The claim that Russian intelligence officials hacked emails from the DNC server that were later published by Wikileaks is a core tenet of the belief that the Trump campaign colluded with Russia in the 2016 election.
But more than three years later, no forensic evidence has been produced to back the claim. And now an investigation by two cyber-security and intelligence experts has concluded the hard evidence indicates the files were not breached via the internet but downloaded onto a portable storage device.
The conclusion by William Binney, a former intelligence official with the National Security Agency, and former CIA analyst Larry Johnson was reported exclusively by the Gateway Pundit blog.
Binney and Johnson argue in their report that the National Security Agency has the technical capacity to prove whether or not the Russians hacked the DNC network through the internet. But the January 2017 “Intelligence Community Assessment” says the NSA had “moderate confidence” in the assessment that the Russians “aspired” to help Trump win by “discrediting Secretary Clinton.”
They write: “The phrase ‘moderate confidence’ is intelligence speak for ‘we have no hard evidence.’”
“Thanks to the leaks by Edward Snowden, we know with certainty that the NSA had the capability to examine and analyze the DNC emails,” the intelligence experts argue.
“If those emails had been hijacked over the internet then NSA also would have been able to track the electronic path they traveled over the internet,” they emphasized. “This kind of data would allow the NSA to declare without reservation or caveat that the Russians were guilty.”
They point out that if the NSA had hard intelligence to support the intelligence assessment, the conclusion would have been stated as “full confidence.”
The intelligence experts believe special counsel Robert Mueller “faces major embarrassment” if he decides to pursue the indictment he filed accusing 12 Russian military personnel and “Guccifer 2.0” of the DNC hack.
That’s because the available forensic evidence indicates the emails were copied onto a storage device, they write.
The indictment says the Russians engaged in a “spearphishing” attack in which a spoof email lures a recipient into clicking on a link that introduces malware giving access to an email account.
But Binney and Johnson contend an examination of the Wikileaks DNC files does not support the claim that the files were obtained via the internet.
The key, they say, is the evidence that the files appear to be in the File Allocation Table, or FAT, computer file system format.
If they are FAT files, they must have been transferred to a storage device, such as a thumb drive.
How do they know they are FAT files?
“The truth lies in the ‘last modified’ time stamps on the Wikileaks files,” they write.
They explain that in the FAT system, the times stamped on the files are rounded up to the next even number.
“We have examined 500 DNC email files stored on Wikileaks and all 500 files end in an even number,” they write.
“If a system other than FAT had been used, there would have been an equal probability of the time stamp ending with an odd number. But that is not the case with the data stored on the Wikileaks site. All end with an even number.”
They reason that the random probability that FAT was not used is 1 chance in 2 to the 500th power.
“This data alone does not prove that the emails were copied at the DNC headquarters. But it does show that the data/emails posted by Wikileaks did go through a storage device, like a thumbdrive, before Wikileaks posted the emails on the World Wide Web.”
They say they also tested the hypothesis that Wikileaks could have manipulated the files to produce the FAT result by comparing the DNC email files with the Podesta emails released Sept. 21, 2016.
They found that the FAT file format is not present in the Podesta files.
“If Wikileaks employed a standard protocol for handling data/emails received from unknown sources we should expect the file structure of the DNC emails to match the file structure of the Podesta emails,” they write. “The evidence shows otherwise.”
‘Simple matter of mathematics and physics’
In addition, Binney, a former technical director of the National Security Agency, and other intelligence experts examined emails posted by Guccifer 2.0 and concluded they could not have been downloaded over the internet as the result of a spearphishing attack.