONS: Yeah — and I think the public sees the media as a political institution–just as they see the White House, the President, and Congress — and right now, nobody trusts politicians or people covering politicians. It’s a — it’s a horrible trend. I look back to Gallup numbers in the early 1970s, and those of us in the media are regarded much worse than we were back then. But it’s been occurring over the past couple of decades.

TAMARA KEITH, NPR: Republican Senator Ben Sasse, over the weekend, said something that goes in conjunction with the Tweets; and fits with these numbers, too. He said he was concerned that the President was trying to weaponize distrust. And then, here’s the quote: ‘We are at risk of getting to a place where we don’t have a shared set of public facts. A republic will not work if we don’t have shared facts.’ These numbers are part of a very long trend of institutions losing trust from the American people; and that makes — puts America at risk.””

………………..

More on the poll:

NPR/PBS NewsHour/Marist Poll National Adults. Interviews conducted June 21st through June 25th, 2017, n=1205 MOE +/- 2.8 percentage points. 33D, 28R, 38Ind. 65 white, 12 black, 13 latino. ^National Registered Voters: n=995 MOE +/- 3.1 percentage points. Totals may not add to 100% due to rounding.

*Soft Democrats include registered voters who identify as “not strong Democrats” or Democratic leaning independents. Soft Republicans include those registered voters who identify as “not strong Republicans” or Republican leaning independent”
…………….

…………….

https://www.newsbusters.org/blogs/nb/matthew-balan/2017/07/06/pbs-poll-more-americans-trust-trump-media-horrible-trend

………….

Most Americans, 59%, say it’s better for US to build relationship with Russia. Only 31% say to treat Russia as a threat. NPR/PBS Marist poll, 6/21-6/25/17

NPR/PBS NewsHour/Marist Poll. Poll dates: June 21-25, 2017, 1205 adults nationwide, land line and cell phone

page 5 pdf:

Better to build relationship with Russia:

National adults: 59%
National registered voters: 57%
Democrat: 46%
Republican: 67%
Independent: 60%

…………………….

Comment: Media is desperately trying to gin up war with Russia. Americans who’ll have to fight and die in such a war, plus pay for it, aren’t that enthused about the idea. They don’t consider themselves “treasonous” or “isolationist” for their view. US “regime change” operations have created permanent human misery. Though they did enrich the Bloody Permanent War Industry.

Illegal alien from El Salvador murders 17 year old Muslim girl with baseball bat and dumps her body in a pond in Virginia-ABC News

ICE said in a statement Monday that they have filed a detainer on Torres, a citizen of El Salvador, for potential deportation as he is believed to be in the U.S. illegally.”

Torres, illegal alien from El Salvador

June 19, 2017,Police say road rage incident led to the death of Virginia Muslim teen, ABC News, Karma Allen, Courtney Connley 

Virginia police believe a road rage incident led to the death of the 17-year-old Muslim girl whose body was found near a mosque [article later says killer dumped her in a pond], officials said in a press conference Monday evening.

The body found in a Virginia pond Sunday has been identified as 17-year-old Nabra Hassanen of Reston, Virginia, officials confirmed Monday. Hassanen went missing earlier in the day Sunday after she and her friends left a mosque, according to police. Fairfax County police confirmed Monday that they are not investigating the case as a hate crime.
“Based on the information our detectives have at this point, there is no indication that this was a hate-bias motivated-related crime,” police said. “If that changes as the investigation progresses, we would certainly pursue that aspect.”
Julie Parker, director of media relations for Fairfax County police, said in Monday’s press conference that the incident started early Sunday around 3:40 a.m. local time when a group of about 15 teens were walking in Fairfax County to get some food after participating at an overnight event at the ADAMS center (All Dulles Area Muslim Society). Parker said detectives believe the suspect drove up to the teens when a male teen on a bike started arguing with him.
Hassanen, whose body was found in a pond around 3 p.m. Sunday in Sterling, Virginia, died from blunt force trauma to the upper body, Parker said.

