Part 1 developed the following: Hillary’s campaign, lax on cybersecurity and working with the DNC to make sure Sanders did not have a chance of winning invited multiple attacks from both hackers on the outside and from leakers on the inside.
Part 2 makes clear the multiple hacks and multiple leaks that plagued Hillary’s 2016 presidential campaign came from multiple sources.
This Part 3 makes the case that Seth Rich was the likely source of both the WikiLeaks DNC emails published starting on July 22, 2016, and of the “Podesta File” of emails that WikiLeaks began publishing on Oct. 7, 2016.
The breakthrough in this series of articles is the attempt to apply intelligence analytical techniques to sort out the various known cybersecurity attacks on the Democrats during the 2016 presidential campaign to determine the rogue agent responsible for each separate known cybersecurity attack.
WASHINGTON, D.C. – The purpose of this third and last article in the three-part series is to determine if Seth Rich is a likely suspect for having leaked to WikiLeaks the DNC emails that WikiLeaks emails published starting on July 22, 2016, and of the “Podesta File” of emails that WikiLeaks began publishing on Oct. 7, 2016.
The first hurdle is to determine if Seth Rich had a motive to harm Hillary Clinton’s presidential campaign. The precipitating incident establishing Seth Rich’s motive demands an investigation of the December 2015 incident in which four IT specialists in Sanders’ campaign were proven to have breached the DNC voter database to transfer Clinton campaign proprietary voter data to their Sanders’ campaign computers.
Seth Rich: Motive
On Wednesday, Dec. 16, 2015, NGP VAN, the software system operated by the DNC that provided donor data (NGP based in Washington) and voter data (VAN based in Somerville, Massachusetts) released a software modification that contained a bug that dropped a firewall, opening a window of approximately 40 minutes, during which IT specialists in Bernie Sanders’ campaign were allowed to view and copy voter data proprietary from Hillary Clinton’s campaign.
“As a result of this analysis, NGP VAN found that campaign staff on the Sanders campaign, including the campaign’s national data director, had accessed proprietary information about which voters were being targeted by the Clinton campaign – and in so doing violated their agreements with the DNC,” Dacey found.
“These staffers [in the Sanders campaign] then saved this information in their personal folders on the system, and over the course of the next day, we learned that at least one staffer appeared to have generated reports and exported them from the system,” Dacey charged.
The New York Times in reporting on the data breach quoted an unnamed Clinton staffer who compared the data breach to “the opposing general getting your battle plans,” in that the DNC through the VAN system provides all Democratic presidential campaigns with Democratic voters’ names, phone numbers, and addresses, along with managing proprietary data each Democratic campaign maintains in the VAN system protected by firewalls from view by competing Democratic campaigns.
On Dec. 18, 2015, a Twitter user “Iowa Starting Line” posted the log-book data from NPG VAN documenting by name four Sanders campaign staffers, including Sanders’ National Data Director Josh Uretsky, who accessed various Clinton campaign data files that were saved by the Sanders campaign staffers into their own computers, appearing to steal the data from the Clinton campaign.
The log book entries show the files the Sanders campaign took from Clinton’s proprietary VAN voter data was potentially useful tactical information, with lifted files identified, for instance, “Turnout 60+” from folder “Ranged Targets,” and “Turnout 40-60” and “Not Sanders,” both also from folder “Ranged Targets.”
The log book entries showed four Sanders IT specialists spent two hours in the data without notifying NPG VAN of the firewall being down, calling up information from about a dozen states, downloading data that included a “turnout” variable showing on a scale of 1 to 100 how likely a person is to vote, with the goal of establishing a high “Priority” score to someone the campaign should make an effort to contact and persuade.
David Atkins, a campaign consultant and county official in the California Democratic Party, told Politfact.com the information would give the Sanders campaign a view of how the Clinton campaign was targeting voters, as well as a view of polling data indicating how well Clinton was doing in various states.
When the breach became known, a huge controversy developed in which the DNC cut off Sanders from DNC proprietary data in the NPG VAN system, forcing Sanders to sue the DNC.
The matter was resolved acrimoniously but quickly, in a midnight settlement on Friday, Dec. 18, 2015, that allowed Sanders to regain access to VAN, both for the shared DNC historical Democratic voters.
On Dec. 18, 2015, as the settlement was being reached, Sanders fired Uretsky, who maintains even today his intervention into the Clinton campaign proprietary database was aimed only at doing his job, being diligent to document the seriousness of the breach, so NPG VAN could make sure they never again installed a patch that compromised a firewall.
