Fact Check: Experts Unconvinced Russia Hacked Burisma to Harm Joe Biden


Amid the latest claims that Russia is meddling in the 2020 campaign, a charge from last month has been recirculating in the news media in recent days that the Russians are working to damage Joe Biden’s presidential bid.

The evidence in the Biden matter has been described by some experts as circumstantial at best.

Also Area 1, the firm entirely relied upon to allege the Russian hack of Burisma, was founded by an expert who was a top employee at CrowdStrike and is further linked to the CrowdStrike firm. CrowdStrike is the third party company utilized to conclude that Russia hacked the DNC after it famously refused to allow the FBI to directly conduct forensic examinations of the DNC server.

In spotlighting the Burisma hack story, the media also largely failed to report Area 1 has been hired by at least half the Democratic presidential nominees for anti-phishing services or that it’s funded by a technology venture capital firm whose employees are Democrat donors.

Area 1 is also partnered with Google while CrowdStrike was funded by Google’s parent company.

The New York Times first reported in January on the alleged Russian hack of Burisma which was reportedly discovered by Area 1 on New Year’s Eve.  The hack was carried out by the Russian military intelligence unit formerly known as the G.R.U., according to Area 1.

The alleged Russian hackers “could be searching for potentially embarrassing material on the Bidens” reported the New York Times. Burisma paid Hunter Biden as a board member while Joe Biden boasted on video about personally threatening to withhold loan guarantees from Ukraine unless a prosecutor investigating Burisma was removed.

The story that Russia hacked Burisma to harm Biden has been receiving renewed media attention in recent days after The Washington Post and The New York Times each reported on a briefing to the House Intelligence Committee last week claiming Russia was interfering in the current presidential campaign cycle purportedly to aid President Trump’s re-election.

“Another misinformation campaign is being launched by Democrats in Congress saying that Russia prefers me to any of the Do Nothing Democrat candidates who still have been unable to, after two weeks, count their votes in Iowa,” Trump responded on Twitter. “Hoax number 7!”

White House National Security Adviser Robert O’Brien questioned whether there was actual intelligence information behind the claim that Russia was trying to help Trump by interfering.

“From what I understand about the report….I get this second hand, but from Republican congressmen that were in the committee, there was no intelligence behind it,” O’Brien told CBS’ “Face the Nation” moderator Margaret Brennan.

“I haven’t seen any intelligence to support the reports that were leaked out of the House. But it’s just hard to comment on that because, again, I wasn’t there. And these are leaks that were coming from a House Intel Committee hearing. I haven’t seen any intelligence that would- would back up what I’m reading in the papers.”

Meanwhile, in a narrative strikingly similar to the alleged Russian hack of the Democratic National Committee (DNC), the news media has been re-pushing The Times’ story from January citing a cybersecurity firm saying it discovered Russian military spies hacked into Burisma likely to harm Biden politically.

The Times’ story was based on an assessment by the Area 1 firm, which documented its findings in an eight-page report.

Kyle Ehmke, threat researcher for ThreatConnect, reviewed Area 1’s findings and assessed with only “moderate confidence” the evidence alleging that Russia’s GRU were behind the attack.

“We see consistencies,” Ehmke told The Verge tech news website, “but in some cases those consistencies aren’t consistent to a single actor.”

The Verge further reported:

There are real suggestions that Russia’s GRU intelligence service could be involved, but the evidence is mostly circumstantial, as is often the case with hacking campaigns. The result leaves the case against Russia frustratingly incomplete and suggests we may head into the presidential campaign with more questions than answers.

The Daily Beast cited more experts saying they were unconvinced about the evidence that Russia hacked Burisma.

The Times claimed the alleged Russian hackers may have been seeking “the same kind of information that Mr. Trump wanted from Ukraine when he pressed for an investigation of the Bidens and Burisma, setting off a chain of events that led to his impeachment.”

