Cyber Investigation in IG Report

My article What the IG Report Missed about the role of the hoax cyber intrusion investigation in #Spygate is published in the American Thinker. This post contains supporting quotes and comments.

The FBI Inspector General’s Report Review of Four FISA Applications and Other Aspects of the FBI’s Crossfire Hurricane Investigation blindly trusts the cyber investigation component of the Russia hoax. Even worse, the report uses a circular argument, creating a logical fallacy. It simply repeats the FBI claims from July 2016, that the DNC hacking by Russia was the source for WikiLeaks dump that so embarrassed Hillary at the Democratic National Convention, and Guccifer 2.0 materials. Then it justifies those claims be referring to the so-called Intelligence Community Assessment of January 2017, later Congressional documents, and the so-called Mueller Report, all of which have been based on those FBI claims. That said, this circular reasoning has been the established narrative since early 2017.

Despite the alleged centrality of the cyber intrusion investigation in predicating Spygate, out of 480 pages of the report, only a few paragraphs are devoted to cyber issues. Even those parts either describe lawyers’ activity, or rehash the FBI claims circularly. The following quotes are representative of the report.

Counterintelligence Division (CD) Assistant Director (AD) E.W. “Bill” Priestap, who approved the case opening, told us that the combination of the FFG information and the FBI’s ongoing cyber intrusion investigation of the July 2016 hacks of the Democratic National Committee’s (DNC) emails, created a counterintelligence concern that the FBI was “obligated” to investigate (Executive Summary, p. 4; it is also repeated in the IG Report at least twice, with minor variations)

FFG refers to hearsay from Alexander Downer about his meeting with Papadopoulos in which emails were mentioned in regard to Hillary. Whatever worth such “evidence” might have was derived from the DNC cyber intrusion allegations. Thus, if we believe Comey’s crew, as IG Horowitz apparently does, the whole Crossfire Hurricane was predicated on the cyber intrusion investigation, which was predicated on the word of CrowdStrike, hired by Perkins Coie, hired by the DNC. Thus, the FBI acted at the behest of the DNC & Hillary Clinton, earning the more accurate title: HBI — Hillary’s Bureau of Investigation.

Notice that the phrase “July 2016 hacks” shows that Michael Horowitz is unclear regarding the cyber allegations. The DNC hacking that led to the July 2016 leaks allegedly happened before July.

At the time the Crossfire Hurricane investigation was opened in July 2016, the U.S. Intelligence Community (USIC), which includes the FBI, was aware of Russian efforts to interfere with the 2016 U.S. elections. The Russian efforts included cyber intrusions into various political organizations, including the Democratic National Committee (DNC) and Democratic Congressional Campaign Committee (DCCC). Throughout spring and early summer 2016, the FBI became aware of specific cyber intrusions for which the Russian government was responsible, through ongoing investigations into Russian hacking operations conducted by the FBI’s Cyber Division and the FBI’s Counterintelligence Division (CD). (p. 49)

The DNC narrative was that the Russians interfered in the 2016 elections.

In March and May 2016, FBI field offices identified a spear phishing campaign by the Russian military intelligence agency, known as the General Staff Intelligence Directorate (GRU), targeting email addresses associated with the DNC and the Hillary Clinton campaign, as well as efforts to place malware on DNC and DCCC computer networks. In June and July 2016, stolen materials were released online through the fictitious personas “Guccifer 2.0” and “DCLeaks.” In addition, in late July 2016, WikiLeaks released emails obtained from DNC servers as part of its “Hillary Leak Series.” By August 2016, the USIC assessed that in the weeks leading up to the 2016 U.S. elections, Russia was considering further intelligence operations to impact or disrupt the elections. (p. 49)

This paragraph blindly repeats false claims originating with CrowdStrike or John Brennan, and incorrectly attributes them to the whole Intelligence Community, deceitfully giving them the credibility of proven facts.

In addition to the Russian infiltration of DNC and DCCC computer systems, between March and August 2016, the FBI became aware of numerous attempts to hack into state election systems. These included confirmed access into elements of multiple state or local electoral boards using tactics, techniques, and procedures associated with Russian state-sponsored actors.163 The FBI learned that Russian efforts also included cyber-enabled scanning and probing of election related infrastructure in several states. (pp. 49-50)

Whatever the phrase “election related infrastructure” means, hackers’ probing and scanning for vulnerabilities are a routine part of the internet, like ocean waves in the ocean. The usage of the word “Russian” confuses its multiple meanings. In respect to a specific hacker, it might mean:

  • a native Russian speaker
  • somebody born in Russia or former Soviet Union
  • ethnic Russian
  • somebody who is in Russia 
  • a Russian citizen
  • a Russian intelligence or military officer, or somebody who works for Russian intelligence or military

All these meanings have been used interchangeably in the Russia hoax, but only the last one is compatible with the allegations of Russian elections interference.

