An attorney who represented the Democratic National Committee in connection to the hacking of its servers and the private cybersecurity expert who led the response to the breach both contradicted the testimony to Congress given by then-FBI Director James Comey, who claimed that the FBI sought and was denied access to DNC’s physical servers.
Michael Sussmann, an attorney with Perkins Coie, told lawmakers on the House Intelligence Committee in December 2017 that the FBI declined to access the DNC premises when offered to do so during a meeting which included cybersecurity firm CrowdStrike in mid-June of 2016, according to a newly declassified transcript (pdf).
During the meeting, the chief executive officer of the DNC, Amy Dacey, relayed to the FBI that the bureau “could have access to anything they needed,” according to Sussmann.
“And I recall offering, or asking or offering to the FBI to come on premises, and they were not interested in coming on premises at the time,” Sussmann said, later adding that Perkins Coie would have preferred the FBI to access the servers because this would have saved the DNC the money needed to address the hacking.
Sussmann also said the FBI never requested access to DNC’s physical servers.
The DNC contacted CrowdStrike on April 30, 2016, to handle an intrusion into its servers. Upon Sussmann’s recommendation, Perkins Coie contracted CrowdStrike to assess and remedy the breach for the DNC.
Shawn Henry, the president of CrowdStrike Services, coordinated the cybersecurity firm’s work with the DNC, Perkins Coie, and the FBI. Henry told the House Intelligence Committee in December 2017 that he was “not aware” of the FBI ever asking or being denied any information or access to the DNC servers, according to a transcript (pdf) newly declassified on May 7 alongside Sussmann’s deposition. Henry also said he was “not aware of the FBI asking the DNC for data.”
The newly declassified testimonies by Sussmann and Henry contradict what then-FBI Director James Comey told the Senate Select Intelligence Committee on January 10, 2017. Comey claimed the FBI made multiple requests to the DNC but were denied access.
“Were you given access to do forensics on those servers?” Sen. Richard Burr (R-N.C.) asked.
“We were not. A highly respected private company eventually got access and shared with us what they saw there,” Comey answered.
“But is that typically the way the FBI would prefer to do the forensics or would your forensics unit rather field the servers and do the forensics themselves?” Burr asked.
“We’d always prefer to have access hands-on ourselves if that’s possible,” Comey answered.
“Do you know why you were denied access to those servers?” Burr asked.
“I don’t know for sure,” Comey answered.
“Was there one request or multiple requests?” Burr asked.
“Multiple requests at different levels and ultimately it was agreed to it was the private company would share with us what they saw,” Comey answered.
According to the report by Special Counsel Robert Mueller, the FBI eventually obtained images of the DNC servers and copies of relevant network traffic logs. The report does not specify when the bureau obtained the images. Sussmann told lawmakers in December 2017 that the DNC provided images of the servers taken by CrowdStrike to the FBI.
Mueller investigated allegations but did not find sufficient evidence of collusion between the Trump campaign and Russia. The special counsel charged a group of alleged Russian intelligence operatives with the hacking of the DNC servers and the release of thousands of emails allegedly stolen from the servers.
Sussmann, CrowdStrike, the DNC, and the attorneys for James Comey did not respond to requests for comment.