Part 1,
Part 2,
Part 3,
Part 4,
Part 5,
Part 6,
Part 7,
Part 8
=======
In 2015 and 2016, a company called NGP VAN provided the software that controlled the voter database of the Democrat National Committee (DNC). On the morning of December 16, 2015, NGP VAN launched a modification of that software.
On that same morning, Josh Uretsky, a member of Sanders' campaign staff, exploited a bug in the modification and thus accessed some database files that belonged to Hillary Clinton's campaign staff. Uretsky instructed three fellow members of Sanders' campaign staff how to exploit the bug. Then those four Sanders staff members accessed and downloaded data from Clinton's database files for about 45 minutes. Within about four hours of the modification's launch, the improper exploitation of the bug was discovered and stopped.
|
Josh Uretsky
|
CNN summarized the exploitation of the bug as follows:
The Sanders team ran multiple searches in Iowa, New Hampshire, Nevada, South Carolina and about ten March [primary election] states, including Florida and Colorado, after it noticed the error. One of the data sets it accessed was a Clinton spreadsheet that ranked voters' enthusiasm -- a potential opportunity for Sanders' campaign to target voters who were hesitant to support the former secretary of state.
The Guardian reported that the four culprits performed 25 searches and downloaded data during those 45 minutes.
The Sanders campaign staff fired Uretsky on that same day, December 16, and suspended the other three culprits in the following days.
Uretsky explained that his actions were innocent.
[Uretsky] told CNN ... that he was only trying to "understand how badly the Sanders campaign's data was exposed" and not attempting to take data from the Clinton campaign.
"We knew there was a security breach in the data, and we were just trying to understand it and what was happening," said Josh Uretsky, reached by phone on Friday morning, a day after the campaign let him go.
He added, "To the best of my knowledge, nobody took anything that would have given the (Sanders) campaign any benefit." ....
The Sanders campaign fired Uretsky over the breach. "That behavior is unacceptable and that staffer was fired immediately," Sanders' spokesman Michael Briggs said Thursday night.
Uretsky, who is experienced with the NGP-VAN system used by the DNC and has administered it before, said he first noticed the data breach on Wednesday morning [December 16].
"We investigated it for a short period of time to see the scope of the Sanders campaign's exposure and then the breach was shut down presumably by the vendor," he said. "We did not gain any material benefit."
According to the DNC, the Sanders campaign will remain suspended until it provides the DNC with a full explanation of the episode and provides proof that any improperly accessed data has been discarded.
Uretsky and his team notified people within the Sanders campaign of the breach on Wednesday and the news worked its way up the chain of command. After reporting it to the campaign, Uretsky said he intended to call the DNC to inform officials there. But before he could do that, the DNC called him.
"They called me fairly quickly after the breach was closed to inform me that there was something weird going on and that portions of the system were shut down," he said.
Uretsky says he got into the system to create a record to make it clear to anyone with NGP-VAN knowledge that he was "going through stuff that I wasn't supposed to have access to." ... The point: He wanted people with knowledge of the voter files to be able to clearly see that he was testing the depth of the breach.
"This wasn't the first time we identified a bad breach," he said, confirming to CNN that the Sanders campaign reported another breach to the DNC in October. "We reported it to them. They thanked us for reporting it and they told us the breach had been closed."
"In retrospect, I got a little panicky because our data was totally exposed, too," Uretsky said of how he handled the latest breach. " We had to have an assessment, and understand of how broad the exposure was and I had to document it so that I could try to calm down and think about what actually happened so that I could figure out how to protect our stuff."
Uretsky was informed at the end of the day on Thursday that his three-month stint at the campaign was over. The now-former Sanders staffer would not comment on whether other members of his team were involved in testing the breach.
Despite Uretsky's explanation -- which seems reasonable to outsiders -- the leadership inside Sanders campaign felt compelled to denounce and fire him. Apparently, the leadership knew that Urestsky's explanation was false.
The above CNN article mentions that Uretsky previously had "administered" the NGP-VAN software for the DNC. While in that position, he might have become friendly with some NGP-VAN software programmers who participated in the development of that application for the DNC.
=======
I speculate that a NGP VAN software programmer who supported Sanders had created the bug intentionally and had told his friend Uretsky how to exploit it. The programmer and Uretsky shared a resentment against the DNC for favoring Clinton unfairly over Sanders. The programmer and Uretsky felt justified in using Clinton's database files to help Sanders win elections.
I speculate further that on the morning of December 16, Uretsky said too much when he instructed three fellow staff members how to exploit the bug. Within four hours, at least one of those three staff members snitched to the campaign staff's leadership, which stopped the four culprits quickly and then fired Uretsky by the end of the day.
However, the DNC, the Sanders campaign staff, the Clinton campaign staff and NGP-VAN were not able to resolve the incident quietly, amicably and quickly. The DNC blocked the Sanders campaign staff from accessing even that staff's database files, and therefore the Sanders campaign staff initiated a lawsuit against the DNC. Meanwhile, the Clinton campaign staff sanctimoniously denounced the Sanders campaign staff.