The footnote 163 contains the narrative from 2017 ICA, Congressional statements, the Mueller report, and patently false statement “USIC leadership concurred with the ICA and acknowledged that the Russian government was responsible …”

There is also a circular argument fallacy. Horowitz suggests that the FBI’s claims of “Russian infiltration”, made in the summer 2016, were justified by the so-called Intelligence Community Assessment of January 2017, the Mueller Report, and other writings, produced later based on those initial FBI claims. 

On July 26, 2016, 4 days after Wikileaks publicly released [allegedly] hacked emails from the DNC, the FFG [Friendly Foreign Government] official spoke with a U.S. government (USG) official in the European city about an “urgent matter” that required an in-person meeting. At the meeting, the FFG official informed the USG official of the meeting with Papadopoulos. … On Jul 27 2016 the USG official called the FBI’s Legal Attache (Legat) … The following day, on July 28, 2016, the Legat sent an EC documenting the FFG information to the Philadelphia Field Office ASAC. The same day [July 28], the information in the EC was emailed to the Section Chief of the Cyber Counterintelligence Coordination Section at FBI Headquarters. From July 28 to July 31, officials at FBI Headquarters discussed the FFG information and whether it warranted opening a counterintelligence investigation. (pp. 51-52)

Even considering the incompetence of the Obama administration, this cannot be believed. The FBI connects cyber intrusion investigation with a hearsay about drunken talk of Papadopoulos, because he talked about Hillary and emails months ago on a different continent? And works itself up into frenzy within four days?

Like Priestap, these officials told us that their evaluation of the FFG information was informed by the FBI’s ongoing cyber investigation involving Russia and the DNC hack. According to the Intel Section Chief and Strzok, when the FFG information arrived, the FBI already had strong corroborating information indicating that senior officials in the Russian government were responsible for directing attacks on the 2016 U.S. elections, including the hack of the DNC. Anderson said the FBI’s ongoing cyber investigation supported the decision to open a counterintelligence case based on the FFG information. (p. 54)

They say the same thing, which is known to be a lie.

As also described in Chapter Three, the FBI had an ongoing cyber counterintelligence investigation into the Russian hacking of the DNC and was aware of other Russian efforts to interfere with the upcoming 2016 U.S. elections. We were told by several FBI witnesses that certain broad themes of the Steele reporting were consistent with information already known by the FBI and other U.S. government intelligence agencies. These themes included that the Russian government was seeking to sow discord and disunity within the United States and Trans-Atlantic alliance, that the Russian government was working to support Trump’s election as President, and that Russian state-sponsored cyber operations were responsible for hacking activity focused on the Clinton campaign. Comey told the OIG that, in his view, the “heart of the [Steele] reporting was that there’s a massive Russian effort to influence the American election and weaponize stolen information.” Comey said he believed those themes from the Steele reporting were “entirely consistent with information developed by the [USIC] wholly separate and apart from the [Steele] reporting,” as well as consistent with what “our eyes and ears could also see.” (p. 101)

Of course, the Steele reporting was consistent with the CrowdStrike reporting. They received the same information from Fusion GPS and CrowdStrike because both were hired by Perkins Coie on behalf of the DNC. The rest of the narrative was added later by John Brennan, James Clapper, and a few others.


Where it speaks of the cyber matters, the document is written in a heavy lawyerly language. The Office of General Counsel, National Security and Cyber Law Branch (NSCLB) is mentioned 21 times by its acronym alone. CrowdStrike, which sparked the whole “cyber intrusion investigation”isn’t mentioned at all. Examples of the language

The OGC Attorney and Deputy General Counsel Anderson reviewed the application package on behalf of OGC’s National Security and Cyber Law Branch. However, as discussed in Chapter Two, FBI procedures do not specify what steps must be taken during the final OGC legal review. (p. 152)

As described in Chapter Two, after the affiant signs the affidavit, the application package is submitted to the FBI’s National Security and Cyber Law Branch (NSCLB) for final legal review and approval by both a line attorney and Senior Executive Service-level supervisor. Once they approve the application, the line attorney and supervisor sign the cert memo. (p. 208)

Incompetence / overlawyering is a problem in addition to the partisanship of Obama-era FBI. Actually, these problems are synergetic. Cyber is frequently called the 5th dimension of warfare — in addition to air, land, sea, and space. An FBI’s cyber security division can be compared to an aircraft carrier group. Imagine an aircraft carrier hits rocks, bursts in flames, and sinks. A commission is appointed. After two years of work, a report is published. From the report we learn that most commanding posts were occupied by lawyers. The commission, consisting mostly of lawyers, doesn’t find anything unusual in such an arrangement. Further, the commission finds out that most officers acted lawfully most of the time! All applications were submitted for review and reviewed properly. Procedures were followed. Officers exercised judgement within legally defined boundaries. To prevent similar situations in the future, the commission recommends updating existing procedures, and adding new ones. 

