Hack Everything Special Report

Hack Everything is an 85 page detailed Timeline of the DNC Hack. This report also includes the results of our extensive research into the 876 IP addresses in the Grizzly Steppe report. Our conclusion is that it is extremely unlikely that Russia committed the DNC cyber attack. To find out who did, please take the time to read our full report. Then share this report with anyone you know who is interested in learning the truth about the DNC hack.

You can read this report at the following series of 8 links. Our you can download a free PDF of our report by clicking on the Download link in our main menu. As our site may be taken down at any moment, please help us get the word out by sharing this report. Permission is granted to download, distribute, repost & republish all or any part of this report on any website. If you have any questions or comments, feel free to email us.

David Spring M. Ed.
This email address is being protected from spambots. You need JavaScript enabled to view it.
January 10, 2017


Executive Summary… A Primer on the Power of the NSA

Part 1: Evolution of Cyber Warfare Weapons 2007 to 2015
September 1, 2007: The NSA begins the Prism Collection Program.
June 6, 2013: Snowden Provides Documents Confirming the Power of the NSA
February 16, 2015 Kaspersky exposed the Equation Group
February 28, 2015: Kaspersky links Cozy Bear to Cozy Duke.

Part 2 Details of the DNC Hack... July 2015 to May 2016
September 2015: Cozy Bear also known as Cozy Duke attacks DNC network.
March 22, 2016: Fancy Bear Prepares to Attack the DNC
March 22, 2016: Billy Takes the Bait (so did Podesta)
March 22, 2016: Fancy Bear used a Ukrainian Server in their Email Attack
May 1, 2016: Crowdstrike kicks Cozy Bear & Fancy Bear Out of DNC Server

Part 3 Summer of Spin...The DNC Hack: June to August 2016
June 12 2016: Wikileaks Announces Clinton Data Release is Imminent
June 14, 2016: Crowdstrike releases DNC Hack Report
June 17, 2016: German Hack Smoking Gun turns out to be Smoke & Mirrors
July 10, 2016: DNC staffer Seth Rich killed in Washington DC
July 22, 2016: Wikileaks published DNC Leak Documents
July 24 2016: Wikileaks issues Tweet Implying Source is an Insider
July 31, 2016: Former NSA Lead Administrator, William Binney says the Hack was not done by Russians but by the NSA

Part 4 Ongoing Allegations... September to December 2016
September 15, 2016 Server Company Provides Analysis of Hacker Locations
October 7 2016: US issues Press Release Blaming Russia for DNC Hack
October to November 2016: Over the course of a month, Wikileaks publishes more than 58,000 emails hacked from the Gmail account of John Podesta.
November 2 2016: Wikileaks says Russia is not the source
November 8 2016: Media claims odds of Hillary winning as high as 90%.
November 24, 2016 Washington Post issued a story claiming that Russian propaganda help spread fake news through a list of 200 fake news websites.
November 30 2016: Congress passed bill authorizing Ministry of Truth for 2017
December 14 2016: Craig Murray, one of their leaders of Wikileaks said that their source was not a Russian but rather a “disgusted Democratic party insider.”
December 16 2016: Digital Fingerprints Turn Out to be Paw Prints
December 22, 2016: Smoking Gun Alert…Dimitri, Crowdstrike & Ukraine

Part 5 DHS/FBI Grizzly Steppe Report..December 29 & 30, 2016
December 29 2016: The DHS/FBI Grizzly Steppe Report Turns out to be Proof that the NSA does not like the TOR Project
December 30 2016 Glaring Problems with the Grizzly Steppe Report
December 30, 2016 Security Expert John McAfee Explains why he is certain the Russians did not hack the DNC

Part 6 The Rush to War... January 2017 to Present
January 3, 2017: Assange Explains Why a 14 Year Old Could Have Hacked Podesta’s Email
January 5 2017: John McCain, who has called for a Declaration of War against Russia, holds a Senate Armed Services Committee hearing
January 5, 2017 DNC says FBI never asked to access hacked computer servers
January 6, 2017: FBI claims DNC Refused to Give them Access to Hacked DNC Server
January 6 2017 US Intelligence Groups Issue the Dumbest Report I Have Ever Read
January 7 2017 Wikileaks Craig Murray says source is Washington Insider
January 10, 2017: David Spring with Turning Point News publishes “Hack Everything, A Detailed Timeline of the DNC Hack.”

Part 7 Who Really Hacked the DNC
Were either Cozy Bear or Fancy Bear Teenage Hackers?

Part 8 Cyber Warfare as a Business Model
Conclusion… How to Really Protect Yourself from NSA Cyber Weapons

About the Author

This report is dedicated to Edward Snowden, a true patriot who understood that his duty was not to defend and protect dishonest leaders, but to defend and protect the Constitution of the United States. Many suspected we were all being watch from “behind the curtain.” Snowden risked his life to give us the proof.

