Everyone Hopes Mueller Has All Of It-- Including How Russian Knew Where, What And Who To Target In 2016

Russian Players by Nancy Ohanian: Trumpanzee, Michael Cohen, Sessions, Manafort, Flynn, J.D. Gordon, Carter Page, Wilbur Ross, Kushner-in-law, Fuck-Up Jr.I wasn't in the country when I first read about the relationship between Alpha Bank computers and Trump campaign computers. I can't remember where I was-- maybe even Moscow-- but I do remember thinking that that was the end of the road for the Trump campaign. Was I ever wrong. But the Alpha Bank connection has gnawed at me ever since. It's complicated and Franklin Foer tried explaining it days before the election but the story never took hold. I've been hoping Mueller would put it in the proper context eventually. But this week Dexter Filkins gave it a shot at the New Yorker with a piece sure to be ignored, Was There A Connection Between A Russian Bank And The Trump Campaign. This could have been the targeting connection between Team Putin and Team Kushner-in-Law that stole the election from Hillary. Filkins knows no more than anyone else who's followed the story. Much of it is boring tech-talk. Like this: "Max’s group began combing the Domain Name System, a worldwide network that acts as a sort of phone book for the Internet, translating easy-to-remember domain names into I.P. addresses, the strings of numbers that computers use to identify one another. Whenever someone goes online-- to send an e-mail, to visit a Web site-- her device contacts the Domain Name System to locate the computer that it is trying to connect with. Each query, known as a D.N.S. lookup, can be logged, leaving records in a constellation of servers that extends through private companies, public institutions, and universities. Max and his group are part of a community that has unusual access to these records, which are especially useful to cybersecurity experts who work to protect clients from attacks."