The Times reported:

Area 1 researchers discovered a G.R.U. phishing campaign on Ukrainian companies on New Year’s Eve. A week later, Area 1 determined what the Ukrainian targets had in common: They were all subsidiaries of Burisma Holdings, the company at the center of Mr. Trump’s impeachment. Among the Burisma subsidiaries phished were KUB-Gas, Aldea, Esko-Pivnich, Nadragas, Tehnocom-Service and Pari. The targets also included Kvartal 95, a Ukrainian television production company founded by Mr. Zelensky. The phishing attack on Kvartal 95 appears to have been aimed at digging up email correspondence for the company’s chief, Ivan Bakanov, whom Mr. Zelensky appointed as the head of Ukraine’s Security Service last June.

To steal employees’ credentials, the G.R.U. hackers directed Burisma to their fake login pages. Area 1 was able to trace the look-alike sites through a combination of internet service providers frequently used by G.R.U.’s hackers, rare web traffic patterns, and techniques that have been used in previous attacks against a slew of other victims, including the 2016 hack of the D.N.C. and a more recent Russian hack of the World Anti-Doping Agency.

The Washington Post in January immediately jumped on the story in a piece titled, “Russian spies hacked Ukrainian gas company at heart of Trump impeachment trial, company says.”

“The attacks were successful,” said Oren Falkowitz, a co-founder of Area 1. Falkowitz was widely quoted in the news media to verify the Area 1 analysis.

Area 1’s Falkowitz has actively supported Democrats on his twitter feed.

Falkowitz donated the amount of $1,337 to Sen. Elizabeth Warren’s (D-MA) 2020 presidential campaign in July. He donated the same amount to Sen. Corey Booker’s (D-NJ) stalled campaign in September. In 2015, he gave $1,000 to Never Trumper John Kasich.

The $1,337 donation from Falkowitz to two Democrats running for president came after the Federal Election Commission in July gave special permission to Area 1 to offer its anti-phishing services to federal candidates and political committees at a minimal cost. The flat annual fee for Area 1 services to political candidates is reportedly $1,337.

Democratic presidential candidates wasted no time securing Area 1’s services. As of two months ago, about half of all major 2020 presidential candidates signed up to utilize Area 1, Falkowitz said.

Falkowitz was asked by Mercury News whether the candidates were paying more attention to the potential threat of foreign hackers. He said that he was interfacing directly with the candidates on the issue.

“Without a doubt. I’ve been encouraged in my conversations with candidates directly, and with their staffs, that they are talking about and thinking about the issue. That was definitely not the case in 2016. But there’s a lot more work to do,” Falkowitz replied.

Area 1 is linked to CrowdStrike. Area 1 co-founder Blake Darché worked at CrowdStrike as a Principal Consultant prior to founding Area 1. He was one of the founding members of CrowdStrike’s Services organization.

Falkowitz is an expert for the annual RSA Conference on cybersecurity where Dmitri Alperovitch, CrowdStrike’s co-founder and Chief Technology Officer, serves on the advisory board. Area 1 participates annually in the RSA Conference alongside CrowdStrike’s Alperovitch.

Just like CrowdStrike, Area 1 is tied to Google.

CrowdStrike was financed to the tune of $100 million from a funding drive last year led by Google Capital. Google Capital, which now goes by the name of CapitalG, is an arm of Alphabet Inc., Google’s parent company. Eric Schmidt, the chairman of Alphabet, has been a staunch and active supporter of Hillary Clinton and is a longtime donor to the Democrat Party.

Area 1, meanwhile, partnered with Google to become Google’s Cloud Technology Partner for Security.

A major Area 1 investor is Kleiner Perkins , who’s employees give overwhelmingly to Democrats.

Aaron Klein is Breitbart’s Jerusalem bureau chief and senior investigative reporter. He is a New York Times bestselling author and hosts the popular weekend talk radio program, “Aaron Klein Investigative Radio.” Follow him on Twitter @AaronKleinShow. Follow him on Facebook.

Joshua Klein contributed research to this article.