Third Party, Not FBI, Claims Russian Hacking.

a reply to: face23785

We saw from the leaked emails there was an early plan to introduce a "Russia collusion" narrative.

Can you provide the file number for this document? I would love to read it.

a reply to: introvert

Not least of which was whatever evidence initially caused the FBI to alert the DNC that they had been compromised by a known threat actor.

And as you rightly point out, the DNC/DCCC intrusions, the Podesta phishing, etc were only parts of an even larger series of concurrent attacks which have all their own evidence trails.

That's before we even get into whatever intelligence has been gathered by the IC, the contemporaneous propaganda and social media campaigns, etc.

Trying to paint CrowdStrike as even the primary source for evidence of Russian meddling in this election is beyond absurd.

a reply to: face23785

Isn't it funny in the very next part he said that they have since then actually looked at the computer but you don't include that in your narrative.
Nor do you talk about Comeys testimony where he said that crowd strikes investigation didn't inhibit their investigation. The only issue they had was that they had to wait for the reports. A slow down.
Nor do you include the fact that they got the complete report from crowd strike.
Which is a private company that has no connection to government and isn't partisan in any way.

But gahead and discuss the issue only considering a myopic view that doesn't include all the facts.

Meanwhile Russia is still at it. That's ok. Let's just let them because otherwise well I'm not sure what . I don't get this whole denial that we were attacked nor do I understand the inaction to make sure it doesn't keep happening.

a reply to: theantediluvian

FBI NSA CIA have not been apart of the "investigation"
They have not seen "any evidence"

Please show me the evidence you speak of...

a reply to: Sillyolme

The FBI has since then.
It was mentioned in a hearing just yesterday as a matter of fact.

Have an excerpt and link for that claim?

a reply to: theantediluvian

That's before we even get into whatever intelligence has been gathered by the IC, the contemporaneous propaganda and social media campaigns, etc.

The amount of evidence the IC has must be extensive, considering the entire IC stood in unison to say there was a massive hacking effort, Russia is behind it and the orders came from the top level of their government.

FBI has yet to investigate the DNC servers. Until they do this is crap.

a reply to: introvert

What the IC has so far...

It all leads back to 🏡

a reply to: neutronflux

There's all sorts of monitoring going on all the time — by ISPs, government agencies, security firms, etc.

I won't even speculate as to specifically what the FBI is doing in terms of monitoring. I simply don't know. I can give you examples of what security teams are doing and also introduce to you some independent evidence that doesn't have anything to do with CrowdStrike.

Dell SecureWorks -
IRON TWILIGHT Supports 'Active Measures'

n June 2015, CTU researchers began tracking an IRON TWILIGHT phishing campaign targeting Gmail accounts (see Figure 2). The tracking involved monitoring the threat group’s use of the Bitly link-shortening service. CTU researchers discovered that thousands of Gmail users had been targeted since at least March 2015, including individuals in Russia and the former Soviet states, current and former military and government personnel, military and government organizations in the U.S. and Europe, and authors and journalists with an interest in Russia.

Between March and May 2016, CTU researchers monitoring IRON TWILIGHT’s targeting of organizational and personal Gmail accounts uncovered phishing emails targeting nine DNC accounts, 108 Hillary Clinton presidential campaign accounts, and at least 26 personal accounts belonging to individuals active in U.S. politics. In June 2016, the DNC confirmed its network was compromised by IRON TWILIGHT.

"IRON TWILIGHT" is what Dell SecureWorks calls APT29/Cozy Bear/The Dukes. They're monitoring shortened urls. They picked up the spearphishing attack from the Bitly shortend urls used in the campaign. Another example would be the passive DNS monitoring done by ThreatConnect. Essentially, they're compiling DNS requests to form a persistent history.

ThreatConnect - FANCY BEAR Has an (IT) Itch that They Can't Scratch

Both of our companies respectively researched the domain secure.actblues[.]com, which spoofs the DCCC’s legitimate donation site secure.actblue[.]com. FANCY BEAR actors previously used the same technique with the domain misdepatrment[.]com, which spoofed the legitimate domain belonging to MIS Department, a Democratic National Committee IT contractor. The actblues[.]com domain, which is hosted on a Netherlands IP Address 191.101.31[.]112 (Host1Plus, a division of Digital Energy Technologies Ltd.), was registered using a privacy protection service through the I.T. Itch registrar.