This report provides links to more than 100 other reports. Each of these reports provided the pieces in putting together this complex puzzle. nI want to thank all of these researchers for their work. Together, we can and will overcome deception and deceit. Those pushing for cyber warfare may have massive amounts of money. But we have a more powerful weapon… The Truth.

Evidence the NSA started Bitcoin

Connecting the Dots between Microsoft Backdoors, NSA Corruption and the Bitcoin Ponzi Scheme

David Spring M. Ed. December 2, 2013

Notes: The original version of this article was published on my old website Free Yourself From Microsoft and the NSA dot org on December 2 2013. Nearly one million people read this article as it was shared by groups around the world. It caused such a firestorm that I spent a huge amount of time answering emails about the article. I therefore took the article down a few years later. However, an edited version of this article was also posted on a website called Oped News dot com on December 5, 2013. It is still there at this link: http://www.opednews.com/articles/Connecting-the-Dots-betwee-by-David-Spring-Spying-131206-522.html

Here is the unedited version of the article: In the past three months since I published Free Yourself from Microsoft and the NSA, there has been a steady stream of increasingly shocking revelations about the extent of NSA spying in the US and around the world. NSA operatives have been caught spying on their wives and girlfriends. The NSA has also been caught spying on dozens of world leaders including Angela Merkel, the elected leader of Germany and the Pope in the Vatican, the leader of the Catholic Church. http://news.panorama.it/cronaca/papa-francesco-datagate


Clearly Angela Merkel and the Pope are not “terrorist threats.” In fact, the greatest threat to democracies around the world is the out of control lunatics pulling the strings at the NSA.

At the recent trial of hacker Jeremy Hammond, it was revealed that the NSA and FBI paid an informant named Sabu to help Jeremy Hammond hack into various government websites and computer systems all around the world. In November 2013, it was revealed that the NSA has hacked into more than 85,000 Windows computer networks around the world.

CIA Agent Claims Article Written by another CIA Agent was Actually Written by Russian Agents

This has to go down as one of the strangest cases of yellow journalism in history. This truly incredible saga all began when a newspaper called the Guardian posted an obviously false story claiming that one of Trump’s top operatives, Paul Manafort, not only met with Julian Assange while Assange was locked up in the Ecuadorian embassy in London – but that Manafort met with Assange three times. This would have been enough meetings for the two of them to plan all kinds of criminal acts.

What makes this story obviously false – besides the fact that both Manafort and Assange immediately said it was false? It is simply this: London is wired with thousands of crime stopping cameras. You cannot go ten feet in London without getting filmed. These cameras are most dense right outside the Ecuador embassy - where you will find not only the London City cameras but also dozens of UK and CIA cameras keeping a close eye on – you guessed it – Julian Assange. There are even more cameras covering every inch inside the Ecuador embassy. With all of these cameras everywhere, if Manafort actually visited Assange even once, there would be more footage of this meeting than there was of the last Super Bowl.

Thanks to Edward Snowden, we know for certain that the CIA has video tape of everything you and your family have ever done – including video of your child’s last Birthday party.


Given the pervasive video taping the CIA is involved in these days, do you really think that Manafort or anyone else could visit Julian Assange in the Ecuador embassy without the CIA knowing about it and having the whole thing on video tape? I therefore hope we can all at the very least agree that this Assange Manafort story cannot possibly be true.

Now I realize that many members of the American public might not know about all of the cameras in London and all the cameras surrounding the Ecuadorian Embassy. But the Guardian certainly knows about all of the cameras in London and all the cameras at the Ecuadorian embassy for a very simple reason: The Guardian Headquarters is located in (drum roll please)… London. The street address for the Guardian is 90 York Way, Kings Cross, London. This is just a couple blocks west of the US embassy – and just a few blocks south of the Ecuadorian embassy. The Guardian staff could easily walk to either embassy during their lunch hour. Given the closeness of the Guardian to the Ecuadorian embassy, it would be impossible for them to not know about the dozens of cameras surrounding the embassy.


The other reason we can be certain that the Guardian knew about the security cameras in and around the Ecuadorian embassy is that a long article about this subject was written in May 2018 by (another drum roll please) The Guardian! Here is a quote:

His guests went through a security check upon arrival, handing over their passports and mobile phones. The operatives recorded each guest’s passport number and nationality, as well as the purpose of their visit, building up a comprehensive log of everyone Assange met during his stay… This level of scrutiny came after the security company installed CCTV cameras in the embassy’s lobby and a conference room, and on the balcony.”

The Guardian article even included actual images taken by these security cameras. The author of this Guardian article explaining the security system of the Ecuador embassy was none other than Luke Harding – the same person now claiming that Assange met with Manafort.

