The Justice Department is defending the role played by cybersecurity firm CrowdStrike and by the FBI in determining that Russia hacked Democratic systems in 2016, assuring Congress it got the information it needed to carry out its investigation into Russian interference.
Adam Hickey, the deputy assistant attorney general for the DOJ’s National Security Division, made the comments while appearing on a panel before the House Judiciary Committee on Tuesday to discuss election security for the upcoming 2020 presidential election. President Trump has long said he believes in a conspiracy theory that posits without evidence CrowdStrike is owned by a wealthy Ukrainian and that a missing DNC server is hidden in Ukraine.
“Looking back at the FBI’s activities investigating the 2016 election, it has been reported that the FBI never obtained the original servers from the Democratic National Committee that had allegedly been hacked by Russia, instead relying upon imaged copies,” Arizona Republican Debbie Lesko asked. “First of all, is that correct?”
Hickey replied that federal investigators were able to obtain evidence on Russian interference, noting that “it’s pretty common for us to work with a security vendor in connection with an investigation of a computer intrusion,” a reference to CrowdStrike.
(…) Former FBI Director James Comey told Congress in early 2017 that “our forensics folks would always prefer to get access to the original device or server that’s involved” and testified a few months later that his FBI investigative team “had gotten the information from the private party [CrowdStrike] that they needed to understand the intrusion.”
The U.S. Intelligence Community and special counsel Robert Mueller agreed with CrowdStrike’s assessment that the Russian government hacked the DNC. The DOJ has argued in court that Mueller’s investigation did not rely solely on CrowdStrike’s determinations but rather uncovered evidence of their own pointing to Russia during the investigation.
Lesko followed up on Tuesday by asking whether CrowdStrike “still has possession of the Clinton servers,” and Hickey said he didn’t know.
The DNC claimed in 2018 court filings that the Russian hack in 2016 led them to “decommission more than 140 servers, remove and reinstall all software, including the operating systems, for more than 180 computers, and rebuild at least 11 servers.” (Read more: Washington Examiner, 10/23/2019) (Archive)