Above Photo: From libertyblitzkrieg.com
What is CrowdStrike?
As usual, the rabbit hole gets much deeper the more you look.
In yesterday’s post, Credibility of Cyber Firm that Claimed Russia Hacked the DNC Comes Under Serious Question, I examined how CrowdStrike, the cybersecurity firm hired by the DNC to look into its hacking breach, had been exposed as being completely wrong about a separate attack it claimed originated from the same group it claimed broke into DNC systems, and supposedly works for Russia’s military intelligence unit, GRU. Here’s some of what we learned:
An influential British think tank and Ukraine’s military are disputing a report that the U.S. cybersecurity firm CrowdStrike has used to buttress its claims of Russian hacking in the presidential election.
The CrowdStrike report, released in December, asserted that Russians hacked into a Ukrainian artillery app, resulting in heavy losses of howitzers in Ukraine’s war with Russian-backed separatists.
But the International Institute for Strategic Studies (IISS) told VOA that CrowdStrike erroneously used IISS data as proof of the intrusion. IISS disavowed any connection to the CrowdStrike report. Ukraine’s Ministry of Defense also has claimed combat losses and hacking never happened.
The challenges to CrowdStrike’s credibility are significant because the firm was the first to link last year’s hacks of Democratic Party computers to Russian actors, and because CrowdStrike co-founder Dimiti Alperovitch has trumpeted its Ukraine report as more evidence of Russian election tampering.
Yaroslav Sherstyuk, maker of the Ukrainian military app in question, called the company’s report “delusional” in a Facebook post. CrowdStrike never contacted him before or after its report was published, he told VOA.
VOA first contacted IISS in February to verify the alleged artillery losses. Officials there initially were unaware of the CrowdStrike assertions. After investigating, they determined that CrowdStrike misinterpreted their data and hadn’t reached out beforehand for comment or clarification.
CrowdStrike declined to answer VOA’s written questions about the Ukraine report, and Alperovitch canceled a March 15 interview on the topic. In a December statement to VOA’s Ukrainian Service, spokeswoman Ilina Dimitrova defended the company’s conclusions.
Seems like pretty extraordinary incompetence. Either that, or something else was potentially at play; namely, a desire to push the narrative that Russia hacked the DNC, irrespective of the facts.
The whole things gets even more disturbing the more you look.
For example, Counterpunch put out a very important article earlier today on the topic, adding several crucial nuggets of information.
First there’s this:
The investigation methods used to come to the conclusion that the Russian Government led the hacks of the DNC, Clinton Campaign Chair John Podesta, and the DCCC were further called into question by a recent BuzzFeed report by Jason Leopold, who has developed a notable reputation from leading several non-partisan Freedom of Information Act lawsuits for investigative journalism purposes. On March 15 that the Department of Homeland Security released just two heavily redacted pages of unclassified information in response to an FOIA request for definitive evidence of Russian election interference allegations. Leopold wrote, “what the agency turned over to us and Ryan Shapiro, a PhD candidate at MIT and a research affiliate at Harvard University, is truly bizarre: a two-page intelligence assessment of the incident, dated Aug. 22, 2016, that contains information DHS culled from the internet. It’s all unclassified — yet DHS covered nearly everything in wide swaths of black ink. Why? Not because it would threaten national security, but because it would reveal the methods DHS uses to gather intelligence, methods that may amount to little more than using Google.”
That’s weird enough, but it gets far stranger. For example:
In lieu of substantive evidence provided to the public that the alleged hacks which led to Wikileaks releases of DNC and Clinton Campaign Manager John Podesta’s emails were orchestrated by the Russian Government, CrowdStrike’s bias has been cited as undependable in its own assessment, in addition to its skeptical methods and conclusions. The firm’s CTO and co-founder, Dmitri Alperovitch, is a senior fellow at the Atlantic Council, a think tank with openly anti-Russian sentiments that is funded by Ukrainian billionaire Victor Pinchuk, who also happened to donate at least $10 million to the Clinton Foundation.
In 2013, the Atlantic Council awarded Hillary Clinton it’s Distinguished International Leadership Award. In 2014, the Atlantic Council hosted one of several events with former Ukrainian Prime Minister Arseniy Yatsenyuk, who took over after pro-Russian President Viktor Yanukovych was ousted in early 2014, who now lives in exile in Russia.
Recall that the FBI was denied access to the DNC servers by the DNC itself, and simply agreed to rely on the results provided by CrowdStrike, which as you can see has ties to all sorts of anti-Russia organizations and individuals. I find it absolutely remarkable that James Comey head of the FBI outsourced his job to CrowdStrike.
There remains zero evidence that Russia hacked the DNC. I repeat, there remains zero evidence that Russia hacked the DNC.
As cybersecurity expert Jeffrey Carr noted:
Jeffrey Carr called the FBI/Department of Homeland Security Report, the only alleged evidence released by intelligence officials, released in late December 2016 a “fatally flawed effort” that provided no evidence to substantiate the claims that the Russian government conducted the hacks, though that’s what it was purported to do.
Absolutely remarkable, but there’s more. As TechCrunch reported back in 2015:
If you need proof that security is a red hot market these days, how about this morning’s announcement that cybersecurity company CrowdStrike landed a $100 million Series C investment round?
The round was led by Google Capital with Rackspace, which happens to be one of the company’s customers also investing. Existing investors Accel and Warburg Pincus also participated. Today’s investment brings the total to-date to $156 million.
Why do I find it interesting that Google was a major investor in CrowdStrike? Well for one, we know that Chairman of Alphabet, Inc. (Google’s parent company), Eric Schmidt, was actively working to help the Hillary campaign. As I highlighted in the 2015 post,Meet “Groundwork” – Google Chairman Eric Schmidt’s Stealth Startup Working to Make Hillary Clinton President:
An under-the-radar startup funded by billionaire Eric Schmidt has become a major technology vendor for Hillary Clinton’s presidential campaign, underscoring the bonds between Silicon Valley and Democratic politics.
The Groundwork, according to Democratic campaign operatives and technologists, is part of efforts by Schmidt—the executive chairman of Google parent-company Alphabet—to ensure that Clinton has the engineering talent needed to win the election. And it is one of a series of quiet investments by Schmidt that recognize how modern political campaigns are run, with data analytics and digital outreach as vital ingredients that allow candidates to find, court, and turn out critical voter blocs.
There is also another gap in play: The shrinking distance between Google and the Democratic Party. Former Google executive Stephanie Hannon is the Clinton campaign’s chief technology officer, and a host of ex-Googlers are currently employed as high-ranking technical staff at the Obama White House. Schmidt, for his part, is one of the most powerful donors in the Democratic Party—and his influence does not stem only from his wealth, estimated by Forbes at more than $10 billion.
According to campaign finance disclosures, Clinton’s campaign is the Groundwork’s only political client. Its employees are mostly back-end software developers with experience at blue-chip tech firms like Netflix, Dreamhost, and Google.
Since Democrats seem so obsessed with the saying these days, “where there’s smoke there’s fire,” and there’s plenty of smoke here.