=======
In 2015 and 2016, a company called NGP VAN provided the software that controlled the voter database of the Democrat National Committee (DNC). On the morning of December 16, 2015, NGP VAN launched a modification of that software.
On that same morning, Josh Uretsky, a member of Sanders' campaign staff, exploited a bug in the modification and thus accessed some database files that belonged to Hillary Clinton's campaign staff. Uretsky instructed three fellow members of Sanders' campaign staff how to exploit the bug. Then those four Sanders staff members accessed and downloaded data from Clinton's database files for about 45 minutes. Within about four hours of the modification's launch, the improper exploitation of the bug was discovered and stopped.
 |
| Josh Uretsky |
CNN summarized the exploitation of the bug as follows:
The Sanders team ran multiple searches in Iowa, New Hampshire, Nevada, South Carolina and about ten March [primary election] states, including Florida and Colorado, after it noticed the error. One of the data sets it accessed was a Clinton spreadsheet that ranked voters' enthusiasm -- a potential opportunity for Sanders' campaign to target voters who were hesitant to support the former secretary of state.
The Guardian reported that the four culprits performed 25 searches and downloaded data during those 45 minutes.
The Sanders campaign staff fired Uretsky on that same day, December 16, and suspended the other three culprits in the following days.
Uretsky explained that his actions were innocent.
[Uretsky] told CNN ... that he was only trying to "understand how badly the Sanders campaign's data was exposed" and not attempting to take data from the Clinton campaign.
"We knew there was a security breach in the data, and we were just trying to understand it and what was happening," said Josh Uretsky, reached by phone on Friday morning, a day after the campaign let him go. He added, "To the best of my knowledge, nobody took anything that would have given the (Sanders) campaign any benefit." ....
The Sanders campaign fired Uretsky over the breach. "That behavior is unacceptable and that staffer was fired immediately," Sanders' spokesman Michael Briggs said Thursday night.
Uretsky, who is experienced with the NGP-VAN system used by the DNC and has administered it before, said he first noticed the data breach on Wednesday morning [December 16].
"We investigated it for a short period of time to see the scope of the Sanders campaign's exposure and then the breach was shut down presumably by the vendor," he said. "We did not gain any material benefit."
According to the DNC, the Sanders campaign will remain suspended until it provides the DNC with a full explanation of the episode and provides proof that any improperly accessed data has been discarded.
Uretsky and his team notified people within the Sanders campaign of the breach on Wednesday and the news worked its way up the chain of command. After reporting it to the campaign, Uretsky said he intended to call the DNC to inform officials there. But before he could do that, the DNC called him.
"They called me fairly quickly after the breach was closed to inform me that there was something weird going on and that portions of the system were shut down," he said.
Uretsky says he got into the system to create a record to make it clear to anyone with NGP-VAN knowledge that he was "going through stuff that I wasn't supposed to have access to." ... The point: He wanted people with knowledge of the voter files to be able to clearly see that he was testing the depth of the breach.
"This wasn't the first time we identified a bad breach," he said, confirming to CNN that the Sanders campaign reported another breach to the DNC in October. "We reported it to them. They thanked us for reporting it and they told us the breach had been closed."
"In retrospect, I got a little panicky because our data was totally exposed, too," Uretsky said of how he handled the latest breach. " We had to have an assessment, and understand of how broad the exposure was and I had to document it so that I could try to calm down and think about what actually happened so that I could figure out how to protect our stuff."
Uretsky was informed at the end of the day on Thursday that his three-month stint at the campaign was over. The now-former Sanders staffer would not comment on whether other members of his team were involved in testing the breach.
Despite Uretsky's explanation -- which seems reasonable to outsiders -- the leadership inside Sanders campaign felt compelled to denounce and fire him. Apparently, the leadership knew that Urestsky's explanation was false.
The above CNN article mentions that Uretsky previously had "administered" the NGP-VAN software for the DNC. While in that position, he might have become friendly with some NGP-VAN software programmers who participated in the development of that application for the DNC.
=======
I speculate that a NGP VAN software programmer who supported Sanders had created the bug intentionally and had told his friend Uretsky how to exploit it. The programmer and Uretsky shared a resentment against the DNC for favoring Clinton unfairly over Sanders. The programmer and Uretsky felt justified in using Clinton's database files to help Sanders win elections.
I speculate further that on the morning of December 16, Uretsky said too much when he instructed three fellow staff members how to exploit the bug. Within four hours, at least one of those three staff members snitched to the campaign staff's leadership, which stopped the four culprits quickly and then fired Uretsky by the end of the day.
However, the DNC, the Sanders campaign staff, the Clinton campaign staff and NGP-VAN were not able to resolve the incident quietly, amicably and quickly. The DNC blocked the Sanders campaign staff from accessing even that staff's database files, and therefore the Sanders campaign staff initiated a lawsuit against the DNC. Meanwhile, the Clinton campaign staff sanctimoniously denounced the Sanders campaign staff.
At some point in time, the DNC hired the CrowdStrike computer-security company to investigate the incident. NGP-VAN was reduced to just an auxiliary role in the investigation and had to allow CrowdStrike to examine its computers, personnel and procedures.
The Uretsky affair became known to the public. The situation aggravated the resentments between Sanders' supporters, on one hand, and the DNC and Clinton's supporters, on the other hand.