After reviewing the Start of Authority (SOA) record for actblues[.]com we were able to identify the email address fisterboks@email[.]com originally registered the domain.

This fisterboks@email[.]com email address has previously registered three other domains, intelsupportcenter[.]com (hosted on a dedicated server at 81.95.7[.]11), intelsupportcenter[.]net (not active), and fastcontech[.]com, all of which have been attributed to FANCY BEAR activity in an official German Intelligence (BfV) report Cyber Brief Nr. 01/2016. It should also be noted that fastcontech[.]com is hosted at the same ISP as one of the IP’s listed by Crowdstrike for FANCY BEAR (185.86.148[.]227).

The actblues[.]com domain was initially registered on June 14th and resolved to the 191.101.31[.]112 IP shortly thereafter. This indicates that the domain was operationalized in less than a day. Stepping out and looking at additional context related to the DNC activity, we identified that CrowdStrike’s initial report on the DNC hack was also published on June 14th. This suggests that, after being outed, FANCY BEAR actors shifted their operation immediately to another target that might allow them to continue collection against Democratic figures involved in the U.S. election.

Just to give you some idea. Despite the incessant claims to the contrary, there's actually quite a bit of publically availably information to be considered. The problems are 1) the people making these claims don't want it to exist, 2) a lot of them are too lazy to look for it even if they don't strongly want to be in denial and 3) quite a bit of it isn't anything they're capable of considering because it's over their heads.

Here's something else that the author as well as a lot of the die hard Trump supporters who vehemently oppose attribution to the Russians overlook or cite where they think it proves their point:

The NSA hosts the largest cyber surveillance in existence. It would not surprise me in the least that there is evidence of the hack in the form of connections between DNC servers and C2 servers (command & control), connections from there to the ISP providing VPN services to the hackers for BTC, etc. I doubt that they are storing a bunch of encrypted packets but they're almost certainly logging "network metadata" — information about connections — for huge swaths of the traffic visible to them which I assume would be most any traffic going through the routers of any backbone providers.

This is not something that we can expect them to rush out to tell us but it would certainly factor into their analysis.

a reply to: iWontGiveUP

I don't even know how to respond to that. It seems like you have some stronge emotions and those are the sole basis of your opinions.

a reply to: yuppa

FBI has yet to investigate the DNC servers. Until they do this is crap.

You're utterly clueless. I don't know of a nicer way to put it. What you lot of denial-obsessed reactionaries don't seem to understand is that there'd be no need to deny access to the FBI to somehow "coverup" for your alleged "false narrative."

CrowdStrike could have placed the same implants they produced to the world on the DNC servers, doctored the logs and let the FBI right in and what the FBI would have found would have been indistinguishable from the real deal.

What they couldn't have easily faked was the corroborating evidence from independent sources outside the network.

I'm more than qualified to speak on this subject. Are you?

a reply to: theantediluvian

But why watch the DNC server in the first place? Why not block what they label attacks. Is it legal for the IC to just monitor everything? How do you monitor everything? What is the purpose of monitoring if no action is taken to stop cyber crime? What proof does the FBI have of Russia?

If the FBI needed the server, all they had to do is get a warrant. The refusal of turning the server over is obstruction.

Your excuse the simpletons don't understand is a copout.....

originally posted by: introvert
a reply to: theantediluvian

That's before we even get into whatever intelligence has been gathered by the IC, the contemporaneous propaganda and social media campaigns, etc.

The amount of evidence the IC has must be extensive, considering the entire IC stood in unison to say there was a massive hacking effort, Russia is behind it and the orders came from the top level of their government.

Please stop pushing this lie. Clapper debunked it.

Isn't most traffic to a server encrypted anyway? So how would the FBI know to watch the DNC server? Know of criminal traffic out of the hundreds of thousands of internet data transactions per second if they were not focused on the DNC server? And able to decipher the data packets to see who they were from?

a reply to: face23785

Please stop pushing this lie. Clapper debunked it.

His previous position was DNI; he directed and spoke for all 17. The three agencies which were tasked with investigating the situation all agreed that Russia was attempting to influence the election. He emphasizes the conclusion still stands.