Here is the link if you want to read it yourself:


This massive monitoring of Assange has gone on for years – costing British and US tax payers millions and millions of dollars. Julian Assange is likely the most closely monitored person in the entire world. Here is what Fidel Narvaez, the staff person at the Ecuadorian embassy for six years had to say about the claim that Assange met with Manafort:

“The embassy is the most surveilled on Earth; not only are there cameras positioned on neighboring buildings recording every visitor, but inside the building every movement is recorded with CCTV cameras, 24/7. In fact, security personnel have always spied on Julian and his visitors. It is simply not possible that Manafort visited the embassy.”

The question then becomes why would the Guardian publish a story which they must have certainly known was false?

Some have claimed that the reason the Guardian published this fake news is because the Guardian is controlled by the CIA. Even former staff members of the Guardian have claimed that the Guardian routinely publishes stories they are given by the CIA without fact checking those stories. We might call this Deep State rubber stamping. I can think of no other reason any newspaper would publish such an obviously false story other than that they were “ordered” by someone to publish the story.

So the next question is why would the CIA write and then have the Guardian publish such an obviously false story? Clearly, the CIA is mad at Julian Assange. After all, in March, 2017, Assange published the CIA Vault 7 “Marble Framework” documents – confirming that the CIA not only hacks everyone on the planet – but also places “fake Russian finger prints and breadcrumbs” inside of CIA hacked computers misleading people into believing that they were hacked by Russians - when in fact they were really hacked by the CIA pretending to be Russians. https://www.zerohedge.com/news/2017-03-31/wikileaks-reveals-marble-proof-cia-disguises-their-hacks-russian-chinese-arabic


This shocking expose by Wikileaks calls into question the Russian finger prints found while investigating the 2016 DNC hack:


Wikileaks was not the only one to publish evidence of the CIA planting Russian finger prints on DNC documents. In June 2016, a suspicious person called Guccifer 2 also published some DNC documents with Russian finger prints. A detailed analysis of the Guccifer 2 documents has confirmed that these Russian Finger Prints were deliberately planted on these documents by Guccifer 2 after the documents were hacked (or leaked) from the DNC and before they were published by Guccifer 2. Here is a quote from this analysis: “Guccifer 2 took great care to plant his Russian fingerprints and showed extraordinary skill in making their appearance seem accidental...Guccifer 2 showed an impressive understanding of how to manipulate metadata to plant “Russian fingerprints” into the first five documents that he published.” https://theforensicator.wordpress.com/guccifer-2s-russian-breadcrumbs/

Cyber Weapons and Open Back Doors versus Real Computer Security

On Friday May 12, 2017, the Wanna Cry Ransomware virus began infecting hundreds of thousands of Windows computers in more than 150 countries. The cyber weapon mainly affects businesses that use local area networks. Once one computer is infected, all the computers on the network are taken over. Businesses from hospitals to banking ATM machines were shut down. The virus encrypts all of the data on your computer and demands a payment of $300 if you want your computer back. Here is an image of the screen that appears after the hackers have taken over your computer:

The Wanna Cry virus uses two cyber weapons called Eternal Blue and Double Pulsar. Thanks to the Wikileaks Vault 7 release on March 7, 2017, we know that both of these cyber weapons were developed by the NSA. These cyber weapons were developed by the NSA along with hundreds of other cyver weapons using tax payer dollars. But instead of protecting us, these offensive weapons are being used against us. https://wikileaks.org/ciav7p1/

In August 2016, a group called the Shadow Brokers was able to download a huge number of NSA Cyber Weapons. These weapons have now been released into the wild - meaning just about any computer hacker is now able to set up their own version of the NSA to attack Windows computers. According to one security expert, “It’s a business model that works and you don’t need a lot of investment to actually get a decent return. You can buy ransomware kits on the dark web, you can buy all the tool sets you need to undertake your own ransomware campaign quite easily.”

Also thanks to Wikileaks, we know that these cyber weapons take advantage of the open back door in the Windows operating system to infect and take over Windows computers through the Windows Web Browser (which is the open back door). Many security “experts” have described this as a “file sharing” problem. But it is actually much bigger than that. On March 14, 2017, Microsoft issued a “patch” which they claimed solved the Eternal Blue problem. But the patch is merely a bandaid that places some restrictions on file sharing but does not address the underlying problem – which is the open back door in the Windows computer operating system.


Predictably, on May 15, 2017, a strongert mutation of the WannaCry virus began attacking computers. Europol, the European police agency warned, "The hackers have already evolved the malware, and will probably continue to do so."

According to Zero Hedge, “at least a dozen other NSA tools are currently being discussed and worked on as the basis of potential new cyber weapons on hacking forums on the dark web.”