Nabra Hassanen, 17, dead

Fairfax County police arrested Torres, 22, of Sterling around 5:15 a.m. and charged him with murder in connection with the case. Torres was arraigned Monday morning and held without bail, according to an official at the Fairfax County courthouse. It is unclear if he entered a plea and it was not immediately made clear whether he had obtained an attorney.

Police said they looked into whether the killing was a hate crime, but said they found no indication “that this was a bias incident.” Officials do believe Torres acted alone, and are not looking to arrest any other suspects.
The ADAMS center in Sterling, where the teens are believed to have been attending an overnight event, released a statement in regards to Hassanen’s death.
“We are devastated and heartbroken as our community undergoes and processes this traumatic event,” the center said in a statement.”…
The investigation of the case is ongoing and said the case may be prosecuted in Loudon County instead of Fairfax County because of elements of the crime and where they occurred.”…

FBI illegally shared data on Americans with unauthorized persons since at least 2009. FISA court finds hundreds of violations of FBI rules under Comey. FBI operates as independent state, has no timely oversight, claims to police itself-Circa.com…US intel agencies conducted illegal surveillance against Americans for 5 years during Obama admin. through late Oct. 2016-McClatchy

May 26, 2017,Secret [FISA] court rebukes NSA for 5-year illegal surveillance of U.S. citizens, McClatchy, Tim Johnson, via Miami Herald
…………………………..

May 26, 2017, Declassified memos show FBI illegally shared spy data on Americans with private parties, Circa.com, John Solomon and Sara Carter

The FBI has illegally shared raw intelligence about Americans with unauthorized third parties and violated other constitutional privacy protections, according to newly declassified government documents that undercut the bureau’s public assurances about how carefully it handles warrantless spy data to avoid abuses or leaks….

Then-FBI Director James Comey unequivocally told lawmakers his agency used sensitive espionage data gathered about Americans without a warrant only when it was “lawfully collected, carefully overseen and checked.”

Once-top secret U.S. intelligence community memos reviewed by Circa tell a different story, citing instances of “disregard” for rules, inadequate training and “deficient” oversight and even one case of deliberately sharing spy data with a forbidden party.

For instance, a ruling declassified this month by the Foreign Intelligence Surveillance Court (FISA) chronicles nearly 10 pages listing hundreds of violations of the FBI’s privacy-protecting minimization rules that occurred on Comey’s watch.

The behavior the FBI admitted to a FISA judge just last month [April 2017] ranged from illegally sharing raw intelligence with unauthorized third parties to accessing intercepted attorney-client privileged communications without proper oversight the bureau promised was in place years ago.

The court also opined aloud that it fears the violations are more extensive than already disclosed. 

“The Court is nonetheless concerned about the FBI’s apparent disregard of minimization rules and whether the FBI is engaging in similar disclosures of raw Section 702 information that have not been reported,” the April 2017 ruling declared.

The court isn’t the only oversight body to disclose recent concerns that the FBI’s voluntary system for policing its behavior and self-disclosing mistakes hasn’t been working.

The Justice Department inspector general’s office declassified a report in 2015 that reveals the internal watchdog had concerns as early as 2012 that the FBI was submitting ‘deficient” reports indicating it had a clean record complying with spy data gathered on Americans without a warrant.

The FBI normally is forbidden from surveilling an American without a warrant. But Section 702 of the Foreign Surveillance Act, last updated by Congress in 2008, allowed the NSA to share with the FBI spy data collected without a warrant that includes the communications of Americans with “foreign targets.”

But the FISA court watchdogs suggest FBI compliance problems began months after Section 702 was implemented.

The FBI’s very first compliance report in 2009 declared it had not found any instances in which agents accessed NSA intercepts supposedly gathered overseas about an American who in fact was on U.S. soil.

