The previous Homeland Security Secretary, Jeh Johnson, told senators on Wednesday that he recalled being frustrated over how his department was blocked from directly probing last year’s hack of the Democratic National Committee.
Johnson appeared before the House Intelligence Committee as part of its ongoing investigation into alleged Russian meddling in the 2016 presidential race.
According to prior reporting, the FBI was denied access to the DNC’s servers after it became clear the systems were hacked. Johnson testified that the Department of Homeland Security was also not allowed to examine the servers, and that the DNC, instead, relied solely on the services of a private security firm, Crowdstrike, to forensically scan the hardware.
“The response I got was FBI had spoken to them. They don’t want our help. They have Crowdstrike,” Johnson told Senators, when asked about cooperation between DHS and the DNC.
Johnson told the ranking member on the committee, Rep. Adam Schiff (D-Calif.), that, ideally, both DHS and FBI would have been interfacing with the hacked organization.
The former DHS head described how the department had the tools and experience to help. It played an instrumental role in probing the hack of the Office of Personnel Management (OPM) in 2015, identifying “bad actors” and limiting damage, Johnson testified.
“I recall very clearly that I was not pleased that we were not in there helping them patch this vulnerability,” Johnson added. He noted that he didn’t have the authority to get a search warrant and force the organization to comply with requests to investigate.
There is no indication, to date, that DHS and FBI were ever granted access to the breached servers.
“If they had turned the server over to either you or Director Comey, maybe we would have known more,” Rep. Trey Gowdy (R-S.C.) said during the hearing. “Why would the victim of a crime not turn over a server to the intelligence community or to law enforcement?”
“I’m not going to argue, sir, that was a leading question, and I’ll agree to be led,” Johnson said, opting not to dismiss Rep. Gowdy’s conspiratorial tone. Johnson did not elaborate.
The US intelligence committee relied on its own intelligence, and Crowdstrike’s first-hand examination, to attribute the DNC breach to the Russian government last October.
The private security firm’s findings in another case, however, have since come under questioning. Last year, Crowdstrike had to retract parts of a report linking the destruction of Ukrainian artillery units to another alleged Russian cyber attack.
The company walked back the report after the Ukrainian Ministry of Defense disputed it, saying there was no hacking and no loss of artillery units.
As Voice of America reported, Crowdstrike’s artillery hack claims were used to “buttress claims of Russian hacking during last year’s American presidential election campaign.”
During Wednesday’s hearing, Rep. Schiff (D-Calif.) attempted to shutdown any criticism of DNC’s cooperation with federal authorities post-hack.
“I think there’s a tendency to blame the victim over their victimization,” Rep. Schiff said. “The DNC was a victim here.”