On May 16, 2017 (this morning), ShadowBrokers issued a statement claiming to have many more hacking tools they will be releasing in the coming weeks and months. Here is a quote from their statement: “TheShadowBrokers Monthly Data Dump could be being web browser, router, handset exploits and tools, select items from newer Ops Disks, including newer exploits for Windows 10, compromised network data from more SWIFT providers and Central banks.”

Who is behind the Wanna Cry virus?
It could be anyone from a 14 year old kid with a new laptop to the Italian mob. Cyber blackmailers just need an internet connection and a laptop plus a little knowledge of how to access the cyber weapons now being given away for free on the Dark Web. According to a German security expert: "Just because the attacked affected 200,000 computers and 100 countries, there doesn't have to be a large-scale structure behind it. The weapon - the software - is that powerful."

Sounding the Alarm
I have written numerous articles over the years warning that US spy agencies, including the NSA and CIA, were completely out of control. It is not merely that the NSA and CIA waste billions of tax payer dollars. The cyber weapons they create are so dangerous that they are capable of bringing down the entire US and world economy. Imagine the banking system, transportation and energy computer networks all crashing at the same time. Imagine a 14 year old kid being able to download everything needed to create the cyber version of a nuclear bomb and getting it all for free in a matter of minutes. This is the kind of danger the NSA has inflicted on all of us by creating these out of control cyber weapons.

Here is a diagram from an article I wrote just 2 months ago based on the Wikileaks releases. According to various Wikileaks CIA documents, here is what the CIA and NSA are doing:


In short, thanks to the NSA’s arrogant mis-use of billions of dollars of US tax payer funds, this latest cyber attack is just the beginning of a more long term assault on Windows computers. Over the coming days, weeks and months, we can expect hackers to create more powerful viruses all thanks to the NSA and the Windows open back door. As computer expert Jacob Applebaum once said, it will be “worse than your worst nightmare.” Instead of wasting our time worrying about Russian hackers, we should have been worried about our own NSA – which is after all more than ten times larger than the Russian hacking team.

Four years ago, I wrote a book called Free Yourself from Microsoft and the NSA, in which I described this Windows open back door and NSA cyber weapons. I predicted that this lethal combination would eventually lead to mass attacks by computer hackers.

Others including William Binney and Edward Snowden (both formerly with the NSA) have also warned against the danger of allowing the NSA to access all Windows computers via the Windows back door. The problem is that any backdoor that can be used by the NSA can also be used by hackers once they gain possession of the NSA cyber weapons.

Assange noted during his March 9 2017 press conference that eventually consumers around the world will no longer trust US technology manufacturers – which will also cost US corporations billions of dollars. The mere fact that US corporations like Microsoft and Apple have already been confirmed to be Prism Partners of the NSA should cause folks even in the US to not trust US technology firms. The new Wikileaks revelation that the CIA has compromised 22,000 servers in the US should make it clear that we cannot trust US web servers and web hosts – a fact that I wrote about in a book over a year ago.

Here is what Julian Assange had to say about the CIA today (May 16 2017):


Why Microsoft will never close the backdoor to the Windows Operating System
The real solution to the insecurity of the Windows operating system is not to install some temporary bandaid patch – or even hundreds of bandaid patches. The only way to make the Windows operating system really secure is to close the backdoor in Windows. In other words, Microsoft needs to permanently and completely disconnect its web browser from its core operating system. The reason Microsoft will never close this back door is that they are trying to make money off the Windows operating system. Thus, they want to make sure that folks have a legal copy of Windows by building in a function that allows your computer to “phone home” to Microsoft and allows Microsoft to remotely control and shut down your computer if they find anything on your computer they do not like. The NSA uses this same remote control function to control your computer – and so do computer hackers. It is short sighted greed that prevents Microsoft from producing a secure operating system. Linux computers do not need to phone home because the Linux operating system is free – so no need to check, remotely control or shut down computers.

The good news is that, as I have also written about for many years, the CIA (and the NSA) are having trouble hacking Linux computers. This is almost certainly due to the distributed nature of Linux operating systems (there are more than 100 variations) and the fact that the Linux operating system specifically excludes web browsing tools from the core of the operating system. Below is an image of the CIA Linux hacking page (taken from the Wikileaks Vault 7 release) confirming that CIA efforts to hack Linux computers is still incomplete:

Clearly the NSA and CIA are trying very hard to break into the Linux operating system. But so far, their only success has been by compromising the UEFI startup program. This is why I recommend that even if you are using a Linux computer, you should not use the UEFI startup program and instead to use the COREBOOT startup program. Meanwhile the Apple and Windows pages in the Wikileaks documents are filled with hundreds of attacking methods.