Because of this incident, there is evidence to suggest Seth Rich, a Bernie supporter, felt Amy Dacey, his boss on the voter mobilization campaign, used the incident to embarrass the Sanders campaign.
Bernie supporters HATED Hillary during the 2016 campaign:
Infowars.com has established by interviews with various DNC and Sanders campaign staff that Seth Rich felt Dacey, a staunch Clinton loyalist and spirited Sanders critic, had overreacted, blaming Uretsky for purloined data instead of accepting responsibility that a glitch in a NGP VAN patch had opened a firewall that allowed the Sanders campaign to view the proprietary Clinton voter database.
In the DNC organizational chart, Seth Rich reported to Technology Director Andrew Brown, the person Sanders identified as having recommended he hire Uretsky as the national data director for the Sanders campaign.
In the aftermath of the incident, Sanders went so far as to charge the breach of the Clinton voter data may have been a “false flag” attack staged by the DNC and carried off by a “plant,” namely Uretsky, who Sanders hired on the recommendation of Andrew Brown, the DNC’s National Data Director, and Bryan Whitaker, the former COO of NGP VAN.
“I mean here we are being attacked for the behavior of an individual [Uretsky], which we ultimately fired,” Sanders said. “We agree he acted improperly, but it’s just amazing to me that this … individual that actually caused this trouble in our campaign was recommended by these guys. It’s not as if we conjured this guy Josh from thin air.”
Sanders insisted his campaign had not hacked the DNC’s NGP VAN system, but had taken advantage of a computer glitch, yet the result was the Sanders campaign was being attacked by both the DNC and by NGP VAN.
But as the incident resolved, Sanders loyalists seethed that NGP VAN provided the Clinton campaign audit of the data breach that the Clinton team made sure was released to the media, while the Sanders’ team was kept in the dark.
“It’s easy to speculate how Seth Rich could have become disgruntled after witnessing the DNC attempt to sabotage the Sanders campaign. As such, it’s not a stretch to imagine that Rich – a guy with access to sensitive emails and technical skills, did in fact communicate with WikiLeaks in order to expose and root out the DNC’s misdeeds,” a poster identified as “ZeroPointNow” posted on the ZeroHedge.com blog on May 19, 2017.
July 22, 2016: WikiLeaks starts publishing DNC emails
Starting on Friday, July 22, 2016, WikiLeaks began releasing over 2 publications 44,053 emails and 17,761 attachments from seven key figures in the DNC, none of whom included then-DNC Chair Debbie Wasserman Schultz.
By far, the largest number of emails came from DNC Communications Director Luis Miranda (10,520 emails), who had approximately three-times the emails released for the next highest on the list, National Finance Director Jordon Kaplan (3,799 emails) and Finance Chief of Staff Scott Corner (3,095 emails).
The emails covered the period from January 2015 until May 2016, with the last email dated May 25, 2016.
The emails have in common that one or more of the “From,” “To,” and or “CC” listings indicate the email was sent by or to an addressee using the DNC email server, identified as @dnc.org.
While the DNC email server could have been hacked, what is equally plausible is that someone on the inside (perhaps an employee with their own @dnc.org email address) could have discerned the usernames (possibly identical with the person’s email address) and the password for each of the seven DNC officials included in the WikiLeaks release.
If obtaining the DNC emails was an “inside job,” downloading the emails would have been as simple as accessing each official’s email account and downloading all emails listed there.
Unless each DNC official made sure emails on the DNC email server were erased (not simply that the emails were erased as viewed within a downloading computer), the leaker could have downloaded conceivably every email that user had written and/or received from the first email in the system.
If the email theft was a leak (as opposed to a hack from the outside), the DNC officials exposed may have been less attentive to cybersecurity in their choice and use of usernames and passwords, as well as less well trained on the hazards of failing to delete emails on the server.
The New York Times, reporting on Friday, July 22, 2016, commented the DNC emails released by WikiLeaks showed top officials at the DNC “criticized and mocked Senator Bernie Sanders of Vermont during the primary campaign, even though the organization publicly insisted it was neutral in the race.”
The New York Times noted that in an email dated May 21, Mark Paustenbach, a committee communications official, “wrote to a colleague about the possibility of urging reporters to write that Mr. Sanders’s campaign was ‘a mess’ after a glitch on the committee’s servers gave it access to Clinton voter data.”
“Wondering if there’s a good Bernie narrative for a story, which is that Bernie never ever had his act together, that his campaign was a mess,” Mr. Paustenbach wrote to Luis Miranda, the communications director for the committee.
