No, Hillary Clinton Did Not ‘Infiltrate’ or Hack Donald Trump, Experts Say

The misleading narrative is being pushed hard by Fox News host Tucker Carlson.
Image: Mario Tama/Getty Images
Screen Shot 2021-02-24 at 3
Hacking. Disinformation. Surveillance. CYBER is Motherboard's podcast and reporting on the dark underbelly of the internet.

Right-wing media outlets like Fox News and the Washington Examiner are pushing a narrative that the Hillary Clinton campaign tried to “infiltrate” and hack Donald Trump and his presidential campaign in 2016. 


Trump has picked up on this, saying the people responsible for this deserve to be punished by death. Fox News host Tucker Carlson seized on the story in his show Tuesday night as a way to prove that Trump was right all along in his claims that Hillary Clinton was spying on his campaign, and that Rodney Joffe, an executive at tech company Neustar, intercepted internet traffic including emails and text messages. 

This is all being called the "Durham Filing" by right-leaning news outlets and politicians, and is, like many other scandals in this saga, being decried as the biggest political scandal of all time that the left-wing media is ignoring in an attempt to bury the truth. Taking these arguments in good faith, this narrative is still based on a misunderstanding of how the tech involved in this alleged scandal actually works, according to cybersecurity experts.

On Sunday, Fox News published an article citing a court filing in a case against former Clinton campaign lawyer Michael Sussmann, which is part of the investigation by John Durham, a special counsel appointed by Trump to investigate the inquiry into Russia’s interference in the 2016 election. Sussman told the CIA in 2017 that there was internet traffic data that suggested people using Russian-made smartphones were connecting to networks at Trump Tower and the White House, as well as data that showed suspicious links between Trump Tower networks and Russian bank Alfa Bank. Sussman apparently got that internet traffic data from Neustar, a cybersecurity company, according to the New York Times


Fox News cited this as evidence that Clinton’s campaign tried to “infiltrate” the Trump campaign, even though that word is not actually in the court filing, and was used by Kash Patel in his interview with Fox News, the former chief of staff to the acting United States secretary of defense in the Trump administration. 

Moreover, according to cybersecurity experts, the internet data in question isn’t as nefarious as right-wing media outlets are purporting it to be. Tucker Carlson claimed that "the filing says that Joffe and his computer scientists intercepted internet traffic, that is emails or presumably text messages" from the Trump campaign. But the data was not "emails" nor "text messages."

"The data is DNS lookup information that Neustar collected as part of a contract it had with the White House, according to the New York Times. And Neustar claimed it collected it to monitor for data breaches. 

DNS lookups are records that show that a certain IP address connected to another IP address on the internet; they don’t contain anything more sensitive, like the content of the communication. 

“Neustar can’t see the contents of any other Internet traffic, like web pages, emails, or Zoom calls. They can only see the DNS lookups, they can only see requests for names and where they came from. Imagine your company is a Neustar client, and you attempted to visit They’ll see this fact,” Rob Graham, a cybersecurity expert, wrote in a blog discussing the controversial story. “It’s a privacy and security concern, but not necessarily a big one. What these companies can see into your activities is minor compared to the big cybersecurity protections they provide.”

Nicholas Weaver, a senior researcher at the International Computer Science Institute at UC Berkeley, told Motherboard in an email that “the data was almost certainly from one of the general-purpose DNS security feeds, you don't ‘infiltrate’ any particular servers to get it and it includes a gazillion institutions.”

This type of data is used to monitor networks for cybersecurity threats and not something more nefarious, which is something Durham’s people should know, “and the propagandists at Fox News also know they are being deliberately deceptive.”

Subscribe to our cybersecurity podcast, CYBER. Subscribe to our new Twitch channel.