The “Hack” of the DNC – What I Think REALLY Happened
My contention is that US intelligence tipped off the DNC that one of their employees was planning to leak their emails to Wikileaks, and that the DNC then brought in their computer consultants Crowdstrike to manage the situation. They then hit on the stratagem of blaming the Russian government for a hack of the DNC, such that “the Russians” could be blamed as the source of the DNC emails that they expected that Wikileaks would be publishing. This narrative would enable the media to focus on the evil Russkies and their partner-in-crime Assange, while ignoring the incriminating content of the emails. Crowdstrike then faked evidence of a late spring hack of the DNC by APT28/Fancy Bear by implanting malware on the DNC server.
When Assange subsequently announced, on June 12, 2016, that Wikileaks would soon be releasing “material related to Hillary”, DNC/Crowdstrike then reasonably concluded that these would be DNC emails. So two days later, Crowdstrike publicly announced that the DNC had been hacked – likely by Russian intelligence – and that the hackers had taken, among other things, a Trump Oppo Research document. The next day the persona Guccifer 2.0 – an evident creation of Crowdstrike – pops up for the first time, proclaiming that he has hacked the DNC and furnished the contents to Wikileaks – referring to Assange’s statement 3 days earlier. G2.0 then posted several allegedly purloined documents – including the Trump Oppo Research document mentioned by Crowdstrike (albeit this document subsequently was shown to have been obtained from Podesta’s emails, not the DNC!) – to which he intentionally added “Russian fingerprints”, so that cyberanalysts would conclude that he was Russian. G2.0 later made a point of contacting Wikileaks to offer allegedly hacked documents - the intent being to leave an evidence trail that subsequent investigators (i.e. Mueller’s team) could point to as evidence that G2.0 had indeed transferred to Wikileaks the DNC emails which Wikileaks subsequently published. (Mueller’s tale of this transfer, however, lacks any credibility.)
This reconstruction of events is rooted in the thesis that G2.0 is a creation of Crowdstrike – likely of Crowdstrike co-founder Shawn Henry, who had previously acted as chief of counterintelligence while he served under Bob Mueller at the FBI. In this capacity, Henry had prior experience creating false on-line personas which were used in entrapment operations that snared some high-profile hackers.
Given the fact that, in light of much compelling cyberevidence, G2.0 is clearly NOT a Russian hacker, but rather operates in US time zones; and in light of the evident collusion of Crowdstrike and G2.0 in the release of the Trump Oppo Research document (NOT obtained from the DNC!), the notion that Crowdstrike created the false persona G2.0 is highly logical.
The reason I think my reconstruction of events is likely right is that, on June 12, Assange DID NOT state that he was going to be releasing DNC emails – yet Crowdstrike and G2.0 evidently knew that this was precisely what Wikileaks was going to release. How so? Sy Hersh’s source inside the FBI indicated that, prior to transferring the bulk of DNC emails to Wikileaks via a drop box, Seth Rich had been in contact with Wikileaks, offering them a sample of DNC emails, and promising a large batch in return for payment.
It is almost certainly the case that the NSA is carefully monitoring communications to and from Wikileaks. Therefore, the NSA would have learned about Seth’s plan to sell a large batch of DNC emails to Wikileaks. It is entirely plausible that the NSA, either directly or indirectly, could have tipped off the DNC about the impending leak – without telling them the name of the leaker, as this would require an unmasking protocol. That’s when the DNC brought in Crowdstrike, and they decided to blame Russian hacking for the release, rather than a disgruntled leaker.
While it is theoretically possible that the DNC had been tipped off about a potential leaker at just about the same time as a hacker had breached the DNC computers using APT28 malware, this would be quite a coincidence. It seems more reasonable to conclude that the so-called hack was in fact concocted by Crowdstrike as part of the scheme to blame Russian hacking for the impending Wikileaks release. And this accords well with cyberevidence that 2 of the 3 pieces of malware allegedly found on the DNC computers had compilation dates POST-DATING the entry of Crowdstrike into the DNC system in early May. In other words, it is reasonable to suspect that Crowdstrike constructed much of the malware they allegedly “found” on the DNC computers AFTER they purportedly had been brought in to investigate a new hack.
Granted, it is theoretically possible that the DNC had been hacked with APT28 malware in late April/early May 2016 by outside actors. But it should be noted that this malware is available to a range of hacker groups, and its use does not prove the involvement of Russian intelligence. And if Russian intelligence WERE responsible for such a hack, why hasn't the NSA stepped forth with conclusive evidence documenting this - as Bill Binney has often noted?