In his July 25 call with Ukrainian President Volodymyr Zelensky, Trump seems to be making reference to strands of conspiracy theories widely spread on right-wing media and conspiracy sites that posit CrowdStrike, which investigated the Democratic National Committee breach, was actually colluding with the DNC to fake the breach — and that a server with evidence of this crime is currently in Ukraine.

AD

AD

Trump muddied the waters even more during a news conference with Zelensky yesterday by saying that 30,000 deleted emails from his 2016 rival Hillary Clinton’s personal server — which was entirely separate from the DNC servers — “could very well” be in Ukraine as well.

Trump’s efforts to enlist a foreign government to dig up dirt on his political rival Joe Biden that prompted Democratic lawmakers to launch impeachment proceedings. But the fact that Trump is still suggesting there's some sort of frame job in election interference has officials and cybersecurity experts just as irate.

“The fact that the president of the United States, contrary to all evidence from his own government and allied governments, is talking about this now is absurd,” Peter Singer, a cyberwar expert and senior fellow at the New America think tank, told me. “The attribution to Russia was a debate to have in 2016 but based on what we know now it’s inarguable.”

AD

AD

That refusal isn’t just a presidential affront to the U.S. intelligence agencies that agreed Russia interfered in the election to help Trump's campaign: Security officials have long warned that the commander-in-chief's skepticism serves as a wink to Russia and other U.S. adversaries that they can interfere in 2020 and get away with it.

DNC spokeswoman Xochitl Hinojosa called it “surreal” on Twitter that Trump hadn’t accepted Russia’s role in the DNC breach in a fairly recent private call with a foreign leader.

Michael Carpenter, a former top Pentagon official who runs the Penn Biden Center for Diplomacy and Global Engagement at the University of Pennsylvania, which is named for the former vice president, called it “incredible” that Trump was still trying to “undermine charges of Russia's DNC hacking.”

Johns Hopkins University cybersecurity professor Thomas Rid noted that "none of this appears to have any basis in reality."

Trump’s comments to Zelensky were not verbatim in the rough transcript the White House provided, leaving it unclear precisely what he believes about the DNC breach. They were paraphrased by the note takers and include confusing partial sentences: “I would like you to find out what happened with this whole situation with Ukraine, they say CrowdStrike … I guess you have one of your wealthy people … The server, they say, Ukraine has it.”

AD

AD

But it's clear he was serious about Ukraine's investigation: “I would like to have the Attorney General call you or your people and I would like you to get to the bottom of it,” he told Zelensky.

As my colleagues Craig Timberg, Drew Harwell and Ellen Nakashima reported in an exhaustive accounting of the theory’s many strands, the president is winking at several ideas that are highly implausible or provably false.

The conspiracy theories involving CrowdStrike stem from Breitbart News stories, Reddit threads and from the criminal trial of his friend Roger Stone and show “the shape-shifting nature of misinformation as it moves across media, mixing fact with innuendo before ultimately reaching the president — owner of the world’s loudest megaphone,” Craig, Drew and Ellen report.

AD

AD

Trump's reference to “one of your wealthy people” seems to nod at Dmitri Alperovitch, a Russia-born cybersecurity and national security expert who is a U.S. citizen, who co-founded the Sunnyvale, Calif.-based company. The Ukraine connection got legs, however, because Alperovitch “is also a senior fellow at the Atlantic Council, a major Washington think tank whose donors include the foundation of Viktor Pinchuk, a Ukrainian billionaire,” my colleagues reported.

And “while it’s true that the FBI did not take custody of the affected servers [from the 2016 hack,] people familiar with FBI hack investigations say the agency often relies on forensic analysis by outside firms, including CrowdStrike, which is among the nation’s most prominent, having handled North Korea’s hack of Sony Pictures in 2014, among others,” my colleagues reported.

“The FBI felt it was not necessary to enter the DNC's premises and take custody of the affected servers, as agents were able to obtain complete copies of forensic images made by CrowdStrike, according to people familiar with the investigation.”

AD

AD

CrowdStrike said in a statement that it “provided all forensic evidence and analysis to the FBI.”

