It’s a good thing most of this work was already done. It’s hard to imagine keeping a lot of enthusiasm going for it at this point, as the evidence becomes more sordid. The information points more and more to a plan that began before the November 2016 election – and long before a special counsel was appointed in May 2017.
Key official players in the timeline below include FBI Director James Comey, Deputy Director Andrew McCabe, FBI General Counsel James Baker, FBI Chief of Staff James Rybicki, FBI counterintelligence agent Peter Strzok, then the Chief of the Counterespionage Section, and Lisa Page – Peter Strzok’s mistress – a staff attorney working for Andrew McCabe.
At the Department of Justice, Bruce Ohr was a major player, in part because his wife Nellie was working for Fusion GPS, and in part because he had visibility on Russian and other transnational crime through his job: as an associate deputy attorney general and director of the Organized Crime Drug Enforcement Task Forces (OCDETF), who had previously been Counselor for Transnational Organized Crime and International Affairs in the Criminal Division at the DOJ. Before that, he was the Chief of the Organized Crime and Racketeering Section in the Criminal Division (of DOJ) from 1999 through May 2011.
With that resume, Ohr very probably knew not only Strzok at FBI, but Michael Sussman at Perkins Coie – as well as Glenn Simpson, who hired Ohr’s wife Nellie to work on the anti-Trump dossier, and dossier author Christopher Steele.
Glenn Simpson, of course, is connected to Hillary and Bill Clinton through his wife, Mary Jacoby.
There are other players (e.g., Sally Yates and John Carlin at DOJ), who are not in the above list only because they don’t figure in this particular timeline.
This is by no means a complete timeline for 2016, for that matter. The focus is the period bounded as follows: the lead-up to early May, when Comey began drafting his memo exonerating Hillary on her email irregularities, and Comey’s announcement clearing Hillary on 5 July.
As discussed previously, the FBI had apparently been doing back-door surveillance of the Trump campaign up through mid-April, when a crackdown by NSA shut that effort down. We don’t have probative evidence of who was involved at the FBI.
Late April is also when law firm Perkins Coie contracted with Fusion GPS, on behalf of the DNC and Hillary Clinton, to do opposition research on Donald Trump.
The timeline is incomplete here, but perhaps the more telling for its cleanness. The most important take-away from this timeline is all the things a handful of people had reason to know – not in hindsight, like the rest of us, but as it was happening, at the time.
It is increasingly unbelievable that this handful of people could know all these things, yet not be doing anything based on knowledge of them. It looks more likely, not less, that it is not merely the Mueller probe that has served as a consciously-wielded tool against Trump.
Government officials probably knew enough in 2016 to be witting participants in a plan to tar Trump with fictional allegations about “Russia collusion” based on things the Democrats and the Obama administration knew about, but Trump didn’t.
This package of opportunity and access – by people who all figured in the later Mueller probe – coincided with an apparent plan by the same people to exonerate Hillary Clinton in order to keep her in the presidential race.
The activities of or within the FBI itself are introduced with underlined dates.
The April-May period
April 2016: (Date unknown) The FBI notifies the DNC that the DNC’s email system has been penetrated. If the report from the Daily Beast is valid (see Youssef/Harris story at the link above), it thus beggars belief that the FBI did not know when the DNC “detected” and took action on the Fancy Bear intrusion on 29 April.
That’s an extremely significant IT breach, which the Director himself would be briefed on. At a minimum, given their jobs, Comey, McCabe, and Bruce Ohr would have known about the breach. Since the FBI told the DNC it was the Russians, Peter Strzok – counterespionage, and a specialist in Russian crime – would have known too.
26 April: Trump sweeps the primaries in CT, DE, MD, PA, and RI, bringing his delegate count to 854 (with 1,237 needed to clinch the nomination). This was the first multi-state primary date on which none of his remaining opponents won a state. Talk began in earnest of Trump actually getting to Cleveland with the nomination locked up.
29 April: The DNC reportedly discovers the penetration of its servers by unknown hackers. (We don’t know how long this was after the notification by the FBI, or exactly what information the latter entailed.) An emergency meeting is called between Debbie Wasserman-Schultz (DNC Chief Executive), Amy Dacey (DNC Technology Director), Andrew Brown, and Michael Sussman, a lawyer for Perkins Coie. Sussman is a former federal prosecutor for the DOJ whose expertise is computer crime.
Nellie Ohr is an academic specialist in modern Russian history, whose work in the last decade is somewhat murky, but appears to include the CIA’s Open Source Works research group in 2010, as well as federal contractor Miklos Systems (which has a small data analytics division; being under contract through Miklos may have been how Ohr worked for Open Source Works), and professional services giant Accenture in 2015. Nellie Ohr’s LinkedIn profile, interestingly, has been scrubbed, although its prior existence is still evident in a Google search.
