Impeachment Surprise – Journalist’s Lawsuit Paves Way To Call CrowdStrike Executive As Witness

By: Jeffrey Winograd

A lawsuit filed in a Maryland federal court on January 10 offers Republican senators, should they decide to call witnesses during the impeachment trial, a politically acceptable pathway to debunk one of the impeachment charges against President Trump.

The lawsuit names a former FBI official, an expert in cybersecurity and one of the top people at CrowdStrike, as a defendant in an action alleging illegal government surveillance and hacking of a prominent journalist’s personal electronic equipment.

In 2016, CrowdStrike was hired to investigate the hacking of Democratic National Committee (DNC) computer servers and Trump dropped the company’s name during his July 25, 2019, phone conversation with Ukrainian President Volodymyr Zelenskyy. This conversation lies at the heart of the impeachment.   

Although CrowdStrike said that it “immediately identified two sophisticated adversaries on the network,” both “Russian intelligence-affiliated adversaries,” the FBI says it never conducted its own examination of the computer servers,

It remains unknown whether there were any other nation-state hackers identified by CrowdStrike, it is unfathomable why the FBI and the Justice Department did not use the investigative tools available (such as a grand jury subpoena or search warrant) to gain access to the computer hardware, and it is unclear why the DNC withheld FBI access to its servers.

One individual named in the lawsuit, who was a key FBI cybersecurity expert and knows the ins-and-outs of the agency’s methodology in dealing with hacking investigations, was likely CrowdStrike’s point man in the DNC probe.

Shawn Henty’s answers would surely provide the details President Trump wanted when he sought Zelenskyy’s help and he should be called as an impeachment witness.    

Given the glare of the public spotlight that will shine on him due to the lawsuit, Henry will hardly be in the position to turn his back on a Senate subpoena.

Background

The relevant portion of the transcript of the July 25 phone conversation is this:

Trump: “I would like you to do us a favor though because our country has been through a lot and Ukraine knows a lot about it. I would like you to find out what happened with this whole situation with Ukraine, they say Crowdstrike… I guess you have one of your wealthy people… The server, they say Ukraine has it. There are a lot of things that went on, the whole situation. I think you’re surrounding yourself with some of the same people.”

CrowdStrike was the company hired by the DNC to investigate the hacking of its servers.

One provision of the articles of impeachment indirectly refers to the president’s desire to know exactly what, if anything, this U.S. company did regarding the hacking allegation but does not name the company:

“(1) President Trump – acting both directly and through his agents within and outside the United States Government – corruptly solicited the Government of Ukraine to publicly announce investigations into: … (B) a discredited theory promoted by Russia alleging that Ukraine – rather than Russia – interfered in the 2016 United States Presidential election.”

Democrats Toss A Red Herring

Rep. Adam Schiff (D-CA), chairman of the House Permanent Select Committee on Intelligence and the spearhead of Democratic efforts to impeach the president, saw a way to distract attention away from the real issue – did the Russians actually hack the DNC servers and, if so, was it only the Russians?

Democrats and their cohorts in the media and Deep State promoted the claim that Rudy Giuliani, the president’s personal attorney, was peddling conspiracy nonsense. This alleged theory suggested that the DNC server or servers somehow wound up in Ukraine, a founder of CrowdStrike has Ukrainian roots (when, in fact, his family came from Russia), and Ukraine was responsible for the hacking.   

So, according to the Democrats, Trump bought into this somewhat bizarre scenario and wanted the Ukraine president to publicly announce an investigation into the matter.

Intelligence Community Labels Russia As Hacker, Maybe

On Jan. 6, 2017, as the Obama administration was reaching its expiry date, the intelligence community (IC) released a report titled “Russia’s Influence Campaign Targeting the 2016 Presidential Elections.”

The report stated that “in July 2015, Russian intelligence gained access to DNC networks and maintained that access until at least June 2016.”

It continued: “We assess that the General Staff Main Intelligence Directorate (GRU) cyber operations resulted in the compromise of the personal e-mail accounts of Democratic Party officials and political figures. By May, GRU had exfiltrated large volumes of data from the DNC.”

However, the report contained this rather stunning disclaimer: “Judgments are not intended to imply that we have proof that shows something to be a fact.”

Why, given the combined resources of the FBI, CIA and National Security Agency, was there no out-and-out proof of Russian hacking?

