Let’s pretend that you were mad at your company because they were doing something unethical and there was nobody you felt you could talk to about it.
You knew that if you could anonymously share damaging emails and other documents with the public you would feel like you were making a difference.
But how would you go about such a risky and possibly dangerous task?
The simplest way would be to try to find out your coworkers email password and download their files after logging into their account from the comfort of your own home office.
But, here’s the thing. Lets assume you worked for the DNC. Finding out one password may not be that difficult. You may have overhead someone talking too loud on their phone or watched them enter it in, etc.
But finding out 10 different user credentials would be nearly impossible. That may be why, Mueller and others assumed from the start that it had to be a sophisticated cyber attack from a foreign adversary.
But, here are two explanations that combines a bad OUTSIDE actor and a company insider.
The first explanation is the bad outsider was an IT consultant working at the DNC. In their position, they likely knew quite a few passwords and were willing to share the credentials for a price. The consultant also may have had damaging material against upper management and could use that as a Get Out of Jail Free Card if ever caught.
The second explanation is that the bad outsider was actually a Dark Web site where you could visit to see if any of your fellow employees had unfortunately had their credentials stolen via spearfishing.
Such a site existed in 2016. It was called Leakedsource.com. In fact, over 32 million Twitter user accounts were accessible in early 2016. Here is an excerpt from an article describing that massive data breach.
This data set contains 32,888,300 records. Each record may contain an email address, a username, sometimes a second email and a visible password. We have very strong evidence that Twitter was not hacked, rather the consumer was. These credentials however are real and valid. Out of 15 users we asked, all 15 verified their passwords.
The explanation for this is that tens of millions of people have become infected by malware, and the malware sent every saved username and password from browsers like Chrome and Firefox back to the hackers from all websites including Twitter.
The link to the article follows:
https://www.databreaches.net/leakedsource-uploads-data-set-with-32888300-twitter-credentials/
In addition to Twitter data, at least 7 of the 10 DNC employees whose emails were part of the Wikileaks release had their credentials on Leakedsource.com according to a now deleted Twitter user.
Anyone using the Leakedsource site simply had to enter a compromised email address to see the password.
Here is where the Mueller report could be on to something. A cyber security company found that the 10 DNC employees and many other DNC and DCCC employees were spearfished leading up to the 2016 election. The Russians or other bad actors could have been behind this. Any data captured could have made its way to Leakedsource.com or other dark web sites
Either way, this data was likely available for a wide range of people to take.
This actually weakens in some ways the accusations against Seth Rich. Its possible he didn’t download any emails. He may have been a middleman or not involved at all. Although, Julian Assange appeared to believe he was involved based on his purported conversation with Ellen Ratner (pet Ed Butowsky).
To summarize, it doesn’t take a Cozy Bear or any Bear to get to an organizations data. Sometimes, the simplest explanations are the key to understanding how complex problems can be resolved.
Many people who have worked in IT can probably think back to the type of data they could have downloaded if they wanted to hurt their own company.
With the outsourcing of Data Base Administrators being more and more routine in large businesses, its a big risk for them to take in order to save some money, in my opinion. You never know who you can trust with your organizations data.
Disclaimer: I have no inside knowledge on whether Seth Rich or anyone in his family was involved in the leak of the DNC emails. My analysis is based on various YouTube videos, social media posts, court cases, and other published articles.
My Views on the News 