Luckily, the Obama-era FBI hit rocks and sank when it was maneuvering to overthrow the Constitutional order.


 The IG Report, as publicly released, never mentions CrowdStrike (CRWD), a cybersecurity contractor hired by the DNC law firm Perkins Coie for litigation related matters, not for the DNC network breach remediation. CrowdStrike was the single source for the information about the DNC network hack(s) for the FBI and everybody else.

Both CrowdStrike and Fusion GPS were hired by the DNC legal firm Perkins Coie in April 2016 for the same purpose. The FBI relied on information from CrowdStrike more heavily than on information from Fusion GPS. Nevertheless, the IG Report mentions Fusion GPS 138 times, not counting its principals, but never mentions CrowdStrike or any of its officers. FFG, the smaller part of the predicate, is mentioned in the IG Report 144 times.

To verify that CrowdStrike is not mentioned and keeping in mind the Comey/Corney sharade (likely OCR error), I searched the document not only for crowdstrike, but also for crow, rike, and wds. Similarly, I checked for partial matches for the names of Dmitriy Alperovitch, George Kurtz, and Shawn Henry. None was found.

8 thoughts on “Cyber Investigation in IG Report

  1. Chalupa emailed it one day after Perkins Coie engaged Crowdstrike; i.e. May 3, 2016

    She wrote: “Since I started digging into Manafort these messages have been a daily occurrence on my yahoo account despite changing my password often:


    If what she said was true, then wouldn’t I get more than four hits on Google and six hits on Duck Duck Go for the exact phrase used by Yahoo in their alleged “form alert?” Seems to me that identifying the hackers as “state-sponsored” is completely superfluous to everyone except Chalupa and her friends at the White house.

    Looks like Chalupa was doing the same thing Nellie Ohr was doing; only without a Ham radio

    1. This is an excellent point! Chalupa started complaining of Yahoo warnings after the DNC hired Crowdstrike. It is not impossible that she made that up, or learnt from somebody how to trigger them. I used to think Yahoo was sending such alerts to selected users because it had lost half-billion account passwords.

      1. While searching for answers about Chalupa, I stumbled onto the work of George Eliason.

        I’m still reading through his stuff from the past three years. You have to see what he was writing just before election day 2016.

        Two snippets from two articles should pique your interest:

        “Alexandra Chalupa has been the voice behind saying Russia illegally interfered with the election. And according to her story, she was almost hacked repeatedly while researching Paul Manafort. The Democrats say this caused the Clinton defeat. No one explained why “researching” Paul Manafort, an American, would excite Russian attention.

        Strangely, every article about her neglects to mention that Chalupa and her family are not Democrats as suggested. Instead they are admitted ultra-nationalists bent on sending America to war with Russia by any means possible. And they are vocal about it.

        None of the articles connect the fact that the Clinton loss is personal for the Chalupa family. At least 2 of them were going to the White House as advisors and cabinet members.

        The many articles about Chalupa or a Russian influence on the election fail to mention the Chalupas admitted to violating federal law a couple of years ago. She was part of the leadership that overthrew a country the US was at peace with. If investigated, with admissions in hand, it could mean 25 years in a federal prison. Should someone tweet @realDonaldTrump?

        The articles don’t touch on the fact that Alexandra Chalupa has almost instant access to “state sponsored actors” or hacktivists through Ukrainian propagandist Irena Chalupa. The Ukrainian emigres would do anything to get Hillary Clinton elected that starts a war with Russia. Do any of the articles state the Chalpupa family glorify Stepan Bandera, groups like Pravy Sektor or the murders of innocent civilians in Ukraine?

        “Milestone June 2016 The DNC HACK, ALMOST HACK, AND ATTRIBUTION

        I have the distinction of showing you Russian hackers without a Russian hack. After HRC left the State Department she retained 6 seats (passwords) to the State Department server for research purposes. Alexandra Chalupa was one of those researchers and she was investigating Paul Manafort in 2015.

        One of the groups working for Chalupa (Diaspora royalty) is Christina Dobrovolska’s Ukrainian Intel. Refer to Milestone March 2014 and Milestone of June 2016.

        The Ukrainian Intel hacker group working for the Atlantic Council and the DNC through Alexandra Chalupa and Christina Dobrovolska was the only hacker group outside of Crowdstrike that had the X-Agent component of the DNC hack.

        · They had access to the DNC servers because of this.”

        And if you thought Glenn Simpson was bad, wait till you read about Joel Harding.



  2. Quick question about Alexandra Chalupa’s Yahoo email warning that allegedly triggered the call to Crowdstrike.

    “We strongly suspect your account has been the target of state-sponsored actors.”

    Are messages about email hacks always that specific? Color me suspicious, but it seems that message was planted specifically for Chalupa to bolster Crowdstrike’s story.


Leave a Reply

Your email address will not be published. Required fields are marked *