Meanwhile, President Obama is pushing America closer to war with Russia based on faulty intelligence, or what’s likely worse: fabricated intelligence.
The FBI may have been forced into a misstep when investigating whether Russia hacked the Democratic National Committee — the agency never directly examined the DNC servers that were breached.
Instead, the FBI had to rely on forensic evidence provided by third-party cybersecurity firm CrowdStrike, which the DNC hired to mitigate the breach.
“The FBI repeatedly stressed to DNC officials the necessity of obtaining direct access to servers and data, only to be rebuffed,” the agency said on Thursday in a statement.
The incident threatens to spark more skepticism over whether the U.S. properly arrived at its conclusion that Russian cyberspies were responsible for the breach.
“The FBI may have all the evidence or not,” said John Bambenek, a researcher with Fidelis Cybersecurity. “But this case has been handled so unusually, it gives everyone a reason to latch on and cast doubt.”
News that the FBI failed to directly examine the hacked servers came on Wednesday, when Buzzfeed reported that a DNC spokesman said that the agency had never requested access.
It’s unclear why the DNC allegedly blocked access to the servers. But companies that have been breached are sometimes fearful of exposing sensitive data to outside parties, said Andrei Barysevich, a director at security firm Recorded Future.
“The FBI was investigating Hillary Clinton at the time (over her private email server),” he said. “So it’s totally possible, the DNC didn’t want them involved at any stage of the investigation because of that.”
Nor can the FBI force an affected party to turn a server over, Barysevich said. However, the whole incident may raise questions over whether federal agents saw all the evidence related to the breach. “CrowdStrike is not obligated to share everything with law enforcement,” Barysevich said. “That could have potentially interfered with the investigation.”
CrowdStrike didn’t immediately respond to a request for comment. But it wasn’t the only private security firm to examine the breach. Fidelis Cybersecurity was brought in to look at the malware samples, and concluded that suspected elite Russian hackers were behind the intrusion.
U.S. intelligence agencies, including the FBI, have blamed the DNC breach and other high-profile political hacks on the Kremlin attempting to influence last year’s election. To retaliate, the White House last month expelled Russian diplomats from the U.S. and ordered sanctions against the country.
However incoming President Donald Trump remains skeptical that Russia is to blame. His camp previously rejected U.S. intelligence findings on the matter, saying “these are the same people that said Saddam Hussein had weapons of mass destruction.”
Full article: FBI dispute with DNC over hacked servers may fuel doubt on Russia role (PC World)