But the IG said it reviewed the same data and easily found evidence that the FBI accessed NSA data gathered on a person who likely was in the United States, making it illegal to review without a warrant.
“We found several instances in which the FBI acquired communications on the same day that the NSA determined through analysis of intercepted communications that the person was in the United States,” the declassified report revealed.
It called the FBI’s first oversight report “deficient” and urged better oversight.
FBI officials acknowledged there have been violations but insist they are a small percentage of the total counterterrorism and counterintelligence work its agents perform.
Almost all are unintentional human errors by good-intentioned agents and analysts under enormous pressure to stop the next major terror attack, the officials said.
Others fear these blunders call into the question the bureau’s rosy assessment that it can still police itself when it comes to protecting Americans’ privacy 17 years after the war on terror began….
“No one on the Hill wants to look like we are soft on terrorism when you have increasing threats like Manchester-style attacks. But the evidence of abuse or sloppiness and the unending leaks of sensitive intelligence in the last year has emboldened enough of us to pursue some reforms,” a senior congressional aide told Circa, speaking only on condition of anonymity because he wasn’t authorized to talk to the media. “Where that new line between privacy and security is drawn will depend on how many more shoes fall before the 702 renewal happens.”…
One of the biggest concerns involves so-called backdoor searches in which the FBI can mine NSA intercept data for information that may have been incidentally collected about an American. No warrant or court approval is required, and the FBI insists these searches are one of the most essential tools in combating terrorist plots.
But a respected former Justice Department national security prosecutor questions if the searching has gotten too cavalier. Amy Jeffress, the former top security adviser to former Attorney General Eric Holder, was appointed by the intelligence court in 2015 to give an independent assessment of the FBI’s record of compliance.
Jeffress concluded agents’ searches of NSA data now extend far beyond national security issues and thus were “overstepping” the constitutional protections designed to ensure the bureau isn’t violating Americans’ 4th Amendment protections against unlawful search and seizure.
“The FBI procedures allow for really virtually unrestricted querying of the Section 702 data in a way the NSA and CIA have restrained it through their procedures,” she argued before the court in a sealed 2015 proceeding. “I think that in this case the procedures could be tighter and more restrictive, and should be in order to comply with the Fourth Amendment,” she added.
The court thanked Jeffress for her thoughtful analysis but ultimately rejected her recommendation to impose on the FBI a requirement of creating a written justification why each search would help pursue a national security or criminal matter….
That was late in 2015. But by early 2017, the court became more concerned after the Obama administration disclosed significant violations of privacy protections at two separate intelligence agencies involved in the Section 702 program.
The most serious involved the NSA searching for American data it was forbidden to search. But the FBI also was forced to admit its agents and analysts shared espionage data with prohibited third parties, ranging from a federal contractor to a private entity that did not have the legal right to see the intelligence….
The court’s memo suggested the FBI’s sharing of raw intelligence to third parties, at the time, had good law enforcement intentions but bad judgment and inadequate training.

“Nonetheless, the above described practices violated the governing minimization procedures,” the court chided. A footnote in the ruling stated one instance of improper sharing was likely intentional. 

“Improper access” to NSA spy data for FBI contractors “seems to have been the result of deliberate decision-making,” the court noted.

The recently unsealed ruling also revealed the FBI is investigating more cases of possible improper sharing with private parties that recently have come to light.

The government “is investigating whether there have been similar cases in which the FBI improperly afforded non-FBI personnel access to raw FISA-acquired information on FBI systems,” the court warned.

The ruling cited other FBI failures in handling Section 702 intel, including retaining data on computer storage systems “in violation of applicable minimization requirements.” 

Among the most serious additional concerns was the FBI’s failure for more than two years to establish review teams to ensure intercepts between targets and their lawyers aren’t violating the attorney-client privilege. 

