Rosenstein’s indictment at odds with forensic analysis by intelligence officers
The transfer speed of documents taken from the DNC indicate they were leaked from the inside rather than hacked across the Internet, according to a group of intelligence officers who sent a July 24, 2017, memo to President Trump.
The group’s previous findings seem to contradict some of the recent claims set forth by Deputy AG Rod Rosenstein in an indictment against Russian hackers he released on Friday, three days before President Trump is set to meet with Russian President Vladimir Putin.
“Key among the findings of the independent forensic investigations is the conclusion that the DNC data was copied onto a storage device at a speed that far exceeds an Internet capability for a remote hack,” reads a memo by the group, which also included NSA specialists. “Of equal importance, the forensics show that the copying was performed on the East Coast of the U.S.”
The group, called the Veteran Intelligence Professionals for Sanity, believe “that someone penetrated the computers from inside the DNC,” according to the Washington Times.
The VIPS memo was authored by Skip Folden, a retired IBM program manager for information technology, Kirk Wiebe, a former NSA senior analyst, William Binney, a former NSA technician director, and numerous other professionals who worked for the CIA, NSA, FBI and affiliated military agencies.
A related analysis, which was cited in an on-line version of the memo, said the leaked documents appeared to have been originally compiled at the speed of 23 megabytes per second, making it “unlikely that this initial data transfer could have been done remotely over the Internet.”
“The initial copying activity was likely done from a computer system that had direct access to the data,” according to the analysis. “By ‘direct access’ we mean that the individual who was collecting the data either had physical access to the computer where the data was stored, or the data was copied over a local high speed network (LAN).”
The analysis also added that the initial copying activity was “done on a system where Eastern Daylight Time (EDT) settings were in force. Most likely, the computer used to initially copy the data was located somewhere on the East Coast.”
Friday’s indictment, however, stated that the conspirators used malware known as X-Tunnel “to move the stolen documents outside the Democratic Congressional Campaign Committee and DNC networks through encrypted channels.”