Asked whether he believed U.S. intelligence agencies or Russian President Vladimir Putin on whether Russia meddled in the 2016 election, President Donald Trump declined to directly respond. Instead, he raised questions about the Russia investigation, including referring to a conspiracy theory that was shot down by his own Justice Department.
- Trump implied that the FBI’s investigation was compromised by the Democratic National Committee’s refusal to turn over its servers. But the former FBI director testified last year that it did not hurt the investigation — a statement since supported by last week’s indictment against 12 Russian military intelligence agents.
- The president also claimed there were “missing” servers associated with a “Pakistani gentleman that worked on the DNC.” But the Justice Department has charged that man with bank fraud. It said there was “no evidence” to various allegations surrounding the case about stolen congressional equipment or documents.
In a joint press conference with Putin after the two men met privately in Helsinki on July 16, Trump was asked by a reporter, “Who do you believe?” — Putin or U.S. intelligence agencies. In his answer, Trump said: “I have great confidence in my intelligence people but I will tell you that President Putin was extremely strong and powerful in his denial today.” Here’s the full question and response:
Reporter, July 16: Just now, President Putin denied having anything to do with the election interference in 2016. Every U.S. intelligence agency has concluded that Russia did. What — who — my first question for you, sir, is who do you believe? My second question is would you now, with the whole world watching, tell President Putin, would you denounce what happened in 2016 and would you warn him to never do it again?
Trump: So let me just say that we have two thoughts. You have groups that are wondering why the FBI never took the server. Why haven’t they taken the server? Why was the FBI told to leave the office of the Democratic National Committee?
I’ve been wondering that, I’ve been asking that for months and months and I’ve been tweeting it out and calling it out on social media. Where is the server? I want to know where is the server and what is the server saying?
With that being said, all I can do is ask the question. My people came to me, [Director of National Intelligence] Dan Coates came to me and some others, they said they think it’s Russia. I have President Putin; he just said it’s not Russia. I will say this: I don’t see any reason why it would be. But I really do want to see the server.
But I have — I have confidence in both parties. I — I really believe that this will probably go on for a while, but I don’t think it can go on without finding out what happened to the server. What happened to the servers of the Pakistani gentleman that worked on the DNC? Where are those servers? They’re missing; where are they? What happened to Hillary Clinton’s e-mails? 33,000 e-mails gone — just gone. I think in Russia they wouldn’t be gone so easily. I think it’s a disgrace that we can’t get Hillary Clinton’s 33,000 e-mails.
I have great confidence in my intelligence people but I will tell you that President Putin was extremely strong and powerful in his denial today and what he did is an incredible offer. He offered to have the people working on the case come and work with their investigators, with respect to the 12 people. I think that’s an incredible offer. Ok? Thank you.
We’ll explain the facts regarding the DNC server, the “Pakistani gentleman” and Clinton’s emails.
‘Where Is the Server?’
One of the ways that the president cast doubt on the FBI’s investigation of Russia was to question why the Democratic National Committee refused to give federal investigators access to the computer server that had been breached by hackers.
It’s true that the FBI never got access to the DNC computer server. It is also true that Trump has been “calling it out on social media” for many months.
But there is no evidence that the FBI’s failure to obtain the server hurt its investigation into Russian hackers.
James Comey, the FBI director at the time, testified before Congress on March 20, 2017, that investigators would have preferred to have access to the server, but it received “an appropriate substitute” in the form of a forensic report in June 2016 from a well-respected private cybersecurity company hired by the DNC.
Here is Comey’s exchange with Rep. Will Hurd, a Republican of Texas, about the DNC server.
Hurd, March 20: Have you been able to — when did the DNC provide access for — to the FBI for your technical folks to review what happened?
Comey: We never got direct access to the machines themselves. The DNC, in the spring of 2016, hired a firm that ultimately shared with us their forensics from their review of the system.