“Failures of the FBI to comply with this ‘review team’ requirement for particular targets have been focus of the FISC’s (FISA’s?) concerns since 2014,” the court noted.
The FBI said it is trying to resolve the deficiencies with aggressive training of agents.
That admission of inadequate training directly undercut Comey’s testimony earlier this month when questioned by Sen. Dianne Feinstein, D-Calif.
“Nobody gets to see FISA information of any kind unless they’ve had the appropriate training and have the appropriate oversight,” the soon-to-be-fired FBI director assured lawmakers.
The struggle for the intelligence court and lawmakers in providing future oversight will be where to set more limits without hampering counterterrorism effort. The FBI told Circa in a statement, “As indicated in its opinion, the Court determined that the past and current standard minimization procedures are consistent with the Fourth Amendment and met the statutory definition of those procedures under Section 702.”

Jeffress, however, warned in her 2015 brief of another dynamic that will pose a challenge too, an FBI culture to use a tool more just because it can.

“These scenarios suggest a potentially very large and broad scope of incidental collection of communications between a lawful target and U.S. persons that are not the type of communications Section 702 was designed to collect,” she told the court in a written memo.

And when questioned at a subsequent hearing, Jeffress observed: I don’t think that the FBI will voluntarily set limits on its querying procedures, because law enforcement agencies tend not to take steps to restrict or limit what they can do, for obvious reasons.””
…………………..

 

The criticism is in a lengthy secret ruling that lays bare some of the frictions between the Foreign Intelligence Surveillance Court and U.S. intelligence agencies obligated to obtain the court’s approval for surveillance activities.

The ruling, dated April 26 and bearing the label “top secret,” was obtained and published Thursday by the news site Circa.

It is rare that such rulings see the light of day, and the lengthy unraveling of issues in the 99-page document opens a window on how the secret federal court oversees surveillance activities and seeks to curtail those that it deems overstep legal authority.

The document, signed by Judge Rosemary M. Collyer, said the court had learned in a notice filed Oct. 26, 2016, that National Security Agency analysts had been conducting prohibited queries of databases “with much greater frequency than had previously been disclosed to the court.” 

It said a judge chastised the NSA’s inspector general and Office of Compliance for Operations for an “institutional ‘lack of candor’” for failing to inform the court. It described the matter as “a very serious Fourth Amendment issue.” 

The Fourth Amendment protects people from unreasonable searches and seizures by the government, and is a constitutional bedrock protection against intrusion.

Parts of the ruling were redacted, including sections that give an indication of the extent of the illegal surveillance, which the NSA told the court in a Jan. 3 notice was partly the fault of “human error” and “system design issues” rather than intentional illegal searches.

The NSA inspector general’s office tallied up the number of prohibited searches conducted in a three-month period in 2015, but the number of analysts who made the searches and the number of queries were blacked out in the ruling.

The NSA gathers communications in ways known as “upstream” and “downstream” collection. Upstream collection occurs when data are captured as they move through massive data highways – the internet backbone – within the United States. Downstream collection occurs as data move outside the country along fiber optic cables and satellite links.

Data captured from both upstream and downstream sources are stored in massive databases, available to be searched when analysts need to, often months or as much as two years after the captures took place.

The prohibited searches the court mentioned involved NSA queries into the upstream databanks, which constitute a fraction of all the data NSA captures around the globe but are more likely to contain the emails and phone calls of people in the United States.

Federal law empowers the NSA and CIA to battle foreign terrorist actions against the United States by collecting the electronic communications of targets believed to be outside the country.

While communications of U.S. citizens or residents may get hoovered up in such sweeps, they are considered “incidental” and must be “minimized” – removing the identities of Americans – before broader distribution.

The court filing noted an NSA decision March 30 to narrow collection of “upstream” data within the United States. Under that decision, the NSA acknowledged that it had erred in sweeping up the communications of U.S. citizens or residents but said those errors “were not willful.” Even so, the NSA said it would no longer collect certain kinds of data known as “about” communications, in which a U.S. citizen was merely mentioned.

