Zamen | زامن
The FBI's new server screwup isn't as bad as it sounds
The FBI and the intelligence community at large has spent months trying to convince Donald Trump and the American public that Russia hacked the DNC — but last night, a report from BuzzFeed seemed to weaken the bureau's case even further. After months of cooperation between the bureau and the DNC, it now appears that the FBI never physically examined the DNC servers involved in the hack. The servers were examined by CrowdStrike, the response team hired by the DNC, but the FBI never went back to confirm the findings. With President-elect Trump and many others openly challenging the intelligence community's claim that the Russian government directed the attack, the news seems like a clear black eye for the bureau. If agents didn't look at the server directly, how much could they know?The answer might be more than you think. It's common for the initial forensic analysis to be conducted by outside firms like CrowdStrike, and once that data has been copied, there's often little need to copy it again. BuzzFeed described the FBI's lack of interest in the DNC's server as unusual, citing a number of response firms that preferred not to be named. But that's not a unanimous opinion, and two experts contacted by The Verge disagreed that it was unusual.“This is normal practice,” says Matt Tait, founder and CEO of Capital Alpha Security. “In cases like this, the onus for digital forensics is on the third-party contracted by the company that's calling in the incident response team, in this case CrowdStrike.”
See this content immediately after install