=======
On the following day, December 17, the DNC blocked the Sanders campaign staff from accessing any of the DNC databases -- even the databases that belonged to the Sanders campaign staff. (Page 6)
In response to that blocking, the Sanders campaign staff filed a lawsuit against the DNC on December 18, 2015. The DNC soon removed the block, but the Sanders campaign staff did not terminate its lawsuit. The Sanders campaign staff maintained its lawsuit in place, but did not formally serve the lawsuit on the DNC until March 24, 2016, which was the deadline. If the Sanders staff had waited one day longer, them the lawsuit would have expired.
=======
I speculate:
The Sanders staff's lawsuit was just one part of a larger complaint that the DNC was treating the Sanders campaign unfairly. Even though the DNC removed the block within a few days, the Sanders campaign kept its lawsuit in effect for many months as part of a larger effort to pressure the DNC to treat Sanders fairly.
The Sanders campaign staff waited more than three months to serve the DNC with the lawsuit because the campaign staff wanted to delay the DNC's discovery process. The DNC knew that Uretsky had acted in collusion with an NGP VAN computer programmer, but the DNC did not know many details that the Sanders' campaign staff's leadership knew. The discovery process would enable the DNC to question Sanders' staff members and to study the Sanders' staff's files and correspondence.
The DNC exercised its discovery rights between March 24, when the DNC was served, and April 29, 2016, when the lawsuit was terminated. DNC shared its discovery findings with CrowdStrike.
For some Sanders-supporters, the fact that the DNC now was examining and searching the Sanders campaign staff's files aggravated resentments that the DNC was treating Sanders unfairly. In contrast, Clinton's campaign staff was not being examined and searched.
During the discovery process, the political circumstances were that from March 22 through April 9, 2016, the DNC conducted eight primary elections, and Sanders won seven of the eight elections. Specifically, Sanders won in Idaho, Utah, Alaska, Hawaii, Washington, Wisconsin and Wyoming -- and lost only in Arizona. Sanders' supporters felt that Sanders' campaign might be on the verge of passing Clinton decisively in the primary election race.
Perhaps a Sanders-supporter with the necessary computer skills decided that the time was ripe to discover information inside the Clinton campaign staff.
=======
As WikiLeaks notes, the agency [the CIA] had “lost control of the majority of its hacking arsenal” .... There had been a massive leak, to put this point in simple terms. “The archive appears to have been circulated among former U.S. government hackers and contractors in an unauthorized manner,” WikiLeaks reported, “one of whom has provided WikiLeaks with portions of the archive.” This occurred at some point in 2016.
The announcement [to terminate the lawsuit] followed the completion of an outside investigation into the breach that found that four Sanders staffers had looked at unauthorized data related to 11 states over the course of an hour on the night of Dec. 16, according to a DNC summary of the findings. The DNC declined to release the study itself by the firm CrowdStrike.
In a statement, the Sanders campaign said the investigation confirmed its contention at the time that no one else in the campaign accessed the Clinton “scoring models” or had knowledge of the activity until well after the incident was over. One Sanders staffer was fired in December. ....
Luis Miranda, the DNC communications director, said that the CrowdStrike analysis "confirmed that the DNC's initial findings, which were the basis of the temporary shutdown in December, were accurate."
The investigation found that the four Sanders staffers conducted 25 searches on the Clinton data and exported one statistical summary of a search related to voters in New Hampshire. The Sanders campaign said it has not been able to locate that file and no one with the campaign has ever seen it.
Uretsky was not exonerated. His explanation that he had accessed the Clinton database innocently has not been confirmed. The public was not supposed to ponder the question of how Uretsky was able to and exploit the computer bug on the morning of December 16, 2015, the day when NGP VAN launched its software modification. Rather, the public is supposed to ponder only Russian hackers.
=======
On the late afternoon of Friday, April 29, 2016 -- the very same day when the Sanders campaign staff terminated its lawsuit that had been caused by a Sanders supporter's hack of the DNC's computers -- an unidentified FBI official conducted a conference call with two people:
1) an unidentified DNC staff member who managed the DNC computer system
2) Michael Sussman, a computer-security expert employed by the Perkins Coie law firm, which provided legal services to the DNC.
The FBI official discussed with them the FBI's suspicion that Russian Intelligence was hacking into the DNC computer system.
During the following weekend, April 30-May 1, Sussman called Shawn Henry, a CrowdStrike manager. Sussman arranged with Henry that CrowdStrike would study the alleged Russian Intelligence hack of DNC computers.
Keep in mind that CrowdStrike had just given the DNC a report of its investigation of the Uretsky affair. The public does not know when CrowdStrike had begun that investigation, but CrowdStrike had given its report to the DNC within a few days of the termination of Sanders' lawsuit on April 29. During that investigation, CrowdStrike must have examined the DNC computers.
It seems that CrowdStrike did not find any evidence of Russian computer viruses in the DNC's computers during that recent investigation. Now on about May 2, CrowdStrike would begin a new investigation looking for evidence that Russian Intelligence was hacking DNC computers, and this second investigation would find Russian Intelligence computer viruses.
It's no wonder that the CrowdStrike investigation of the Uretsky affair remains secret. When did that investigation begin and end? Did CrowdStrike look for and find any computer viruses? If so, then on what date and what viruses? Such information might provide the public with new perspectives.
=======
There are two incidents. In maybe the third week of April [2016], I was told that the FBI was requesting some logs and to get involved and see what that was about.And then the very last Friday in April [April 29, 2016] was when I was told that the DNC itself had discovered an intruder in the network and to get on that late-afternoon call on a Friday and to start dealing with it.
No comments:
Post a Comment