The conventional wisdom that last year’s Democratic National Committee computer hack, which triggered WikiLeaks to release thousands of emails revealing Democratic Party favoritism of Hillary Clinton over Bernard Sanders, was conducted by Russian operatives is facing increasing scrutiny.
Theories once considered fringe and extreme have begun entering the mainstream, with a prominent group of former NSA and CIA officials claiming the hack that rocked the 2016 presidential election was not actually a hack at all but rather a leak by an insider with physical access to the DNC computer network.
Speculation around the claim by the group, the Veteran Intelligence Professionals for Sanity (VIPS), is also being fueled by investigators re-examining statements by key players in the drama, including former President Barack Obama and WikiLeaks founder Julian Assange, whose carefully chosen words on the hack have drawn fresh attention.
A research memo compiled by VIPS last month directly conflicts with the U.S. intelligence community’s January claim that it was Russian operatives who orchestrated the cyberattack on the DNC network.
The memo, which the group sent to President Trump last month under the title “Was the ‘Russian Hack’ an Inside Job?” — investigates metadata and data transfer speeds found in the records of the alleged Russian cyberintrusion into DNC computers.
The memo also raises issues with assertions that the U.S. intelligence community has made over the existence of “Guccifer 2.0,” a shadowy Romanian hacker alleged to have carried out the cyberintrusion.
A January assessment publicized by the intelligence community claimed that Guccifer had hacked the DNC network on behalf of Russian intelligence and had then passed documents obtained through the hack to WikiLeaks.
VIPS argues that Guccifer was made up.
The intelligence community’s “assessment and its conclusions are a disgrace to the intelligence profession,” VIPS co-founder Ray McGovern, a retired 27-year CIA veteran, told The Washington Times in an interview.
VIPS claims the FBI, CIA and NSA never actually performed any cyberforensic analysis of the documents that the agencies claim were hacked by Guccifer and provided to WikiLeaks.
According to Mr. McGovern, there is clear evidence that some of the DNC emails given to WikiLeaks contained superimposed Russian language formatting. “Essentially, they were synthetically tainted with Russian fingerprints,” he said, adding that such tainting was done to make it appear as if Russian operatives had been involved in the hack.
Such assertions, which directly counter the widely accepted “blame the Russians” narrative, have emerged as the source of much handwringing among analysts and journalists at several news organizations.
Last week saw the left-leaning magazine The Nation — one of America’s oldest publications — consider retracting a 4,500-word investigative article that had prominently featured VIPS’ findings.
VIPS is not a new organization, nor is it an unseasoned player to controversy that sometimes accompanies heated debates over national security matters at the highest level.
The group, which has no official ties to the U.S. government, gained notoriety in 2003 by protesting the Bush administration’s use of faulty intelligence to justify the invasion of Iraq.
VIPS’ current hack/leak memo offers a timeline suggesting that the whole existence of Guccifer was actually made up to distract American voters and journalists.
The first mentions of the alleged hacker in news reports occurred just after WikiLeaks had released the emails showing embarrassing information about Mrs. Clinton’s presidential campaign and its battles with Mr. Sanders just before the Democratic National Convention.
But on the opening day of the convention in Philadelphia last summer, Mr. Assange made no mention of Guccifer when discussing how WikiLeaks had come to be in possession of the emails.
To the contrary, Mr. Assange suggested that the hack of the DNC system could have been an inside job.
“We never reveal our sources, obviously. That’s what we pride ourselves on,” Mr. Assange said at the time from the Ecuadorean Embassy in London. “But if we’re talking about the DNC, there’s lots of consultants that have access, lots of programmers. And the DNC has been hacked dozens and dozens of times.”
Mr. Obama, meanwhile, addressed the issue roughly six months later, after Russia’s alleged role in the hack had mushroomed into a much wider media frenzy around accusations that the Kremlin had meddled aggressively in the 2016 election.
“The conclusions of the intelligence community with respect to the Russian hacking were not conclusive as to whether WikiLeaks was witting or not in being the conduit through which we heard about the DNC emails that were leaked,” Mr. Obama said during his final press conference in January, just two days before Mr. Trump’s inauguration.
On a separate front, recent weeks have brought new questions about the role played by a company known as Crowdstrike — a DNC-connected cybersecurity firm that was tasked with investigating the DNC sever that was hacked.
While Crowdstrike created a “cyberforensic” report on the alleged hack, federal investigators, including the FBI, have thus far not been able to get their hands on the DNC’s computer network.
The January intelligence community assessment made no mention of Crowdstrike.
But Mr. McGovern told The Times that the Irvine, California-based firm could be connected to a subsequent dump of documents to WikiLeaks, which occurred last March, and which the anti-secrecy organization claimed contained classified details about the CIA’s latest hacking capabilities.
Those capabilities, refined by the CIA’s Directorate of Digital Innovation, which then-director John O. Brennan had launched in 2015, allegedly included programs to listen in on smartphones and smart TVs, in addition to establishing tools to create false-flag hacks in Chinese, Russian, Korean, Arabic and Farsi.
Mr. McGovern maintains that only the CIA has the capability to make a hack look like it came from a different language. As a result, he said, current CIA Director Mike Pompeo made a rare public appearance to blast WikiLeaks just weeks after it had published the documents alleging CIA hacking capabilities.
“It’s time to call out WikiLeaks for what it really is,” Mr. Pompeo told a crowd at a Washington think tank in early-April. “[It’s] a nonstate hostile intelligence service, often abetted by state actors like Russia.”
Mr. McGovern speculates that Crowdstrike, which the DNC paid more than $400,000 during the 2016 election cycle, could have been complicit in generating the narrative of Russian involvement in the DNC hack.
He argues that such complicity would explain why neither the FBI, CIA, NSA nor any other major U.S. intelligence or law enforcement outfit has ever fully examined the DNC hack. “[Fired FBI Director] Jim Comey could have gotten authority to access the DNC server, but he never wanted to,” Mr. McGovern said.