Hurd: [National Security Agency] Director [Michael] Rogers, did the NSA ever get access to the DNC hardware?
Rogers: The NSA didn’t ask for access. That’s not in our job — .
Hurd: Good copy. So, director, FBI notified the DNC early, before any information was put on WikiLeaks and when — you have still been — never been given access to any of the technical or the physical machines that were — that were hacked by the Russians.
Comey: That’s correct although we got the forensics from the pros that they hired which — again, best practice is always to get access to the machines themselves, but this — my folks tell me was an appropriate substitute.
In a Senate hearing two months earlier, Comey had described CrowdStrike as “a highly respected private company.” He said that his office made “multiple requests” for access to the DNC server, but “what was agreed to is the private company would share with us what they saw.”
Comey’s testimony that CrowdStrike’s forensic report was “an appropriate substitute” has been borne out by the July 13 indictment of 12 members of GRU, the Russian military intelligence agency. (The indictment comes five months after the Department of Justice announced the indictment of 13 Russian nationals and three Russian-based companies, including the Internet Research Agency, for illegally operating an extensive pro-Trump social media campaign during the 2016 election.)
In a press release announcing the latest indictment, the Department of Justice said the GRU officers “engaged in a sustained effort to hack into the computer networks of the Democratic Congressional Campaign Committee, the Democratic National Committee, and the presidential campaign of Hillary Clinton.”
The indictment details how and when the Russian agents breached the servers of the DNC, DCCC and the Clinton campaign, and what information they stole.
For example, the indictment alleges that Aleksey Viktorovich Lukashev used the account “john356gh” at a URL-shortening service to send a spearfishing email to John Podesta, the chairman of the Clinton campaign.
“Lukashev altered the appearance of the sender email address in order to make it look like the email was a security notification from Google (a technique known as ‘spoofing’), instructing the user to change his password by clicking the embedded link,” the indictment said.
The ruse worked. Podesta changed his password, and the Russians stole more than 50,000 of his emails on or about March 21, 2016, the indictment says.
The indictment also details how the Russian agents allegedly moved the data from the Democratic computers to the Russian servers. The Russians used malware known as X-Tunnel to move stolen documents from the DNC through encrypted channels to a leased computer located in Illinois.
David P. Fidler, a professor of law at Indiana University Bloomington and cybersecurity expert at the Council on Foreign Relations, cited the details contained in the indictment as evidence that the FBI was able to determine who hacked the DNC servers without having access to the server.
“Many commentators noted how detailed the indictment is, demonstrating not only the quality of the information gathered but also the DOJ’s belief the evidence would stand up in a court of law under the criminal standard of ‘beyond a reasonable doubt,’” Fidler told us.
John Villasenor, a professor at UCLA and a nonresident senior fellow in Governance Studies and the Center for Technology Innovation at Brookings, and Andreas Haeberlen, an associate professor of computer and information science at the University of Pennsylvania, both said that in general it would be better for investigators to have access to a computer server that had been hacked.
“As a general matter, if there is concern that a system has been hacked, the effectiveness of the investigation will be maximized if investigators have access to as many of the components of the system as possible,” Villasenor said.
Comey made a similar point during his testimony, but as Haeberlen noted, Comey also expressed high regard for CrowdStrike.
“If the FBI knew and trusted the company that did the analysis, and if the analysis was done using tools that were comparable to the ones the FBI itself would have used, then it doesn’t seem unreasonable to rely on that analysis instead of re-doing it in-house,” Haeberlen said. “The fact that Comey refers to them as professionals … and the fact that the FBI’s own experts apparently didn’t have any issues with the report … suggests that this was indeed the case.”
For more on the FBI’s Russia investigation, see our timeline on key events.
The ‘Pakistani Gentleman’
In continuing to ask “where are those servers,” Trump mentioned “a Pakistani gentleman that worked on the DNC.”