A clue to the kind of work Nellie Ohr was doing in that earlier period may be found at this link, where she wrote in May 2014 for Medium about sleuthing for people with Russian names on the Web. Note the connection to cyber research on Russian people, and the implied link (based on her other employment) to Russian online activities and organized crime.
2 May: Comey (then FBI director) emails his draft statement on the Hillary Clinton email investigation to Deputy Director Andrew McCabe, FBI General Counsel James Baker, and FBI Chief of Staff James Rybicki for comment.
The Senate Homeland Security Committee (in December 2017; link above) points out that this occurred before the FBI “had completed over a dozen interviews” with relevant witnesses, including an interview with Clinton herself (which would not occur until 2 July).
3 May: Trump wins the IN primary, and Ted Cruz drops out.
4 May: John Kasich also drops out of the GOP race. Trump is now the only remaining candidate.
4 May: Peter Strzok and Lisa Page have a text exchange about the GOP primary results, which Senator Ron Johnson, Chairman of the Homeland Security and Governmental Affairs Committee, characterizes as follows:
On May 4, 2016 – after then-Director Comey began drafting his July 5 statement clearing Secretary Clinton – Ms. Page and Mr. Strzok communicated about “pressure” building to finish the FBI’s investigation following candidate Trump’s likely nomination…
Here is the exchange in question:
Page: And holy sh*t Cruz just dropped out of the race. It’s going to be a Clinton Trump race. Unbelievable.
Page: You heard it right my friend.
Strzok: I saw trump won, figured it would be a bit…Now the pressure really starts to finish MYE.
Page: It sure does. We need to talk about follow up call tomorrow.
(“MYE” stands for “midyear exam,” the FBI case name for the Clinton email probe.)
4 May: Five days after first discovering the server penetration at the DNC, Michael Sussman – of Perkins Coie – finally calls CrowdStrike to arrange for analysis of the problem. Sussman’s call goes to CrowdStrike executive Shawn Henry, a long-time official at DOJ and FBI whose expertise is in computer crime, and who had been hired by CrowdStrike in 2012. Sussman and Henry probably knew each other during their extensively overlapping time at DOJ/FBI, working in the same field. It isn’t clear why it took five days to make this decision.
But at this point, or shortly thereafter, it is quite possible one or both of them discussed the intrusion into the DNC system with old associates at DOJ and/or the FBI. Since the FBI reportedly already knew about the DNC penetration, it actually would have been strange if they didn’t.
This was more than a month prior to the date on which they were reported to have formally notified the FBI (10 June).
5 May: CrowdStrike installs an analytical program at the DNC (link above) and immediately gets hits on malware developed by Russian FSB-linked actors (the now-infamous “advanced persistent threats,” or APTs, Cozy Bear and Fancy Bear). Cozy Bear had been on the system since 2015. Fancy Bear’s activity is what became apparent on 29 April.
The DNC then allowed their servers to continue operating with the threat penetrations active on them, and watched as data was pilfered for more than a month before finally pulling the plug. The purpose of this was to employ CrowdStrike applications to track the events and attempt to trace them to their points of origin. Scott Ritter summarizes the findings (italics added):
Shawn Henry and his team used CrowdStrike’s Falcon Overwatch capability to monitor the DNC’s compromised servers for more than 30 days, mapping out the scope of the intrusion and tracking the actions of the attackers. The scope of the Cozy Bear intrusion was potentially devastating. According to CrowdStrike, Cozy Bear had roamed uncontested throughout the totality of the DNC server, collecting and transmitting email and Voice over Internet Protocol (VoIP) communications. Significant amounts of data had been exfiltrated during this time, CrowdStrike assessed, and the DNC had to assume that anything stored in the server had been compromised.
Fancy Bear appeared to have more limited objectives. Henry’s team detected evidence of a few select files having already been exfiltrated, while others were staged for future exfiltration. An analysis of these files showed that Fancy Bear was focused on opposition research being done by the DNC on the erstwhile Republican nominee, Donald J. Trump.
In other words, Fancy Bear went to work, finding oppo-research files about Trump, on or shortly before 29 April, around the time Trump had his first primary sweep.
6 May: Andrew McCabe forwards Comey’s draft statement on the Hillary Clinton email investigation to top counterintelligence officials Peter Strzok and E.W. “Bill” Priestap, along with Jonathan Moffa, and an employee in the Office of General Counsel whose name was redacted in the documents viewed by the Senate. (2 May Comey link, above.)
McCabe is the official whose wife, Jill McCabe, received a big chunk of the money for her state office campaign in Virginia in 2015 from Hillary crony Terry McAuliffe. On 6 May, McCabe was not only in the decision chain for the Hillary email investigation and the Comey statement, but also probably knew about the intrusion into the DNC server.