Here's Johns Hopkins University cybersecurity professor Thomas Rid explaining how it the idea the servers are in Ukraine doesn't make sense:

Cybersecurity pros meanwhile worried Trump’s comments about Crowdstrike could make it tougher for them to protect high-profile clients without fearing presidential blowback.

Here’s Andrew van der Stock, a consultant with the security firm Synopsys and Wayne Anderson, a security architect at the anti-virus firm McAfee:

Some of the president’s supporters, meanwhile, jumped on the CrowdStrike comments for another purpose: To undercut Democrats’ impeachment calls by arguing Trump’s real interest was in getting Zelensky to investigate the DNC breach rather than the Biden family’s business connections in Ukraine.

AD

AD

Here’s Rep. Mark Meadows (R-N.C.):

And Josh Holmes, former chief of staff for Senate Majority Leader Mitch McConnell (R-Ky.):

You are reading The Cybersecurity 202 , our must-read newsletter on cybersecurity policy news. Not a regular subscriber?



PINGED, PATCHED, PWNED

PINGED: The nation's highest-ranking intelligence official threatened to resign over concerns that the White House would try to force him to withhold information from Congress about a whistleblower complaint against the president, my colleagues Greg Miller, Shane Harris and Karoun Demirjian report.

Acting director of national intelligence Joseph Maguire made the threat to force President Trump to decide whether he was going to assert executive privilege over the complaint, which centers on the late-July call between Trump and the leader of Ukraine, sources told The Post. Democratic lawmakers have criticized Maguire, who took over the top intelligence post last month, for stonewalling their attempts to obtain the complaint.

AD

AD

Whether Trump decides to exert executive privilege before today's hearing remains to be seen.

Maguire denied the reports. “At no time have I considered resigning my position since assuming this role,” he said in a statement. “I have never quit anything in my life, and I am not going to start now. I am committed to leading the Intelligence Community to address the diverse and complex threats facing our nation.”

PATCHED: America's electric grid faces significant cybersecurity risks from Russian and Chinese hackers among other adversaries, according to a new Government Accountability Office report. One culprit for that insecurity is the grid’s increased reliance on Internet-connected devices — which commonly suffer from serious vulnerabilities and have made it far easier for potential hackers to strike, the report says.

The GAO is recommending that the Energy Department develop a cybersecurity strategy to address potential risks to the grid, including from hackable IoT devices and from its reliance on GPS systems, which hackers could disrupt the grid with counterfeit signals. The report also recommends that the Federal Energy Regulatory Commission update its cybersecurity standards and investigate the potential risk of a coordinated cyberattack on the United States.

PWNED: Security researchers found the personal data of nearly the entire population of Ecuador exposed online for the second time in little over a week, William Turton, Stephan Kueffner and Nour Al Ali at Bloomberg News report. This week researchers discovered an unsecured server in Germany containing the names, addresses, workplace, family members, phone numbers, vehicle information and emails of nearly 20 million Ecuadoran citizens.

AD

AD

While the data sets from the two compromises appear to be similar, there's no clear connection between them. The first data set belonged to the Ecuadoran company Novaestrat and was hosted in Miami; the new data was traced to a server owned by another Ecuadoran company, DataBook. By Wednesday morning, the website hosting the newly discovered data had been taken offline, Bloomberg reports.

Government officials have asked prosecutors to investigate the potential data breach, Bloomberg reports. The country's Ministry of Telecommunications and Information Society is still investigating the earlier breach.

PUBLIC KEY

— Cybersecurity news from the public sector:

PRIVATE KEY

— Cybersecurity news from the private sector:

THE NEW WILD WEST

— Cybersecurity news from abroad:

ZERO DAYBOOK

— Today:

Auburn University's Embassy of Estonia in partnership with the Embassy of Estonia and Center for Internet Security will host a forum on securing elections Thursday at 9:30 a.m. in Washington.

— Coming up:

The House Energy and Commerce Committee will host a hearing to discuss securing America's wireless future and the deployment of 5G communications on Friday at 9:30 am.

The House Science Committee will host a hearing on "Online Imposters and Disinformation" Thursday at 2 p.m.

The House Judiciary Committee will host a hearing on securing America's elections at 9 a.m. on Friday.

CHAT ROOM