The WikiLeaks emails, released the Friday before the Monday, July 25, 2016, start of the Democratic National Convention had the immediate impact of forcing DNC Chair Debbie Wasserman Schultz to resign under fire on Sunday, July 24 – a move that threw the national nominating convention into disarray.
Recall that in June 2016, the DNC had acknowledged its computer network had been breached, a conclusion that led the DNC to hire cybersecurity expert CrowdStrike that investigated and reported the Russian government had had used two separate hacker groups, identified as “Cozy Bear” and “Fancy Bear,” to hack the DNC computer.
As reported in the second article on this series, the CrowdStrike report appears to have been the basis the DNC and U.S. intelligence used to conclude incorrectly that Guccifer 2.0 was responsible for providing the DNC emails WikiLeaks started making public on July 22, 2016, despite the fact there is no evidence Guccifer 2.0 ever hacked into any Democratic email server.
Recall, Guccifer 2.0 only ever published hacked internal documents from the DNC and the DCCC, as well as donor data apparently hacked from the NGP database.
Still, on July 22, 2016, DNC officials in interviews with the Washington Post blamed the WikiLeaks publication of DNC emails on Guccifer 2.0, citing the CrowdStrike investigation as proof.
Oct. 7, 2016: WikiLeaks begins publishing Podesta emails
WikiLeaks began publishing the Podesta emails on Oct. 7, 2016, less than one hour after the Washington Post published the lewd Access Hollywood video with Trump making lewd comments to Access Hollywood’s Billy Bush.
WikiLeaks continued publishing a total of 57,153 Podesta emails in a series of drops, with the final “Part 34” published on Nov. 7, 2016, three days after Election Day.
The last date of a Podesta email published by WikiLeaks was March 21, 2016, approximately two months earlier than the last date of the DNC emails published by WikiLeaks in July.
Of the 57,153 Podesta emails, 48,862 contain “Podesta@” making it clear the key breach producing the emails WikiLeaks began releasing Oct. 7, 2016, was one John Podesta’s email @gmail.com – the email Podesta appeared to use almost exclusively, shunning the use of a Clinton campaign email address.
That Podesta was lax about cybersecurity is obvious from emails in the cache indicating Podesta lost his cell phone in a taxicab, fell victim to a phishing attack, and shared with an assistant his Apple ID and password.
Given that Podesta used email@example.com as his Apple ID (username) and “Runner4567” as his password, it is likely Podesta (given his apparent disregard for Internet security) may have used this username and password for all, or most, of the Internet websites to which he subscribed, as well as using the password for other transactions, maybe even including credit card or ATM transactions.
Again, an insider familiar with Podesta’s use of his @gmail.com account for virtually all his campaign email correspondence would only need to know (or guess at) his password to gain access to all undeleted Podesta emails that remained on the gmail.com email server, possibly back to the very first Podesta sent or received.St
When WikiLeaks began publishing the Podesta emails in October 2016, the Democrats reacted once again to claim the Russians had used Guccifer 2.0 to hack Podesta’s emails.
“We are not going to confirm the authenticity of stolen documents released by Julian Assange who has made no secret of his desire to damage Hillary Clinton,” Clinton spokesman Glen Caplin told the press on Oct. 7, 2016.
“Guccifer 2.0 has already proven the warnings of top national security officials that documents can be faked as part of a sophisticated Russian misinformation campaign,” Caplin continued.
That the last date of the Podesta emails precedes the last date of the DNC emails released by WikiLeaks suggests an internal operative seeking to leak emails damaging to Hillary may have accessed Podesta’s @gmail.com account first.
That the last date of the DNC emails was May 25, 2016, suggests events may have influenced the internal operative that the emails should be released right then.
What happened in May 2016?
The Democratic Party Indiana Primary took place on May 3, 2016.
Sanders achieved a 5 point victory upset over Clinton in Indiana, winning 52.46 percent to 47.54 percent, but the “superdelegates” swung to Clinton, giving Clinton a total of 46 delegates from the Indiana primary, compared to 44 to Sanders.
What in May was clear was that the Democrats had stacked the deck for a DNC-preferred candidate to win the nomination, with the clear majority of the 712 superdelegates (about 15 percent of all delegates) would vote for Clinton, such that Sanders could earn a majority of the 1,670 delegates up for grabs in popular voting during the primaries, and still lose the nomination.
By June 7, 2016, in the early hours of counting the ballots in the Democratic Party California primary, the Associated Press declared that Hillary Clinton had won enough delegates and superdelegates to win the Democratic Party nomination for president.