Also note: by 6 May, CrowdStrike thought the DNC intrusion was traceable to the Russians. (It doesn’t matter as much whether that’s a valid assessment as that CrowdStrike thought it was. Anything officials at DOJ or the FBI were being briefed on through back channels would have reflected CrowdStrike’s opinion.)
This finding dovetailed with the FBI’s own notification to the DNC in April 2016, as reported by Daily Beast. It is reasonable to suppose that officials with expertise and a particular interest in Russian crime activities – including both Peter Strzok and Bruce Ohr – knew about the DNC intrusion, at the same time Strzok was participating in the exoneration chain for Hillary Clinton, and Bruce Ohr’s wife was being hired to work opposition research on Trump for Fusion GPS and the DNC.
A lot happened over the next seven weeks, but I will include only the next events from early June, as they bear directly on the Hillary investigation.
10 June: A revised draft of Comey’s statement on the Hillary email investigation is produced, reflecting softened wording that appears to excuse what was originally phrase in criminal-sounding language. Peter Strzok is reported to be the official who proposed the language change. (This is the language change from calling Hillary’s actions “grossly negligent” to calling them “extremely careless.”)
10 June: Cheryl Mills and Heather Samuelson sign immunity agreements with the FBI, allowing their testimony to go forward. This occurs exactly the same day as the revised Comey draft with softened language.
The immunity agreements include “side agreements requiring the FBI to destroy evidence on devices turned over to the FBI.” (See Senate Homeland Security Committee letter from 14 December 2017, link above.)
Note that Peter Strzok was involved in the entire Hillary investigation, including the processing of witnesses like Mills and Samuelson.
Now we skip forward to the events just before and including Comey’s announcement on 5 July clearing Hillary Clinton. On 27 June, Loretta Lynch and Bill Clinton had their meeting on Lynch’s plane on the tarmac.
The timeline resumes.
30 June: The FBI circulates a draft of Comey’s exoneration memo on Hillary Clinton in which Hillary is referred to as emailing President Obama via her private server from the overseas territory of “sophisticated adversaries.” (See Senator Johnson letter, link above and screen caps below.)
30 June: Strzok and Page, in a text exchange, discuss changing the verbiage to leave out Obama’s name.
As Johnson’s letter notes, the president’s name is changed to “another senior government official.”
1 July 2016: Strzok and Page, in a text exchange, appear to be aware that Comey will not recommend charges to Attorney General Loretta Lynch – and to be aware that Lynch knows that too.
2 July: HILLARY CLINTON IS FINALLY INTERVIEWED BY THE FBI IN THE INVESTIGATION OF HER EMAIL “MATTER.” This event occurs two months after Comey began drafting the statement exonerating her; three weeks after the interoffice proposal to soften the language describing her handling of her email responsibilities (“gross negligence” versus “extreme carelessness”); five days after the Lynch-Bill Clinton meeting on the tarmac; two days after Obama’s name is removed from the Comey statement; and one day after Strzok and Page appear to indicate that Lynch already knew there would be no recommendation of charges. Clinton is not put under oath, nor is her interview recorded.
5 July: James Comey announces there will be no further investigation of Hillary Clinton and no charges brought.
The conclusion it’s hard to avoid
It’s essential to understand that in this critical period, there could have been – and probably were – at least half a dozen people in DOJ/FBI who knew everything that was happening:
knew about the back-door surveillance of Trump prior to mid-April 2016;
knew about the DNC intrusion;
knew about the assessment that it was the Russians;
knew that the “Fancy Bear” hackers were going after the DNC’s information on Trump;
knew (through Bruce Ohr, and/or Perkins Coie and Michael Sussman) that the DNC had hired Fusion GPS to compile oppo research on Trump, and that Fusion was hiring Nellie Ohr;
and knew that the FBI was grooming its “investigation” of Hillary’s emails to produce an exoneration of her.
By the time James Comey announced that the investigation of Hillary was concluded, on 5 July, the FBI was aware of Christopher Steele’s “dossier,” and had opportunities through more than one channel to know that this was Fusion’s – and therefore the DNC’s and Hillary’s – gambit to go after Trump: with allegations of Russian collusion. Nellie Ohr could certainly have told Bruce Ohr at DOJ. Steele may have told an FBI contact directly.
The only relevant thread we can’t show the DOJ/FBI crowd had visibility on was the unmasking activity being done by the National Security Council staff and/or the CIA (or ODNI staff).
For each of the things DOJ/FBI knew, there was a professionally, ethically obvious thing to do – which nevertheless does not seem to have been done. Yet that may be the least of our worries.
If the FBI were investigating something like this, and came up with a similar set of facts, the Bureau would detect the hallmarks of a RICO conspiracy.
The extremely disturbing plot twist here is that DOJ and the FBI seem to have been right in the middle of it.