On its face, the comments suggest a fundamental misunderstanding of how cybersecurity investigations work, combined with muddled and broadly debunked conspiracy theories about Ukraine's involvement in the DNC breach investigation. For starters, CrowdStrike is not a Ukrainian company. And there is no single, physical server that represents a piece of elusive missing evidence from the DNC breach. Instead, the DNC shared a forensically preserved digital image of its systems with the FBI, who concluded that Russian agents had indeed hacked the network.
Trump's line of inquiry makes no sense on multiple levels. They do, though, seem to reveal an amazing underlying fact: Trump is still searching for answers about what happened inside the DNC's network, because he still doesn't believe the one America's intelligence agencies have told him .The Zelensky conversation, after all, captures Trump in an apparent moment of private conversation, not a campaign rally or a Fox and Friends interview. Trump appears to sincerely live in a QAnon-style parallel universe, one where Zelensky can help him find facts that his own briefers have withheld.
It's a striking revelation. More importantly, Trump's disconnect with reality could have serious consequences for America's ability to counter the actual Russian hackers who attacked the US democratic process in 2016, and who may do so again in 2020."The president does not seem to be receptive to facts and details that relate to what happened in 2016," says Thomas Rid, a political scientist at Johns Hopkins University who focuses on cyberconflict and disinformation. "If we take him at face value, if we believe what he’s saying to Zelensky, the conclusion appears to be that he’s unable to distinguish between conspiracy theories and the intelligence briefings he receives that are backed up by hard evidence and forensics."
Much of that evidence and forensic analysis, all confirming Russia's culpability in the DNC hack , has been publicly available for years. The hackers known as Fancy Bear, now understood to be part of the Russian military intelligence agency the GRU, made serious errors. They left Russian-language formatting error messages in the stolen DNC documents they published. The metadata in those files showed they'd been handled on a computer whose username was "Felix Edmundovich;" the founder of the Soviet secret police, whose statue once stood in front of the KGB headquarters, was Feliks Edmundovich Dzerzhinsky. Later, links in the phishing emails hackers used to target the DNC turned out to have been created with the same account for the URL-shortening service Bitly as links used to phish hundreds of other Russian hacking targets, from Ukrainian officials to Russia-focused academics.
Like other prominent companies of its kind, CrowdStrike conducts digital forensic investigations, and defends its clients in part by removing a hacker's access to compromised accounts and devices.But when CrowdStrike or another firm investigates an incident, they typically don't physically remove a client's devices.