The likely scenario is that a leaker internal to the Democratic Party released to WikiLeaks both the DNC emails and the Podesta emails at one time in late May or early June 2016.
The final determination of how to sort out the emails and when to publish them remained a decision WikiLeaks would reserve exclusively to itself.
Even President Obama in his final news conference appeared to concede the DNC emails were leaked to WikiLeaks, not the result of a hacking attack from the outside.
“The conclusions of the intelligence community with respect to the Russian hacking were not conclusive as to whether WikiLeaks was witting or not in being the conduit through which we heard about the DNC e-mails that were leaked,” President Obama said.
“I don’t pay a lot of attention to Mr. Assange’s tweets, so that wasn’t a consideration in this instance,” he continued. “And I’d refer you to the Justice Department for any criminal investigations, indictments, extradition issues that may come up with him.”
The strongest evidence Seth Rich leaked the WikiLeaks emails
The strongest indication that Seth Rich leaked the DNC and Podesta emails to WikiLeaks comes from Julian Assange himself.
In an interview broadcast on Dutch television on Aug. 9, 2016, the host Eelco van Rosenthal asked Assange, “The stuff that your sitting on, is an October Surprise in there?”
Assange insisted, “WikiLeaks never sits on material,” even though Assange had previously said WikiLeaks yet ha more material related to the Hillary Clinton campaign that had yet to be published.
Then, on his own initiative, without being specifically asked, Assange began talking about Seth Rich.
“Whistleblowers go to significant efforts to get us material, and often very significant risks,” Assange volunteered.
“There’s a 27-year-old that works for the DNC who was shot in the back, murdered, just a few weeks ago, for unknown reasons, as he was walking down the streets in Washington,” Assange continued.
Van Rosenthal objected that the murder of DNC staffer Seth Rich was a robbery.
“No, there’s no findings,” Assange answered.
“What are you suggesting?” Van Rosenthal interjected.
“I’m suggesting that our sources take risks – and they become concerned to see things occurring like that,” Assange responded.
There was no reason for Assange to have spontaneously brought up Seth Rich in the context of the risks his leakers take if Rich were not the leaker involved in the DNC and Podesta emails that WikiLeaks published.
On Aug. 9, 2016, WikiLeaks offered a $20,000 reward “for information leading to the conviction for the murder of DNC staffer Seth Rich.”
Again, why would WikiLeaks do this if Seth Rich were not the leaker in question?
Repeatedly, Assange has denied that the Russians “or any state party” supplied WikiLeaks with the DNC and/or Podesta emails.
The attempt to distinguish is disingenuous, suggesting the Russians may have been responsible for the hack, turning the information to a third party, not the Russians or a state actor, who handed WikiLeaks the emails and thus became “the source.”
Speaking plainly, Assange – a political operative with an established reputation of telling the truth – has denied the Russians or any state actor was involved, knowing he was leaving the clear impression the DNC and Podesta emails traced back to a leaker internal to the DNC – the same conclusion President Obama suggested in his final press conference.
Why the cover-up in the Seth Rich murder investigation?
The next most convincing reason to believe Seth Rich is the leaker revolves around the way the Washington Police Department and the Democratic Party have perpetrated a cover-up of key evidence of his murder investigation.
About all the Washington Police Department have released with certainty is that Sean Rich was shot to death in the Bloomingdale section of Washington, D.C., in the early hours of Sunday, July 10, 2016.
To date, the Washington Police have refused to release any investigative report or autopsy that precisely described the wound.
Despite intensive research efforts by Internet sleuths, we do not know for certain which hospital in D.C. the Washington Police took Rich for treatment after the shooting.
Was there any identification of the shooting suspects, or results from a subsequent police investigation?
There appears to be some 2 ½ hours unaccounted time between 1:15 a.m. when Rich left a local bar and 4:25 a.m. when he was shot near his home, even considering the time Rich would have required to walk home.
Sorting through the thin evidence is unlikely to produce a conclusive break-through in the case, as long as the Washington Police Department withhold all investigative reports and the Democratic National Party continue to dismiss the Seth Rich murder as a “conspiracy theory,” so as to deflect any threat to their determination to advance the “Russian collusion” meme that itself lacks evidence.
These articles have argued a tighter, forensic case, premised on examining the content and context of each known cyberattack against the Clinton campaign so as to determine the most likely means required to pull the cyberattack off successfully and, from there, to determine the most likely perpetrator.
The conclusion of these three articles is that the DNC and Podesta emails published by WikiLeaks during the 2016 presidential campaign were stolen and leaked by an operative within the Democratic Party, with the likely perpetrator of the leak being Seth Rich.