YARED TAMENE WOLDE-YOHANNES
IT Director for DNC
HPSCI testimony
08/30/17
Counsel : Marc Elias, Graham Wilson - Perkins Coie
https://intelligence.house.gov/uploadedfiles/ty54.pdf
SUMMARY
-
FBI first contacted Yared in Sept 2015 asking to check on possible nefarious activity. Details were vague, and they found no evidence to corroborate the FBI, except for some phishing emails that never got through the spam filter.
-
He had multiple conversations with the FBI agent over the next several months with the FBI eventually requesting 15 gigs of email metadata. FBI agent confirmed that he received info from other unnamed IC operatives.
-
The day before they were to turn this material over to the FBI (Apr 28th), the DNC network was subject to its first overt attack looking for user passwords.
-
A couple days later on May 1st, the IT team has a call with the DNC CEO and COO and the Perkins Coie legal team, incl. Michael Sussman & Marc Elias. It is at this point that the DNC engages CrowdStrike.
-
Yared speaks to his FBi contact a couple days later who tells him that he has spoken with the CrowdStrike project manager and that the DNC is in good hands. All further contact with the FBI is done through CrowdStrike.
-
It is CrowdStrike that identifies the Apr 28th attack as coming from “Fancy Bear” (APT-28) and identifies the intrusions that the FBI was noting (but were never discovered by the DNC IT team) as coming from “Cozy Bear” (APT-29). Both are allegedly affiliated with the Russian government.
-
Yared addresses the Seth Rich ‘conspiracy theory’ by saying that a complete forensic analysis was done on almost all of the systems & devices and that they found no unauthorized access by DNC personnel. CrowdStrike was involved in this process.
-
Yared notes that the DNC has “hundreds of” servers and that CrowdStrike identified 38 systems (incl. devices & laptops) that showed evidence of compromise. Out of those, 26 were selected by CS as needing further analysis. Yared mentions here that some or all of these 26 were requested by the FBI and that clones were made and given to CS who provided them to the FBI.
-
HOWEVER, Yared mentions later on that ‘only one or two of the systems were cloned’. He states that CS made all the determinations & decisions as to which systems were compromised and which required cloning.
-
He was not aware of what was turned over to the FBI, only that the FBI was given everything they asked for.
-
Back in Apr 2016 before CS was engaged, FBI Agent gave Yared a script to use that they chose to not to place on the system. If they had, it would have alerted any adversaries that they were onto them.
WHAT’S NOT DISCUSSED ANYWHERE IN THE TESTIMONY - There is zero mention of any data transfers out of the network that would have been required for the published release of the DNC material by WikiLeaks. Like it never happened.
Testimony details found in bread #11639
>>9092830
>>9092858
>>9092895