The NSA announced that change publicly on April 28, two days after the court ruling, saying the agency would limit its sweeps to communications either directly to or from a foreign intelligence target. That change would reduce “the likelihood that NSA will acquire communications of U.S. persons or others who are not in direct contact with one of the agency’s foreign intelligence targets.” 

The court document also criticized the FBI’s distribution of intelligence data, saying it had disclosed raw surveillance data to sectors of its bureaucracy “largely staffed by private contractors.” 

The “contractors had access to raw FISA information that went well beyond what was necessary to respond to the FBI’s requests,” it said, adding that the bureau discontinued the practice on April 18, 2016.”

…………..

Despite CrowdStrike’s extremely casual treatment of infected DNC computers, waiting over a month to remove hackers, the entire world is forced to rely on CrowdStrike as the sole source of alleged explosive information on DNC email hacking. Not even FBI was allowed access. CrowdStrike on May 5 said it’s Russian hackers, then waited over a month before removing the malware-Daily Mail, Washington Post

FBI was forced to rely on CrowdStrike’s word for what happened to DNC computers and DNC emails, though CrowdStrike had knowingly allowed hackers to remain on DNC computers for over a month:

1/10/17, Comey: DNC denied FBI’s requests for access to hacked servers,” The Hill, Katie Bo Williams 

The bureau made “multiple requests at different levels,” according to Comey….

“We’d always prefer to have access hands-on ourselves if that’s possible,” Comey said, noting that he didn’t know why the DNC rebuffed the FBI’s request….

[A senior law enforcement official said],This left the FBI no choice but to rely upon a third party for information. These actions caused significant delays and inhibited the FBI from addressing the intrusion earlier.”“…

……………….. 

4 key dates: April-June 2016, involving Crowdstrike and DNC computers, April 29, May 5, May 21, and June 10. Daily Mail (4/5/17) and Washington Post (6/14/2016): 

April 29, 2016– Conclusion of CrowdStrike’s 5 week investigation into whether Bernie Sanders campaign staffers had breached DNC computers: “According to internal emails, CrowdStrike was already working for the DNC to investigate whether Bernie Sanders campaign staffers had gained unauthorized access to its voter database. That five-week investigation appeared to have wrapped up on April 29, 2016.” Daily Mail, 4/5/17 (Comment: During the Bernie investigation, why didn’t CrowdStrike remove malware that had been on DNC computers since 2015?)

……………….. 

May 5, 2016Crowdstrike called back to the DNC for a malware job, hooked up monitoring software to the DNC system on May 5, 2016. During its May 5 hookup, CrowdStrike says it noticed malware right away (it ‘lit up’). But no mention is made of actually removing the malware: “Alperovitch said the company hooked up monitoring software to the DNC system on May 5, 2016 and it ‘lit up,’ indicating a breach.“…(A few days earlier, on April 29, 2016, CrowdStrike had concluded a 5 week job for the DNC investigating whether the Bernie Sanders campaign had gained unauthorized access to its computers. Daily Mail, 4/5/17
……………….

May 21, 2016: DNC Chair Debbie Wasserman Schultz, wrote in one May 21 email that Bernie Sanders would ‘never be president.'”

This May 21 email smearing Bernie Sanders was among those eventually made public: 

*”The vast majority of the email theft appears to have occurred during” the time CrowdStrike was monitoring malware activity on DNC computers (May 5-June 10, 2016). Crowdstrike “monitored the hackers as they pilfered emails and research files,” for 5 weeks watched DNC emails walk out the door,  WOULD NOT REMOVE THE MALWARE until June 10, 2016.  Daily Mail 4/5/17

…………………….. 

