In the spring of 2016, a group of computer scientists decided to investigate whether hackers were interfering with the Trump campaign. But they ended up stumbling across something completely unexpected in the process.
One of the scientists (who asked to be referred to as Tea Leaves in order to protect their identity) discovered what appeared to be malware coming from Russia. After some careful digging, Tea Leaves determined that a bank in Moscow had been pinging a server registered to the Trump Organization in New York.
Upon discovering this information, Tea Leaves and their comrades determined that it was not in fact a malware attack, nor was it the work of bots. Together, the researchers arrived at the consensus that the irregular pattern of server lookups reflected that of human interaction.
Civics Lesson: The Russia Investigation
The U.S. Department of Justice is currently investigating whether or not the Trump campaign colluded with the Russians prior to President Trump’s electoral win in 2016. So far, 13 Russian nationals have been indicted for interfering with the 2016 election. Four former Trump campaign associates have also been charged, but as of yet, none of these charges are directly connected to any wrongdoing on behalf of the president’s campaign.
They also noted that the timeframe of this communication was consistent with office hours in New York and office hours in Moscow. This, they determined, was indicative of an ongoing relationship between a server registered to the Trump Organization and two servers registered to Alfa Bank—one of Russia’s largest financial institutions.
It wasn’t long before the team stumbled across another peculiarity: they received error messages whenever they tried to ping the server themselves. The researchers surmised that the server was set up to only accept incoming communication from a small selection of IP addresses. Data logs showed that one of the IP addresses belonged to Spectrum Health, a Michigan-based medical facility chain led by Dick DeVos, husband to current U.S. Secretary of Education Betsy DeVos.
One of the most intriguing aspects of this story is that the Trump Organization server was shut down just two days after The New York Times reached out to Alfa Bank for comment (and a week before the publication contacted now President Trump for further information).
As suspicious as it sounds, the conclusions drawn by the scientists are still very much a theory at this point. There are lots of other possible explanations for this server activity, as outlined in this Slate article.