Conclusion… It is time for Real Computer Security
I have spent years studying the NSA. I mistakenly thought it was the biggest and worst threat to world peace and the world economy. I now realize I was wrong. The CIA appears to be twice as large as the NSA. This is like doing battle against Godzilla for several years only to wake up one morning and learn that there is another monster twice the size of Godzilla. I was having trouble sleeping before these new Wikileaks CIA documents. Now I am really having trouble sleeping.


These are important security issues that affect every computer user in the entire world. It is time not only to end the NSA and CIA but it also time for every computer user who cares about the future of our economy to move away from unsafe and badly designed operating systems such as Microsoft and Apple and replace them with the free, secure Linux Operating system. Here is a link on how to make the move to Linux: https://learnlinuxandlibreoffice.org/


Please share this report with anyone you know who is interested in learning the truth about the real computer security. As always, we look forward to your questions and comments.

David Spring M. Ed.
Turning Point News.org
Email: david (at) turningpointnews.org

Wikileaks Finds CIA Fingerprints On Russian Smoking Gun

Wikileaks just released about 8,000 pages of CIA documents detailing more than 1,000 tools the CIA uses to hack everything from computers and cell phones to “smart” TV sets and “smart” refrigerators. Among these tools is a program called UMBRAGE which is a group of hacking tools “borrowed” from other countries. Wikileaks documents confirm that the CIA uses these tools to implant fake “fingerprints” on their cyber attacks in order to fool researchers into believing that the attacks were being conducted by other countries, such as Russia, when in fact the attacks were actually conducted by the CIA. In this article, we will explain why this new evidence makes it even more likely that the “hacking” of the DNC servers were done not by Russia but by US spy agencies such as the CIA and NSA.

Background… Why Fake Finger Prints are Important
On June 15, 2016, a private security firm called Crowdstrike issued a report called “Bears in the Midst” which accused (Russian) groups called Fancy Bear and Cozy Bear of hacking the DNC servers. The accusation was based on the presence of “Russian finger prints” such as Russian Time stamps found in the attacking software. Crowdstrike claimed that these Russian fingerprints were all over the smoking gun found on the DNC server. But we later learned that Crowdstrike is actually an inside group of former FBI cyber warfare leaders who had been working with the DNC for over 9 months and had been working with the CIA for years in an effort to promote the CIA war in the Ukraine.


On December 29, 2016, US spy agencies released a report called Grizzly Steppe which included 876 “Command and Control” IP (Internet server) addresses which supposedly were “evidence” of a vast network of Russian hackers. After this release, I spent the next two weeks researching these 876 Internet servers (see map with their locations below).


On January 10, 2017, I published an 85 page report called “Hack Everything” that included the results of our extensive research into these 876 Internet server addresses. We found that 426 of these Internet servers were TOR “Exit Node” servers. Russians would not use TOR servers because TOR servers are constantly being attacked by the NSA. Since there are only 1,000 to 2,000 TOR servers in the world, this amazing connection could not be a coinicidence.

Hack Everything Executive Summary - A Primer on the Power of the NSA

Misleading and blatantly false claims about the attack on the Democratic National Committee (DNC) are being used to create fear in the minds of the American people in order to launch cyber warfare and other sanctions against Russia. These scare tactics are also being used to pass draconian legislation limiting free speech and increase funding for the American Police State. This wave of propaganda is also a convenient excuse to explain away the Democratic Party loss of the 2016 Presidential Election. If we are interested in determining why the DNC hack happened, and how it happened, we first need to separate the lies from the truth so we can understand what happened and when it happened.

There were many significant and inter-related events both before the leak and after the leak. Many false claims have been made about several of these events in what appears to be a propaganda war of distortions, disinformation and outright lies by the main stream media. Numerous articles have been written on both sides of this debate. Yet thus far, there has not been a detailed timeline to review the events as they happened. The purpose of this report is to fill this void. Although a complete timeline of the DNC hack would go all the way back to the 1990s and the beginning of the modern Internet (a subject I have written extensively about in past articles), we will start with the 2007 formation of the NSA Prism Partners Program as the precursor to the 2009 US cyber warfare attack on Iran and carry it to the present day DNC cyber warfare attack. This is therefore an outline of the past 10 years of international cyber warfare – something the American people know next to nothing about.

After the timeline, we will go into detail over who was most likely to have done the hacking and why they hacked the DNC. Our conclusion based on an overwhelming amount of evidence is that the Russian government did not hack the DNC. The only question remaining is who did hack the DNC and why they did it. This is a lengthy report for the simple reason that strong allegations require strong evidence. Just as US Intelligence agencies had a duty to provide irrefutable evidence to the American people to justify launching an attack against Russia, so do we have a duty to provide irrefutable evidence to support the claim that Russia was not responsible for the DNC hack. We believe this report provides that evidence. This report includes numerous well documented facts that have never been released before. Those who spend too much time reading only the main stream media may be shocked by these facts. Others who have spent more time reading independent news sources may not be surprised at all. The truth is a powerful weapon. It is time to shed some light on this darkness. If you have any questions or comments, feel free to email me: This email address is being protected from spambots. You need JavaScript enabled to view it..