June 10, 2016-“Over a month passed before CrowdStrike finally booted the hackers out of the system on June 10, 2016.” Between May 5 and June 10, 2016, CrowdStrike said “it built an entirely new computer and phone system for the DNC and monitored the hackers as they pilfered emails and research files:”Daily Mail, 4/5/17

Second source: 6/14/16, Washington Post also reports that DNC malware wasn’t removed until the second weekend in June (“over the past weekend”) in a “major computer cleanup campaign:”

June 14, 2016, “Some of the hackers had access to the DNC network for about a year, but all were expelled over the past weekend in a major computer cleanup campaign, the committee officials and experts said.” Washington Post (June 10, 2016 was a Friday) 

Washington Post confirms that CrowdStrike quickly (“within 24 hours”) installed software on DNC computers to analyze data. But Crowdstrike didn’t begin removing the malware “within 24 hours,” instead waited until the second weekend in June (as stated above):

“Within 24 hours, CrowdStrike had installed software on the DNC’s computers so that it could analyze data that could indicate who had gained access, when and how.”

From Washington Post, 6/14/2016: 

DNC says it acted “immediately”and “as quickly as possible to kick out the intruders.”

They waited 6 weeks “to kick out the intruders.”  (Late April 2016- second weekend in June 2016)

DNC leaders were tipped to the hack in late April (2016).”…

“DNC leadership acted quickly after the intrusion’s discovery to contain the damage.”…

Rep. Debbie Wasserman Schultz (Fla.), DNC chairwoman:

When we discovered the intrusion, we treated this like the serious incident it is and reached out to CrowdStrike immediately. Our team moved as quickly as possible to kick out the intruders and secure our network.””…[The “intruders” weren’t “kicked out” until 6 weeks after DNC learned they were there (Knew they were there in late April 2016, knew they weren’t removed until second weekend in June 2016)].

…………………….

Link to Washington Post article:

6/14/2016, Russian government hackers penetrated DNC, stole opposition research on Trump, Washington Post, Ellen Nakashima
……………………….

Link to Daily Mail article:

4/5/17, “Exclusive: Cybersecurity experts who were first to conclude that Putin hacked presidential election ABANDON some of their claims against Russia – and refuse to co-operate with Congress,” Daily Mail, Alana Goodman

……………………….

Added:  All US “intelligence community” reports, all global media coverage of an alleged DNC email-Russia event are based on the opinion of a single source, CrowdStrike. “Not even the FBI has been granted access” to DNC computers–despite that CrowdStrike knowingly allowed hackers to remain on DNC computers for over a month, as noted above. CrowdStrike should have no voice whatsoever in this matter: 

“Not even the FBI has been granted access to the (DNC) servers. U.S. agencies have instead relied on CrowdStrike’s work. There is no other known forensic evidence which has been publicly disclosed to link the Kremlin to the attacks, including in a series of intelligence community statements and reports.” Daily Mail, 4/5/17
…………………..

Added: Democrats Ignored Cybersecurity Warnings Before Theft.” Bloomberg reported in July 2016 that FBI is investigating the DNC email theft–but, unfortunately the FBI was denied access to DNC computers, was forced to rely entirely on CrowdStrike’s opinion:The bureau made “multiple requests at different levels,according to Comey.”…

The Federal Bureau of Investigation is examining the attack, which law enforcement officials and private security experts say may be linked to the Russian government.”…

7/27/2016,Democrats Ignored Cybersecurity Warnings Before Theft,” Bloomberg, Michael Riley

The Democratic National Committee was warned last fall (2015) that its computer network was susceptible to attacks but didn’t follow the security advice it was given, according to three people familiar with the matter.

The missed opportunity is another blow to party officials already embarrassed by the theft and public disclosure of e-mails that have disrupted their presidential nominating convention in Philadelphia and led their chairwoman to resign.

Computer security consultants hired by the DNC made dozens of recommendations after a two-month review, the people said. Following the advice, which would typically include having specialists hunt for intruders on the network, might have alerted party officials that hackers had been lurking in their network for weeks — hackers who would stay for nearly a year. 

Instead, officials didn’t discover the breach until April (2016). The theft ultimately led to the release of almost 20,000 internal e-mails through WikiLeaks last week on the eve of the convention. 