At some point in time, the DNC hired the CrowdStrike computer-security company to investigate the incident. NGP-VAN was reduced to just an auxiliary role in the investigation and had to allow CrowdStrike to examine its computers, personnel and procedures.
The Uretsky affair became known to the public. The situation aggravated the resentments between Sanders' supporters, on one hand, and the DNC and Clinton's supporters, on the other hand.
=======
On the following day, December 17, the DNC blocked the Sanders campaign staff from accessing any of the DNC databases -- even the databases that belonged to the Sanders campaign staff. (Page 6)
In response to that blocking, the Sanders campaign staff filed a lawsuit against the DNC on December 18, 2015. The DNC soon removed the block, but the Sanders campaign staff did not terminate its lawsuit. The Sanders campaign staff maintained its lawsuit in place, but did not formally serve the lawsuit on the DNC until March 24, 2016, which was the deadline. If the Sanders staff had waited one day longer, them the lawsuit would have expired.
=======
I speculate:
The Sanders staff's lawsuit was just one part of a larger complaint that the DNC was treating the Sanders campaign unfairly. Even though the DNC removed the block within a few days, the Sanders campaign kept its lawsuit in effect for many months as part of a larger effort to pressure the DNC to treat Sanders fairly.
The Sanders campaign staff waited more than three months to serve the DNC with the lawsuit because the campaign staff wanted to delay the DNC's discovery process. The DNC knew that Uretsky had acted in collusion with an NGP VAN computer programmer, but the DNC did not know many details that the Sanders' campaign staff's leadership knew. The discovery process would enable the DNC to question Sanders' staff members and to study the Sanders' staff's files and correspondence.
The DNC exercised its discovery rights between March 24, when the DNC was served, and April 29, 2016, when the lawsuit was terminated. DNC shared its discovery findings with CrowdStrike.
For some Sanders-supporters, the fact that the DNC now was examining and searching the Sanders campaign staff's files aggravated resentments that the DNC was treating Sanders unfairly. In contrast, Clinton's campaign staff was not being examined and searched.
During the discovery process, the political circumstances were that from March 22 through April 9, 2016, the DNC conducted eight primary elections, and Sanders won seven of the eight elections. Specifically, Sanders won in Idaho, Utah, Alaska, Hawaii, Washington, Wisconsin and Wyoming -- and lost only in Arizona. Sanders' supporters felt that Sanders' campaign might be on the verge of passing Clinton decisively in the primary election race.
Perhaps a Sanders-supporter with the necessary computer skills decided that the time was ripe to discover information inside the Clinton campaign staff.
=======
On March 19 -- five days before the DNC was served with the lawsuit and thus became able to initiate its discovery within the Sanders campaign staff --
John Podesta received a phishing e-mail. At that time, Podesta was the chairman of Hillary Clinton's campaign staff. Podesta fell for the phish, and consequently his e-mail account was secretly hacked. Months later, In October and November 2016, thousands of e-mails from that account were revealed to the public, embarrassing Clinton and her campaign.
The hacker remains unknown, but Russian Intelligence was blamed by Clinton's supporters -- in particular, by Clinton's supporters in the US Intelligence Community.
Once the Uretsky affair is fully understood, however, suspicion about the Podesta hacking might be directed more fruitfully toward Sanders-supporting computer experts who were using their skills to defeat Clinton's political goals. Such a suspicion might encompass the murder of Seth Rich on July 10, 2016.
======
In order to conceal his own identity, a Sanders-supporting computer expert could have used a known Russian computer virus to hack into DNC computers. The CIA had assembled an archive of foreign computer viruses but had lost control of them during the year 2016. Journalist
Patrick Lawrence writes:
As WikiLeaks notes, the agency [the CIA] had “lost control of the majority of its hacking arsenal” .... There had been a massive leak, to put this point in simple terms. “The archive appears to have been circulated among former U.S. government hackers and contractors in an unauthorized manner,” WikiLeaks reported, “one of whom has provided WikiLeaks with portions of the archive.” This occurred at some point in 2016.
A hacker does not have to be a Russian Intelligence operative in order to use a computer virus that was developed by Russian Intelligence. If the CIA had included that virus in its "archive of foreign computer viruses" but had "lost control" of that archive, then the virus could be used by anyone with the necessary computer skills.
======
The Washington Post reported the termination of Sanders' lawsuit against the DNC on April 29, 2016,
as follows:
The announcement [to terminate the lawsuit] followed the completion of an outside investigation into the breach that found that four Sanders staffers had looked at unauthorized data related to 11 states over the course of an hour on the night of Dec. 16, according to a DNC summary of the findings. The DNC declined to release the study itself by the firm CrowdStrike.
In a statement, the Sanders campaign said the investigation confirmed its contention at the time that no one else in the campaign accessed the Clinton “scoring models” or had knowledge of the activity until well after the incident was over. One Sanders staffer was fired in December. ....
Luis Miranda, the DNC communications director, said that the CrowdStrike analysis "confirmed that the DNC's initial findings, which were the basis of the temporary shutdown in December, were accurate."
