The deranged conspiracy theory
Julian Sanchez from Cato writes:
Donald Trump is still searching for “The Server“. On Friday morning, the United States president phoned in to his favourite cable news program, Fox and Friends, to make a series of false claims about the cyberattack on the Democratic National Committee’s (DNC) computer systems perpetrated by Russian hackers, as part of their elaborate efforts to interfere with the 2016 presidential election.
After the attack, Trump claimed, the DNC “gave the server to CrowdStrike, which is a company owned by a very wealthy Ukrainian. I still want to see that server. The FBI has never gotten that server. That’s a big part of this whole thing.”
Every part of what Trump said was false – including the claim that the California-based cybersecurity firm CrowdStrike, hired by the DNC when it discovered the infiltration of its systems, is owned by a “wealthy Ukrainian”.
It’s one thing to be initially mistaken. But Trump has spent months pursuing this conspiracy theory, which is so easily debunked. The ownership of Crowdstrike is a verifiable fact. It’s disturbing when anyone chooses to believe a conspiracy theory over a verifiable fact, but more so when they have nuclear weapons.
The “server” conspiracy theory is baseless for at least five reasons.
First, “the server” doesn’t even exist. The DNC relies on a cloud-based email system consisting of some 140 physical servers. And as Robert Mueller’s report on Russian interference explained, the military unit behind the cyberattacks “compromised more than 30 computers on the DNC network”, as well as another 29 owned by the Democratic Congressional Campaign Committee.
Second, it is not unusual that the FBI did not cart off the physical machines affected by Russian attack. As a rule, law enforcement does not seize the property of crime victims unless it’s necessary, and when it comes to digital evidence, it is often unnecessary.
In this case, the company CrowdStrike provided the FBI with digital images of the hacked DNC computers. Asking why the FBI didn’t take the physical computers is like wondering why someone has emailed you a file rather than shipping you their entire laptop.
Third, the information most useful to the FBI would be in the images created by CrowdStrikeduring their efforts to expel the foreign intruders.
Examining the computers after the fact – after the dust had settled and the hackers’ malware had been removed – would have provided far fewer insights than observing them in action.
Fourth, it is clear from both the Mueller report and the special counsel’s indictment of Russian officials charged with the hack that forensic evidence from DNC computers was a relatively small piece of the puzzle.
The evidence of Russian responsibility for the hack is both overwhelming and derived from many sources: It is not based merely on analysis of the DNC’s servers.
Fifth and finally, one element of the theory seemingly original to Trump is the odd and inexplicable notion that CrowdStrike is a Ukrainian company.
The firm – which was only hired by the DNC, but also the Republican Congressional Campaign Committee when its computer network was penetrated – is based in California. One of its co-founders was born in Russia, not Ukraine, and moved to the United States as a teenager nearly 25 years ago.
Crowdstrike is not owned by a Ukranian. It has multiple investors including Google and Telstra.
Perhaps even more concerning, the obsession with the server is a sign that Trump continues to reject the unanimous conclusion – again, not only of the American intelligence community, but of Republicans in Congress – that Russia was responsible for the DNC attacks.
This does not bode well for efforts to secure our elections against another attack in 2020 – a topic Homeland Security officials have apparently been warned not to raise in Trump’s presence, lest it anger the president.
Election security is a hard problem under the best of circumstances – and harder still when the boss refuses to acknowledge the problem exists.
What do you do when your boss refuses to read reports or accept facts?