The e-mails have devastated party leaders. Representative Debbie Wasserman Schultz, the DNC chairwoman, has agreed to resign at the end of this week’s convention. She was booed off the stage on opening day after the leaked e-mails showed that party officials tried to undermine the presidential campaign of Senator Bernie Sanders in favor of Hillary Clinton, who was formally nominated on Tuesday evening. Party officials are supposed to remain neutral on presidential nominations.

The Federal Bureau of Investigation is examining the attack, which law enforcement officials and private security experts say may be linked to the Russian government. President Barack Obama suggested on Tuesday that Russia might be trying to interfere with the presidential race. Russian officials deny any involvement in the hacking and say they’re not trying to influence the election….

The consultants briefed senior DNC leaders on the security problems they found, the people familiar with the matter said. It’s unclear whether Wasserman Schultz was present. Now, she is likely to face criticism over not only the content of the e-mails — including one in which a party official proposes pushing stories in the news media questioning Sanders’s Jewish faith — but also the failure to take steps to stop the theft in the first place.

Shame on them. It looks like they just did the review to check a box but didn’t do anything with it,” said Ann Barron-DiCamillo, who was director of US-Cert, the primary agency protecting U.S. government networks, until last February. If they had acted last fall, instead of those thousands of e-mails exposed it might have been much less.

The assessment by Good Harbor Security Risk Management, headed by the former Clinton and Bush administration official Richard Clarke, occurred over two months beginning in September 2015, the people said. It included interviews with key staff members and a detailed review of the security measures in place on the organization’s network, they said.

The review found problems ranging from an out-of-date firewall to a lack of advanced malware detection technology on individual computers, according to two of the people familiar with the matter.

The firm recommended taking special precautions to protect any financial information related to donors and internal communications including e-mails, these people said.

The DNC paid $60,000 for the assessment, according to federal filings.

Mark Paustenbach, a spokesman for the DNC, declined to comment on the Good Harbor report. Emilian Papadopoulos, president of Washington-based Good Harbor, said he couldn’t comment on work done for a specific client.

Missed Warnings 

The security review commissioned by the DNC was perhaps the most detailed of a series of missed warnings. Officials at both the Republican National Committee and the DNC received government briefings on espionage and hacking threats beginning last year, and then received a more specific briefing this spring, according to another person familiar with the matter. 

Cyber-security assessments can be a mixed blessing. Legal experts say some general counsels advise organizations against doing such assessments if they don’t have the ability to quickly fix any problems the auditors find, because customers and shareholders could have cause to sue if an organization knowingly disregards such warnings. 

Papadopoulos said a risk analysis by his firm is designed to “help an organization’s senior leadership answer the questions, ‘What are our unique and most significant cyber security risks, how are we doing managing them, and what should we improve?’”

The firm typically recommends that clients conduct a so-called breach assessment to determine whether hackers are already lurking in the network, Papadopoulos said. He wouldn’t confirm whether such a recommendation was among those delivered to the DNC.

“We give recommendations on governance, policies, technologies and crisis management,” he said. “For organizations that have not had a compromise assessment done, that is one of the things we often recommend.” 

It isn’t certain a breach assessment would have spotted the hackers, according to Barron-DiCamillo, but it would have increased the chances. “Why spend the money to have Good Harbor come in and do the recommendations and then not act on them?” she asked.”

…………………………..

Added: FBI was denied access to DNC computers, was forced to rely on Crowdstrike opinion about alleged Russia access to DNC emails:

1/10/17, Comey: DNC denied FBI’s requests for access to [allegedly] hacked servers,” The Hill, Katie Bo Williams 

The bureau made “multiple requests at different levels,” according to Comey, but ultimately struck an agreement with the DNC that a “highly respected private company” would get access and share what it found with investigators. 

“We’d always prefer to have access hands-on ourselves if that’s possible,” Comey said, noting that he didn’t know why the DNC rebuffed the FBI’s request…. 