Hack Everything Part 1- Evolution of Cyber Warfare Weapons 2007 to 2015

In the late 1990’s, three federal judges ruled that Microsoft was a monopoly that had engaged in price fixing in violation of the Sherman Anti-trust Act. To maintain their lucrative monopoly over computer operating systems, Microsoft made a “deal with the devil” by allowing the NSA to have an open back door into every Microsoft Windows computer. This back door was enabled by placing the Explorer web browser inside of the Windows Operating system. The downside of allowing the NSA access to every Windows computer was that it also allowed hackers access to Windows computers. This back door is still present today – meaning that it is impossible to secure any Windows computer. But in 2007, the NSA launched a new program called PRISM that was about to make this dangerous situation much worse.

2007: NSA expands its program to actively recruit and train computer hackers.
One of the documents exposed by Snowden in 2013 was a 2007 NSA job posting document in which the NSA actively solicited hackers to go to work for the NSA. The trainees will be taught how to “develop an attackers mindset.” Note that the NSA goal is not merely to monitor computers but to remotely destroy them. http://www.spiegel.de/media/media-35661.pdf


September 1, 2007: The NSA begins the Prism Collection Program.

As confirmed in documents provided by Edward Snowden in 2013, the NSA started the Prism Data Collection Program to enlist major US corporations to help with mass surveillance in 2007. Its first recruit was Microsoft in September 2007.

This was also the time that the startup program for all computers except Chromebooks began to change from the simple BIOS program to a complex encrypted program called UEFI. This means that not only is the operating system insecure but so is the startup program as both call back to Microsoft and the NSA using hidden backdoors.

Hack Everything Part 2 - Details of the DNC Hack... July 2015 to May 2016

Reminder: APT stands for Advanced Persistent Threat. APT refers to a suspected government sponsored hacker. Fancy Bear is APT 28 and Cozy Bear is APT 29.

September 2015: Cozy Bear also known as Cozy Duke attacks DNC network.


The timing of the first Cozy Bear attack on the DNC was first reported in the New York Times to be September 2015 with the FBI contacting the DNC almost immediately.

However, a report released on January 6, 2017 by the FBI called “Assessing Russian Activities and Intentions in Recent US Elections” states on page 2 that “In July 2015, Russian Intelligence gained access to the Democratic National Committee (DNC) networks and maintained that access until at least June 2016.”

Hack Everything Part 3 - Summer of Spin -The DNC Hack - June to August 2016

June 03 2016: WikiLeaks creates an insurance file which includes the DNC hack. This seems to indicate that Wikileaks had at least some data by June 3 2016. However, Wikileaks later said that there were two separate leaks from two separate sources. It appears that at least one of the leaks was not until July 2016.

June 12 2016: Wikileaks Announces Clinton Data Release is Imminent

At 5:59 pm, Julian Assange announces that they have documents relating to Hillary Clinton which are pending publication and that it would be “enough evidence” to indict her. This appears to be the first public announcement about the DNC leak and/or hack. But he did not reference the DNC… Just the Clinton email private server scandal. He had already posted 32,000 emails from the Clinton private server. He did state that there were more leaked emails to come. Perhaps he did not want to mention the DNC because the DNC hack was not yet public and he wanted to protect his source(s).



Here is a quote from the June 12, 2016 article:

“Julian Assange, founder of Wikileaks, said on Sunday that the journalist organization is planning to release upcoming leaks in relation to US presidential hopeful Hillary Clinton. Speaking to Peston on Sunday, Mr Assange said Wikileads has further information relating to claims circulating since 2015 that Clinton had in the past used her family's private email server for official communications.”

Hack Everything Part 4 - Ongoing Allegations - September to December 2016

September 15, 2016 Server Company Provides Analysis of Hacker Locations

While nearly all of the servers claimed to be involved in the Russian Hacking attacks were not in Russia and have failed to provide any analysis from their server logs (I really wonder why this is because all servers have server logs), one Russian company that was caught up in the cyber attack did take the time to analyze their logs and issue a press release with their findings. Since this is what every server company should have done, I will quote from an English translation of their press release which was written in Russian.

This company has since been attacked as being owned by Russian criminals and I want to make it clear that I have no way of verifying their report. I am simply quoting them to show the public what could be done if a server company wanted to help us discover the truth – namely they should all publish their logs. Also I am certain that the FBI can get a warrant for all logs of all servers in the US. The fact that the FBI has not done this (or has not released information about the logs if they have done this) is a strong indication that the FBI is not really interested in providing the public with additional information about the locations of communications from the hackers to the servers. Here is the source document which will be translated for you if you visit the page with a Chrome Browser.