Trump, July 16: What happened to the servers of the Pakistani gentleman that worked on the DNC? Where are those servers? They’re missing. Where are they? What happened to Hillary Clinton’s emails? 33,000 emails gone, just gone. I think in Russia they wouldn’t be gone so easily.
The president has mentioned this before, referring to a “Pakistani mystery man” in a tweet in April, and using the man’s name in a June 7 tweet:
The U.S. Department of Justice struck a plea deal on July 3 with former congressional IT staffer Imran Awan, who pleaded guilty to making a false statement on an application for a home equity line of credit. The plea document, written by U.S. Attorney Jessie K. Liu, who was nominated by Trump, shot down theories that claimed Awan had stolen computer equipment or government information. Trump himself, in his April tweet, claimed that Awan held “documents.”
But Trump’s DOJ said in its letter to Awan’s attorney that it had investigated public allegations about stolen equipment or illegal actions with House computer systems, and it found “no evidence” that Awan had engaged in such activity.
Department of Justice letter, Re: United States v. Imran Awan, July 3: The Government conducted a thorough investigation of those allegations, including interviewing approximately 40 witnesses; taking custody of the House Democratic Caucus server, along with other computers, hard drives, and electronic devices; examining those devices, including inspecting their physical condition and analyzing log-in and usage data; reviewing electronic communications between pertinent House employees; consulting with the House Office of General Counsel and House information technology personnel to access and/or collect evidence; and questioning your client during numerous voluntary interviews. The Government has uncovered no evidence that your client violated federal law with respect to the House computer systems. Particularly, the Government has found no evidence that your client illegally removed House data from the House network or from House Members’ offices, stole the House Democratic Caucus Server, stole or destroyed
House information technology equipment, or improperly accessed or transferred government information, including classified or sensitive information.
In February 2017, news broke that the U.S. Capitol Police were investigating allegations that five individuals had stolen equipment and violated House IT policies. They included Awan and family members who worked for multiple House lawmakers.
Awan worked partly for the offices of Rep. Debbie Wasserman Schultz, who was the chair of the Democratic National Committee from 2011 to the summer of 2016. Wasserman Schultz didn’t fire Awan until July 2017, when he was arrested and charged with bank fraud. An affidavit in the case said Awan and his wife, who are from Pakistan, fraudulently used a rental property, as opposed to a primary residence, to secure a home equity line of credit and subsequently wired the money to Pakistan.
Wasserman Schultz, who told the Sun Sentinel in 2017 that she had concerns about racial and ethnic profiling in the case, faced criticism for not firing Awan sooner. And the investigation sparked conspiracies alleging Awan had something to do with the hacking of DNC computer systems — hacking that the U.S. intelligence agencies have attributed to Russia.
BuzzFeed News detailed the evolution of the conspiracy theories in 2017, finding that even Fox News’ Geraldo Rivera floated the allegation that Awan could have given the hacked DNC emails to WikiLeaks.
Wasserman Schultz told the Florida newspaper that Awan had never worked for the DNC. More important, Trump’s own Justice Department, in its plea letter, debunked claims that Awan had stolen equipment, information or documents from the government.
As for Trump’s reference to Clinton’s 33,000 missing emails, the president was referring to the Democratic presidential nominee’s use of a private email server when she was secretary of state.
In 2014, at the request of the State Department, Clinton turned over about 30,000 work-related emails that she sent or received while secretary of state on her private server and ordered another nearly 32,000 emails deleted that she said were personal. During the campaign, Trump accused Clinton of destroying work-related emails that should have been turned over to the State Department and reviewed by the FBI during its investigation into her handling of classified information.
At a July 5, 2016, press conference, where he announced that the FBI would recommend that no charges be filed against Clinton, Comey said the FBI had recovered “several thousand” work-related emails that had not been turned over to the State Department. But the agency “found no evidence that any of the additional work-related emails were intentionally deleted in an effort to conceal them.”
— Eugene Kiely and Lori Robertson, with Robert Farley