Democratic National Committee (DNC) files allegedly hacked by the Russian government were downloaded at a speed that suggests that data transfer was unlikely done remotely over the Internet, a new analyses say.
Files stolen from the DNC in June 2016 and later released by WikiLeaks compromised Hillary Clinton and thus helped Donald Trump win the presidential race. A hacker named Guccifer 2.0 claimed responsibility for breaching the DNC server and stealing the email correspondence, the Motherboard reported.
According to the Motherboard, Guccifer 2.0 said he used a zero-day exploit to breach the DNC server, but shortly after, the CIA, NSI and FBI came to the same conclusion that the hack-attack had come from Russia. According to the US Intelligence, the hacking was performed by Russian hackers in order to prevent Hillary Clinton from becoming US president.
The new analysis, however, challenges the very essence of the allegations about the hack-attack.
An individual known as the Forensicator has published a document that allegedly shows that DNC files were transferred at a speed of 23 MB/s, making it “unlikely that this initial data transfer could have been done remotely over the Internet.”
The document allegedly proves that the DNC server was never hacked, suggesting that data transfer was an inside job.
“The initial copying activity was likely done from a computer system that had direct access to the data,” according to the Forensicator.
Describing “direct access,” the Forensicator said that the data was either copied to a USB memory stick by someone who had physical access to the DNC server, or copied over a local high-speed network (LAN).
When creating a digital archive there is a timestamp that, beside the time of unpacking, reveals exact time when the archive was made. For his analysis, the Forensicator showed that if the .rar files were adjusted to Eastern Time, they “fall into the same range as the last modified times for the directories archived in the .rar files.”
Therefore, the Forensicator concludes that the files were built on a computer system with active Eastern Daylight Savings Time (EDT), which means that the system was most likely located on the East Coast of the US.
The analysis of the metadata found that the archived files were picked from a much larger collection of files and that it took substantially shorter time to transfer the data, which had to be done at a much higher transfer rate than any existing Internet connection, which is though possible with fast LAN or USB connections.