Here is an edited version of their press release (I edited to make it shorter by eliminating text that was not related to the server logs. I also bolded the important parts):

“King Servers (https://www.king-servers.com), which owns servers from which the hacker allegedly performed attacks on the United States Democratic Party, states the absence of any «Russian trace» in this cybercrime nor its own involvement...King Servers, owned indeed by Russian nationals, provides VPS and VDS rental services of the equipment, physically located in the Netherlands. Earlier, after the FBI alert (https://s.yimg.com/dh/ap/politics/images/boe_flash_aug_2016_final.pdf) and analysis from Threat Connect (https://threatconnect.com/blog/state-board -election -rabbit-hole /), the world's leading media were spreading information about the discovery of the so-called «Russian trace» in the attacks on the United States democratic party in Illinois. The «Russian trace» was mostly presented as the use of King Servers services, stating that the company belongs to Russian citizens. As of September 15, neither King Servers received any complaints or appeals for any server misuse or abuse, nor any public authority did any attempts for servers withdrawal. Due to that King Servers found out about the issue related to that attack only on September 15, at 7 am Moscow time, and immediately shut down identified servers.

The analysis of the internal data allows King Services to confidently refute any conclusions about the involvement of the Russian special services in this attack. Attackers rented two servers using probably fabricated personal and identification data. After the attack servers were wiped out. However, King Servers maintains logs of accessing administrative control panel. After log analysis, King Servers obtained a list of about 60 of all possible IP addresses of «hackers», none of which belongs to any Russian ip range. Attackers were logging into administrative control panel mainly from Scandinavian countries (Norway, Sweden) and from the European Union (Italy).

Hack Everything Part 5 - DHS-FBI Grizzly Steppe Report - December 29 & 30, 2016

December 29 2016: The DHS/FBI Grizzly Steppe Report Turns out to be Proof that the NSA does not like the TOR Project

The Department of Homeland Security and the FBI release a joint report which they claim provides evidence of Russian Hacking of the US Election. In fact, there is no evidence in the report linking Russia to anything. But there is plenty of evidence linking the attacks to the NSA.

The “alternative names list” for the Russian hacking programs on page 4 specifically referred to in the DHS/FBI report included the following: Cozy Bear, Cozy Duke, Cosmic Duke, Fancy Bear and MiniDuke.


As justification for launching a cyber war against Russia, on page 5 of their press release, the US government also falsely accused the Russians of creating a hacking program called PAS_TOOL_PHP_WEB_KIT. This web kit is a commonly available hacking program that even you can download. The following article claims that this program was made by Ukrainians not Russians.

Hack Everything Part 6 -The Rush to War - January 2017 to Present

Things have only gone from bad to worse in the first weeks of January 2017. Nearly every day we are told that there is “new evidence” of Russian hacking. But the new evidence is never released.

January 3, 2017: Julian Assange Explains Why a 14 Year Old Could Have Hacked Podesta’s Email

Julian Assange of WikiLeaks says that the Russian government did not provide him with the hacked DNC emails during a televised interview. Julian Assange stated that Podesta’s password for his Gmail account was “password.” For those who may not know, the word password is the most common password and is the first password checked by hackers when trying to access any login screen. Here is a quote from the interview: "Podesta gave out that his password was the word ‘password’ ... a 14-year-old kid could have hacked Podesta."


Assange also repeatedly stated that Wikileaks gained access to the Podesta emails from a leak and not a hack and that the source of the leak was not Russia. Assange, who is a former computer security consultant, also stated that Hillary Clinton made “almost no attempt” to protect the private server that stored her State Department emails. I have previously written about how insecure the Clinton server was and that any teenager could have hacked it using programs and methods available through a simple Google search. While the main stream media claims that the Clinton server was hacked by Guccifer and that Guccifer was Fancy Bear or Cozy Bear and therefore a Russian spy, the fact is that Guccifer could just have easily been a bored American teenager with too much time on his hands.

Hack Everything Part 7 - Who Really Hacked the DNC

If the Russians did not hack the DNC servers, then who gave the data to Wikileaks?

This leads to the important question of how Wikileaks got all of the emails and other data it released which certainly did influence the outcome of the US elections. According to both of the major sources in Wikileaks, Julian Assange and Craig Murray, they got the data from “a disgusted DNC Democrat” who was mad about how the DNC treated Bernie Sanders.


