Top cyber security team finds no evidence of Trump-Russia chatter on Alfa Bank server

A cyber security report debunks the accusation that the Trump campaign and Vladimir Putin were communicating secretly via Alfa Bank servers

Image
Special Counsel Robert Mueller's Russia collusion report
Special Counsel Robert Mueller's Russia collusion report
(Eva Hambach / Getty Images)
Updated: April 24, 2020 - 4:42pm

The Facts Inside Our Reporter’s Notebook

A report released Friday by top cyber-security experts concludes, as did Special Counsel Robert Mueller, that the 2016 Trump presidential campaign did not secretly communicate with the Russian government via a computer server belonging to Russia’s Alfa Bank.

In the report by the cyber consulting firm Ankura, cyber experts determined that the communication from Alfa Bank to servers on the U.S. East Coast were going to a company that runs marketing activities for several global hotel chains, including, for a number of years, the Trump Hotels - not servers owned or operated by the Trump campaign. 

Mueller, when asked during a hearing in the summer of 2019 about allegations that Trump and Russian President Vladimir Putin were exchanging covert communications via the Alfa Bank server, said, “I believe it’s not true.” 

The notion that there was secret communication going on between Trump and Russia, that would make it seem like Trump was colluding to win the White House, came from former British intelligence operative Christopher Steele, whose anti-Trump dossier, used by the FBI for its Trump-Russia probe, has also been largely discredited. 

On October 11, 2016, Steele met with Deputy Assistant Secretary of State Kathleen Kavalec.

Following his visit, Kavalec sent information that she received from Steele to the FBI, including details about the suspected communications via the Alfa Bank server.

At the time, investigators were trying to determine unexplained Domain Name System (DNS) pings between one of the bank’s servers and a server used by the Trump organization's marketing agency on the East Coast. Domain Name Systems are the systems by which internet domain names and addresses are tracked and regulated - in this case, they were used to determine communication patterns between the servers. 

After an assessment by Ankura’s Cyber Threat Analysis and Pursuit Team (CTAPT) of possible DNS activity between the Trump organization, the marketing agency servers, and the Alfa Bank servers, the cyber experts found “no evidence that mail1.trump-email.com and trump1.contact-client.com were used by Alfa-Bank and the Trump organization for covert communications.”

The Ankura team did, however, find evidence that suggests so-called "threat actors" conjured the appearance of a connection between the Trump servers and Alfa Bank servers by creating false Domain Name System activity (DNS). If this is true, it "would constitute a potential violation of various U.S. laws," says the report.

The FBI determined in February of 2017 that there were no links between the Trump organization and Alfa Bank. However, the narrative persists in some mainstream media reports.

What remains unclear is whether there were, in fact, bad actors who created false DNS activity to continue feeding the Russia collusion narrative -- and, if they exist, who are they?

The exact role Christopher Steele played also remains a mystery. Did he know to look out for suspicious DNS activity to report to Kavalec? Or was the information handed to him by someone else?

Just the News Spotlight