Was it a botched FBI/Justice Department (DOJ) investigation? Or, was the James Comey-led FBI attempting to protect unsavory DNC activities documented on its servers, such as its role in the Steele Dossier affair?

The Sharyl Attkisson Lawsuit

During the time span involved in the suit, Sharyl Attkisson was an investigative reporter for CBS and was in the spotlight for her coverage of Operation Fast and Furious as well as the Benghazi (Libya) debacle, both of which were bringing unwanted negative publicity for the Obama administration. 

Attkisson alleges that the named defendants, acting in their capacity as federal employees, conducted “unauthorized and illegal surveillance of the plaintiff’s’ laptop computer from 2011 to 2014.” Such activity constituted a violation of both the Fourth Amendment to the Constitution and the Electronic Communications Privacy Act, she claims.

The first named defendant is Rod Rosenstein, who at the time was U.S. Attorney for the District of Maryland. Of course, Rosenstein is best known for his tenure as deputy attorney general of the United States and as the guy who named Robert Mueller as special prosecutor to probe President Trump for alleged links to Russia.

However, it is the second named defendant, Shawn Henry, who can be the vehicle for Senate Republicans to totally discredit one impeachment allegation – that Trump’s interest in a CrowdStrike probe was part of a “scheme or course of conduct for corrupt purposes in pursuit of personal political benefit.”

Who Is Shawn Henry?

On Sept. 15, 2010, Henry was named the executive assistant director of the FBI’s Criminal, Cyber, Response, and Services Branch.

During his agency career, Henry served as chief of the Computer Investigations Unit in the National Infrastructure Protection Center; field supervisor of the Computer Crimes Squad for the FBI’s Baltimore Field Office; deputy assistant director of the FBI’s Cyber Division, with program management responsibility for all FBI computer investigations worldwide; and assistant director of the Cyber Division, where, in the words of an FBI press release, “he played a central role in restructuring the FBI’s cyber strategy and investigative programs.”

According to the CrowdStrike website, Henry joined CrowdStrike in 2012 after retiring from the FBI, where he oversaw half of the FBI’s investigative operations, including all FBI criminal and cyber investigations worldwide,

The bottom line is that Shawn Henry is a heavyweight in the field of cybersecurity and probably remains extremely influential in FBI circles.

In the wake of being named in the Attkisson lawsuit, Henry likely is not in a favorable position to rebuff any impeachment-related Senate subpoena to answer detailed questions about CrowdStrike’s work in the DNC computer server hacking investigation, as well as the conduct of the FBI in the matter.

CrowdStrike And The DNC Servers

Exactly why the DNC selected CrowdStrike to investigate possible hacking is open to question.

Andrew C. McCarthy, in “Ball of Collusion,” says that while “CrowdStrike has a good reputation,” it was a “private DNC contractor that had deep ties to the Clinton campaign and the Obama administration.”

According to a CrowdStrike blog dated June 15, 2016, and updated on Sept. 25, 2019, “at the DNC, COZY BEAR intrusion has been identified going back to summer of 2015, while FANCY BEAR separately breached the network in April.” Both of the intruders are related to Russian intelligence agencies.

CrowdStrike stated that it has never taken physical possession of any DNC servers. Rather, they capture evidence of hacking using a process call imaging. “The images, not the computer’s hardware, provide the evidence,” the firm said.

“We’ve provided all forensic evidence and analysis to the FBI related to the DNC investigation as requested,” CrowdStrike said. “We have never declined any request for information from the FBI related to this investigation, and there are no pending requests for information by the FBI,” it added.

Conclusion

There are at least three key issues that remain to be addressed.

#1 CrowdStrike has never publicly stated that it offered everything it had on the hacking to the FBI. Why not?

#2 The FBI has never revealed everything they have requested from CrowdStrike. Why not?

#3 The IC report only cited hacking by the GRU. However, as CrowdStrike reported in its discussion of COZY BEAR and FANCY BEAR: “Both adversaries engage in extensive political and economic espionage for the benefit of the government of the Russian Federation and are believed to be closely linked to the Russian government’s powerful and highly capable intelligence services [emphasis added].” Why the disparity?   

CrowdStrike has not responded to an email request for an interview.

President Trump and the country deserve to know if everything involving government agencies, CrowdStrike and the DNC probe was kosher.

Smart money says Shawn Henry can fill in the blanks.

-30-

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s