Both Murray and Assange have repeatedly stated that they did not get the information from the Russians. We therefore conclude that if the DNC was hacked (which it likely was), then it was hacked by the NSA using Cozy Bear and Fancy Bear as a cover – knowing that Cozy Bear and Fancy Bear were specifically written to fool consultants like Dimitri and Cloudstrike into thinking that it was a Russian hacking program. Obviously, the NSA is not going to give any of its information to Wikileaks. But in addition to these two hacks by Cozy Bear and Fancy Bear, a disgusted member of the DNC also got the information directly from the DNC database, put it on a jump drive and handed the jump drive to Craig Murray. In other words, we conclude that the DNC was hacked and also subjected to an insider leaker. Thus, Wikileaks claim that it was a leak is true. But their claim that it was not a hack may not be accurate as there is evidence of a hack.

Hack Everything Part 8 - Cyber Warfare as a Business Model

Nearly 100 years ago, an American war hero named General Smedley Butler wrote a book called War is a Racket. He claimed that wars were being deliberately provoked in order to increase corporate profits. He said that the American people were being lied to by wealthy people who controlled the American press in order to provoke fear and get them to agree to go to war. Here is a link to his book. https://www.ratical.org/ratville/CAH/warisaracket.html

50 years later, another American war hero, General (and then President) Dwight Eisenhower, warned of a growing “military industrial complex” that was a threat to our democracy. Here is a link to his speech. https://www.youtube.com/watch?v=8y06NSBBRtY

Today, the US has more than 700 military bases around the world and numerous bases here in the US. Including secret spending for our new Global War on Terror, as mentioned at the start of this article, the US spends more than one trillion dollars per year on war – much more than the rest of the world combined. http://www.globalresearch.ca/the-worldwide-network-of-us-military-bases/5564

The purpose of this worldwide network of chaos is not to protect Americans but simply to increase corporate profits by sucking one trillion dollars a year out of the American economy – money that could have been used to provide free higher education and health care for every American. Because of this annual feast of a trillion dollars being shelled out, our elected officials have been corrupted with a vast bribery and kickback scheme that has turned our elections into a “pay to play” bidding war between various wealthy corporations. These same corporations monopolize the American media with the goal of scaring the American people into supporting this war machine into voting for war hawks willing to do the bidding of their corporate masters. This same “warfare as a business” model is now being used to create Permanent Cyber War on the Internet. Folks with websites need to be aware of this because you will certainly be caught in the crossfire of this cyber warfare machine.


Thus, the most important thing to know about the current campaign to launch a cyber war against Russia is that it will create massive corporate profits. In the summer of 2016, there was a conference on how to profit from the coming cyber war. This conference was documented in the following article:

False Allegations have been used before to start wars… Doesn’t Anyone Remember the Gulf of Tonkin Incident?
This means that the US is about to start a cyber war with Russia over a hacking incident created by our own NSA. This is nearly identical to the Gulf of Tonkin incident that was used as an excuse by the US military to go to war against Vietnam in the 1960s. That incident turned out to be completely false. Yet millions of people died. The NSA claimed that there was a North Vietnamese attack on August 4 1964. But in 2003, former US Secretary of State Robert McNamara admitted that the the August 4 1964 attack never happened. Moreover, there is substantial evidence that it never happened. The Vietnamese leaders also have confirmed that it never happened. The entire Vietnam War disaster was based on a lie – just like the Iraq War was based on a lie. https://en.wikipedia.org/wiki/Gulf_of_Tonkin_incident


Why Would Our Own Government Lie to Us?

Many readers protested to our previous article asking why our own government would lie to us. I am not certain but I think it has something to do with making money. The Cyber Warfare Industry has become BIG BUSINESS accounting for billions of dollars in corporate sales and profits since 911. All of the attacks on US corporations have forced all of them to hire cyber consultants and buy expensive cyber products to protect their computers and data. There is a danger in developing such a business model as it could lead to nuclear war with Russia. It could also lead to some former NSA employees deciding to take down the US electric grid or US nuclear power plants. We therefore should understand cyber warfare and a business model and take steps to provide real security for our computers, databases and websites.

About the Author

David Spring has a Master's Degree in Education from the University of Washington. He has taught adult education courses for more than 20 years at several colleges in Washington State including Bellevue College, Seattle Central Community College and Shoreline Community College. In recent years, David has gotten more deeply involved in computer and website security. He has written extensively about the history of Microsoft and the NSA. Here are links to his three most recent books:

Free Yourself from Microsoft and the NSA

Learn Linux and LibreOffice

Weapons of Mass Deception… The Billionaires Plan to Take Over Our Public Schools

David lives near Seattle Washington with his daughter Sierra Spring, his wife Elizabeth Hanson, her son Chris Hanson, several cats and four free gnomes.

David Spring, Elizabeth Hanson and our four free gnomes.


You can contact David at the following email address:

This email address is being protected from spambots. You need JavaScript enabled to view it.