The DNC told BuzzFeed in a statement published last week [Jan. 2017] that the FBI never requested access to its servers after they were breached. 

But a senior law enforcement official disputed that characterization the following day.

“The FBI repeatedly stressed to DNC officials the necessity of obtaining direct access to servers and data, only to be rebuffed until well after the initial compromise had been mitigated,” the official said. 

This left the FBI no choice but to rely upon a third party for information. These actions caused significant delays and inhibited the FBI from addressing the intrusion earlier.” 

CrowdStrike, the private security firm in question, has published extensive forensic analysis backing up its assessment that the threat groups that infiltrated the DNC were associated with Russian intelligence.”
……………………

Added: Re: “Threat groups,” (The Hill, above) aren’t groups of people despite what the term may suggest. Threat groups” are a set of software and related network infrastructure:

A common misconception of “threat group” is that it refers to a group of people. It doesn’t. Here’s how ESET [link goes to general site] describes SEDNIT, one of the names for the threat group known as APT28, Fancy Bear, etc. This definition is found on p.12 of part two “En Route with Sednit: Observing the Comings and Goings”:

“As security researchers, what we call “the Sednit group” is merely a set of software and the related network infrastructure, which we can hardly correlate with any specific organization.” 

Unlike Crowdstrike, ESET doesn’t assign APT28/Fancy Bear/Sednit to a Russian Intelligence Service or anyone else for a very simple reason. Once malware is deployed, it is no longer under the control of the hacker who deployed it or the developer who created it. It can be reverse-engineered, copied, modified, shared and redeployed again and again by anyone. In other words — malware deployed is malware enjoyed!… 

It is both foolish and baseless to claim, as Crowdstrike does, that X-Agent is used solely by the Russian government when the source code is there for anyone to find and use at will.”…

…………..

Not a ‘bombshell?’ US Office of Special Counsel finds Obama admin. Justice Dept. officials broke federal law and must be disciplined. Obama Justice officials went to elaborate lengths in refusing to hire military veterans for jobs specifically mandated for veteran priority-Washington Times, May 17, 2017

Why isn’t it “explosive” and a “bombshell” that Obama administration Justice Dept. knowingly broke federal law?

May 17, 2017, Obama’s Justice Department refused to hire military veterans for jobs: probe, Stephen Dinan, Washington Times

The Obama Justice Department discriminated against military veterans, trying to force them to withdraw their applications for two job postings — then canceling the postings altogether and rewriting the jobs to prevent the veterans from qualifying, a government watchdog said Wednesday.

Under federal law, veterans should have gotten preferential consideration for the two positions in the International Criminal Investigative Training Assistance Program.

But Justice officials had their eye on non-veterans, and scheduled meetings off-site to try to force the veteran candidates to withdraw their applications, the U.S. Office of Special Counsel said.

The veterans refused to withdraw and human resources told the ICITAP hiring officials that they had to hire the veterans. Intent on avoiding that, the ICITAP then canceled the initial job-postings and re-listed the jobs a year later, in 2016, with new qualifications that excluded the veterans, the OSC’s investigative report said.

The OSC said it was illegal to try to force the veterans to pull out of the job search.

OSC found hiring violations for two positions at DOJ where officials sought to encourage preference eligible veterans to withdraw their applications,” the watchdog agency said. “DOJ wanted to hire a non-veteran candidate. When the veterans declined to withdraw, DOJ selected the non-veteran candidate, despite rules mandating that veterans receive priority in hiring over non-veterans in certain circumstances.”

The ICITAP officials told investigators they didn’t try to pressure the veterans, but instead explained why they should withdraw.

OSC investigators said even if that was what happened, it still violated the law.

The re-listing of the jobs was also sketchy, but not a clear violation of the law, the OSC said.

The OSC demanded officials be disciplined for the lapses, and recommended new training for Justice Department staff to be aware of their obligations. The agency said the department accepted the recommendations.”