The investigation found that the four Sanders staffers conducted 25 searches on the Clinton data and exported one statistical summary of a search related to voters in New Hampshire. The Sanders campaign said it has not been able to locate that file and no one with the campaign has ever seen it.
Uretsky was not exonerated. His explanation that he had accessed the Clinton database innocently has not been confirmed. The public was not supposed to ponder the question of how Uretsky was able to and exploit the computer bug on the morning of December 16, 2015, the day when NGP VAN launched its software modification. Rather, the public is supposed to ponder only Russian hackers.
=======
On the late afternoon of Friday, April 29, 2016 -- the very same day when the Sanders campaign staff terminated its lawsuit that had been caused by a Sanders supporter's hack of the DNC's computers -- an unidentified FBI official conducted a conference call with two people:
1) an unidentified DNC staff member who managed the DNC computer system
2) Michael Sussman, a computer-security expert employed by the Perkins Coie law firm, which provided legal services to the DNC.
The FBI official discussed with them the FBI's suspicion that Russian Intelligence was hacking into the DNC computer system.
During the following weekend, April 30-May 1, Sussman called Shawn Henry, a CrowdStrike manager. Sussman arranged with Henry that CrowdStrike would study the alleged Russian Intelligence hack of DNC computers.
Keep in mind that CrowdStrike had just given the DNC a report of its investigation of the Uretsky affair. The public does not know when CrowdStrike had begun that investigation, but CrowdStrike had given its report to the DNC within a few days of the termination of Sanders' lawsuit on April 29. During that investigation, CrowdStrike must have examined the DNC computers.
It seems that CrowdStrike did not find any evidence of Russian computer viruses in the DNC's computers during that recent investigation. Now on about May 2, CrowdStrike would begin a new investigation looking for evidence that Russian Intelligence was hacking DNC computers, and this second investigation would find Russian Intelligence computer viruses.
It's no wonder that the CrowdStrike investigation of the Uretsky affair remains secret. When did that investigation begin and end? Did CrowdStrike look for and find any computer viruses? If so, then on what date and what viruses? Such information might provide the public with new perspectives.
=======
The FBI official already had contacted the DNC computer manager in about the third week of April 2016 to request DNC's computer server logs. Sussman had not participated in that conversation, but he had been told about it by the DNC computer manager. Sussman has testified (
Page 31):
There are two incidents. In maybe the third week of April [2016], I was told that the FBI was requesting some logs and to get involved and see what that was about.
And then the very last Friday in April [April 29, 2016] was when I was told that the DNC itself had discovered an intruder in the network and to get on that late-afternoon call on a Friday and to start dealing with it.
Based on that phone conversation with an FBI official on the late afternoon of Friday, April 29, Sussman contacted Shawn Henry, a CrowdStrike official, on Saturday or Sunday, April 30 or May 1, and asked that CrowdStrike examine the DNC computer server (
Page 14).
========
I speculate that the FBI came to suspect by the third week of April that the DNC computer server was being hacked by Russian Intelligence because of reports that had come from Christopher Steele through Gaeta to FBI Counterintelligence.
Steele did not begin writing his Dossier for Fusion GPS until June 2016, but Steele and Gaeta had begun collaborating in 2010. Steele suspected reflexively that Russian Intelligence might be the culprit in any odd political activities in Western politics. Gaeta made Steele a paid source in the fall of (
I think) 2015.
Steele might have read about the Uretsky affair and might have supected reflexively that Russian Intelligence was involved somehow. Then Steele easily could have concocted one of his reports, alleging that Steele had been informed by one of his sources in the Kremlin that Russian Intelligence had learned how Uretesky had hacked into the DNC computer.
Then Steele could have given his concocted report to Gaeta, who gave it to the FBI's Counterintelligence Chief, who believed the report and launched in investigation.
This suspicion that Russian Intelligence was hacking into the DNC computers was rather implausible. After all, Russian Intelligence has finite resources and many, various important concerns.
Keep in mind that the DNC is not an organization of the US Government. Rather, the DNC is a private, political organization that manages political election campaigns. At that particular time, the DNC's major activity was to manage the primary-election race between Hillary Clinton and Bernie Sanders. This race was reported and analyzed expertly and comprehensively by the USA's mass media.
Why would Russian Intelligence expend any manpower or other resources to study DNC files? The disagreements between Clinton and Sanders were not significantly about Russia. The Democrats had controlled foreign policy since the beginning of 2009, and during that time Clinton had been the Secretary of State. Very probably, Clinton would win the primary elections and then the general election and would become the US President and would continue her own previous policies in relation to Russia.
However, by the third week of April 2016, at least one FBI official became convinced that Russian Intelligence was hacking into DNC computers. This hacking was part of a dastardly plot in the Kremlin to cause Americans to lose faith in their Democracy and therefore to vote against Hillary Clinton.
And then CrowdStrike did find Russian Intelligence computer viruses on DNC computers -- proving to the FBI's CounterIntelligence chief that Steele indeed did have sources in the Kremlin
======