Examining records for the Trump domain, Max’s group discovered D.N.S. lookups from a pair of servers owned by Alfa Bank, one of the largest banks in Russia. Alfa Bank’s computers were looking up the address of the Trump server nearly every day. There were dozens of lookups on some days and far fewer on others, but the total number was notable: between May and September, Alfa Bank looked up the Trump Organization’s domain more than two thousand times. “We were watching this happen in real time-- it was like watching an airplane fly by,” Max said. “And we thought, Why the hell is a Russian bank communicating with a server that belongs to the Trump Organization, and at such a rate?”Only one other entity seemed to be reaching out to the Trump Organization’s domain with any frequency: Spectrum Health, of Grand Rapids, Michigan. Spectrum Health is closely linked to the DeVos family; Richard DeVos, Jr., is the chairman of the board, and one of its hospitals is named after his mother. His wife, Betsy DeVos, was appointed Secretary of Education by Donald Trump. Her brother, Erik Prince, is a Trump associate who has attracted the scrutiny of Robert Mueller, the special counsel investigating Trump’s ties to Russia. Mueller has been looking into Prince’s meeting, following the election, with a Russian official in the Seychelles, at which he reportedly discussed setting up a back channel between Trump and the Russian President, Vladimir Putin. (Prince maintains that the meeting was “incidental.”) In the summer of 2016, Max and the others weren’t aware of any of this. “We didn’t know who DeVos was,” Max said.The D.N.S. records raised vexing questions. Why was the Trump Organization’s domain, set up to send mass-marketing e-mails, conducting such meagre activity? And why were computers at Alfa Bank and Spectrum Health trying to reach a server that didn’t seem to be doing anything? After analyzing the data, Max said, “We decided this was a covert communication channel.”...At the meeting, in late September, 2016, a roomful of officials told Eric Lichtblau [the NY Times reporter looking into the connection] that they were looking into potential Russian interference in the election. According to a source who was briefed on the investigation, the Bureau had intelligence from informants suggesting a possible connection between the Trump Organization and Russian banks, but no data. The information from Max’s group could be a significant advance. “The F.B.I. was looking for people in the United States who were helping Russia to influence the election,” the source said. “It was very important to the Bureau. It was urgent.”The F.B.I. officials asked Lichtblau to delay publishing his story, saying that releasing the news could jeopardize their investigation. As the story sat, Dean Baquet, the Times’ executive editor, decided that it would not suffice to report the existence of computer contacts without knowing their purpose. Lichtblau disagreed, arguing that his story contained important news: that the F.B.I. had opened a counterintelligence investigation into Russian contacts with Trump’s aides. “It was a really tense debate,” Baquet told me. “If I were the reporter, I would have wanted to run it, too. It felt like there was something there.” But, with the election looming, Baquet thought that he could not publish the story without being more confident in its conclusions.Over time, the F.B.I.’s interest in the possibility of an Alfa Bank connection seemed to wane. An agency official told Lichtblau that there could be an innocuous explanation for the computer traffic. Then, on October 30th, Senate Minority Leader Harry Reid wrote a letter to James Comey, the director of the F.B.I., charging that the Bureau was withholding information about “close ties and coordination” between the Trump campaign and Russia. “We had a window,” Lichtblau said. His story about Alfa Bank ran the next day. But it bore only a modest resemblance to what he had filed. The headline-- “investigating donald trump, f.b.i. sees no clear link to russia”-- seemed to exonerate the Trump campaign. And, though the article mentioned the server, it omitted any reference to the computer scientists who had told Lichtblau that the Trump Organization and Alfa Bank might have been communicating. “We were saying that the investigation was basically over-- and it was just beginning,” Lichtblau told me.That same day, Slate ran a story, by Franklin Foer, that made a detailed case for the possibility of a covert link between Alfa Bank and Trump. Foer’s report was based largely on information from a colleague of Max’s who called himself Tea Leaves. Foer quoted several outside experts; most said that there appeared to be no other plausible explanation for the data.One remarkable aspect of Foer’s story involved the way that the Trump domain had stopped working. On September 21st, he wrote, the Times had delivered potential evidence of communications to B.G.R., a Washington lobbying firm that worked for Alfa Bank. Two days later, the Trump domain vanished from the Internet. (Technically, its “A record,” which translates the domain name to an I.P. address, was deleted. If the D.N.S. is a phone book, the domain name was effectively decoupled from its number.) For four days, the servers at Alfa Bank kept trying to look up the Trump domain. Then, ten minutes after the last attempt, one of them looked up another domain, which had been configured to lead to the same Trump Organization server.Max’s group was surprised. The Trump domain had been shut down after the Times contacted Alfa Bank’s representatives-- but before the newspaper contacted Trump. “That shows a human interaction,” Max concluded. “Certain actions leave fingerprints.” He reasoned that someone representing Alfa Bank had alerted the Trump Organization, which shut down the domain, set up another one, and then informed Alfa Bank of the new address....Alfa is still closely tied to the Russian system, but Fridman and Aven [the founders and principles] live much of the time in the United Kingdom. If there was a communications link with the Trump Organization, it might have been created without their knowledge. According to experts I spoke to, large Russian companies typically have a member of the intelligence services, either active or retired, working at a senior level. If a company’s services are required in some way, the officer-- called a kurator-- coördinates them. “A company couldn’t say no,” a Washington-based Russia expert told me. (When asked about this, an Alfa Bank spokesperson said, “To our knowledge there are no senior intelligence officials at senior levels at Alfa Bank.”)...Don McGahn, the White House counsel, came from Jones Day, one of the law firms that represent Alfa Bank in the United States. McGahn brought five Jones Day lawyers with him into the White House; six more were appointed to senior posts in the Administration. Jones Day has done work for businesses belonging to a long list of Russian oligarchs, including Oleg Deripaska, Viktor Vekselberg, and Alexander Mashkevich. The firm has also represented the Trump campaign in its dealings with Robert Mueller. For this reason, McGahn secured an ethics waiver that allows him to talk to his old firm when its clients have business before the U.S. government.In June, 2017, Trump nominated Brian Benczkowski, a lawyer who had overseen the Stroz Friedberg report for Alfa Bank, to lead the criminal division of the Justice Department. At his confirmation hearing, Benczkowski said emphatically that Stroz Friedberg, like Mandiant, had rejected the possibility of complicity. The investigation, he said, found that “there was no communications link between the Trump Organization and Alfa Bank.”Democratic senators expressed concern that Benczkowski had taken on work for Alfa Bank; he had been a senior member of Trump’s transition team and had good reason to expect that he would be appointed to a job in the Administration. “The client was a Russian bank that is under suspicion of having a direct connection with the Trump campaign,” Senator Richard Durbin said, during the hearing.He and the other Democratic senators were especially troubled that Benczkowski would not commit to recusing himself from dealing with Mueller’s investigation, even though he had worked for two of Russia’s leading oligarchs. “Why did you refuse to recuse yourself?” Senator Dianne Feinstein asked.Closing In by Nancy Ohanian“I don’t know what’s in Special Prosecutor Mueller’s investigation,” Benczkowski said. “I’m a lawyer in private practice. I have no idea what he’s up to, other than what I read in the papers.”Despite these questions, the Republican-led committee approved Benczkowski. This past July, the Senate confirmed him....If Trump and Alfa Bank-- as well as Spectrum Health and Heartland Payment Systems-- were communicating, what might they have been talking about? Max and some of the other scientists I spoke to theorized that they may have been using the system to signal one another about events or tasks that had to be performed: money to be transferred, for instance, or data to be copied. “My guess is that, whenever someone wanted to talk, they would do a D.N.S. lookup and then route the traffic somewhere else,” Richard Clayton, of the University of Cambridge, said. Camp also speculated that the system may have been used to coördinate the movement of data. She noted that Cambridge Analytica, which was working for the Trump campaign, took millions of personal records from Facebook. In Camp’s scenario, these could have been transferred to the Russian government, to help guide its targeting of American voters before the election.The researchers I spoke with were careful to point out that the limits of D.N.S. data prevent them from going beyond speculation. If employees of the companies were talking, the traffic reveals nothing about who they were or what they were saying; it is difficult to rule out something as banal as a protracted game of video poker. “If I’m a cop, I’m not going to take this to the D.A. and say we’re ready to prosecute,” Leto said. “I’m going to say we have enough to ask for a search warrant.” More complete information could be difficult to obtain. This March, after Republicans on the House Intelligence Committee announced that it had found no evidence of collusion between the Trump campaign and Russia, the committee’s Democrats filed a dissent, arguing that there were many matters still to be investigated, including the Trump Organization’s connections to Alfa Bank. The Democrats implored the majority to force Cendyn to turn over computer data that would help determine what had happened. Those records could show who in the Trump Organization used the server. There would probably also be a record of who shut down the Trump domain after the Times contacted Alfa Bank. Cendyn might have records of any outgoing communications sent by the Trump Organization. But the request for further investigation is unlikely to proceed as long as Republicans hold the majority. “We’ve all looked at the data, and it doesn’t look right,” a congressional staffer told me. “But how do you get to the truth?”The enigma, for now, remains an enigma. The only people likely to finally resolve the question of Alfa Bank and the Trump Organization are federal investigators. Max told me that no one in his group had been contacted. But, he said, it wasn’t necessary for anyone in the F.B.I. to talk to him, if the agents gathered the right information from other sources, like Listrak and Cendyn. “I hope Mueller has all of it,” he said.

Tags