This is a question for both the January 6 Committee and the intelligence community.
In February, I wrote (CNN )Unspooling the latest twists in special counsel John Durham’s investigation – The Alfa Bank/ Trump Tower Connection – Screen Scraper Theory, which describes this exploitation:
My suspicions were not allayed, so I developed a hypothesis. The Trump campaign was running NationBuilder software, or something like it. The Russians wanted the donor database for future espionage.
The FBI “ruled out any improper cyber links”. I was not satisfied, so I developed a scheme that uses only volatile computer memory. In computer lingo, nonvolatile memory is persistent, and available for forensic examination unless it has been deliberately erased . Data stored in volatile memory vanishes without a trace when the power is cut, or sometimes, but not always, when the machine is rebooted.
A scheme that uses only volatile memory would allow a perpetrator to leave no traces, other than the inexplicable ping traffic between Trump Tower and Alfa Bank. Inexplicable, because the context was contained in volatile memory. One part of the scheme is a well known software gadget called a “screen scraper.”
I have great respect for the FBI. Maybe they made a rare mistake. While the remaining evidence cannot confirm my explanation, it may not be possible to rigorously reach the conclusion “ruled out any improper cyber links”. Perhaps the only rigorous conclusion is “we don’t know”, to which I, but not the FBI, have the freedom to add “It sure looks suspicious.”
In February, I asserted, The Russians wanted the donor database for future espionage. Since I am suspicious, here is a purely speculative idea of how they could exploit. No implication is made that such has occurred, or that it explains the behavior of some Republican lawmakers or executive branch officials. It requires these premises:
- If the Russians could make clandestine payments to lawmakers and office-holders, and they assessed the risks were minimal, they would. They already do this with spies.
- They have the donor list.
It then becomes a purely technical problem for Russian hackers:
- Hacking the computers and email address books of donors, they work their way through chains of contacts to office holders.
- They don’t come at their targets with “Hi, we’re Russians, and we want to pay you.” Their fronts are fictitious donor organizations, whose “members prefer to remain private”, e.g., “Committee of Great Americans for a Great America.”
- The perps take advantage of surveillance gaps in FISA since the end of NSA warrantless surveillance in 2007. If I were the Russian running the op, I would set up an in-U.S. server with a sat-phone connection to a third country, a digital cutout. With skillful camouflage, a solicitation could be made to appear, per FISA restrictions on domestic surveillance, as a dialog between two domestic parties.
- Payment is by non-fungible token. This is tricky; token anonymity can be cracked. The actual device is left to experts.
The many courageous members in Congress give hope that democracy will survive. So it tempts to skip a dig. Yet as per the WaPo masthead, “Democracy Dies in Darkness.” So I defer to Will Rogers:
I hope not. There’s always room for improvement.