Tag Archives: Crowdstrike

CrowdStike Revises and Retracts Parts of Explosive Russian Hacking Report, by Michael Krieger

Posted on March 28, 2017 | Leave a comment

The “proof” that Russia hacked into the DNC last year has fallen apart. From Michael Krieger at libertyblitzkrieg.com:

Last week, I published two posts on cyber security firm CrowdStrike after becoming aware of inaccuracies in one of its key reports used to bolster the claim that operatives of the Russian government had hacked into the DNC. This is extremely important since the DNC hired CrowdStrike to look into its hack, and at the same time denied FBI access to its servers.

Before reading any further, you should read last week’s articles if you missed them the first time.

Credibility of Cyber Firm that Claimed Russia Hacked the DNC Comes Under Serious Question

What is CrowdStrike? Firm Hired by DNC has Ties to Hillary Clinton, a Ukrainian Billionaire and Google

Now here are the latest developments courtesy of Voice of America:

U.S. cybersecurity firm CrowdStrike has revised and retracted statements it used to buttress claims of Russian hacking during last year’s American presidential election campaign. The shift followed a VOA report that the company misrepresented data published by an influential British think tank.

In December, CrowdStrike said it found evidence that Russians hacked into a Ukrainian artillery app, contributing to heavy losses of howitzers in Ukraine’s war with pro-Russian separatists.

VOA reported Tuesday that the International Institute for Strategic Studies (IISS), which publishes an annual reference estimating the strength of world armed forces, disavowed the CrowdStrike report and said it had never been contacted by the company.

CrowdStrike was first to link hacks of Democratic Party computers to Russian actors last year, but some cybersecurity experts have questioned its evidence. The company has come under fire from some Republicans who say charges of Kremlin meddling in the election are overblown.

After CrowdStrike released its Ukraine report, company co-founder Dmitri Alperovitch claimed it provided added evidence of Russian election interference. In both hacks, he said, the company found malware used by “Fancy Bear,” a group with ties to Russian intelligence agencies.

CrowdStrike’s claims of heavy Ukrainian artillery losses were widely circulated in U.S. media.

On Thursday, CrowdStrike walked back key parts of its Ukraine report.

To continue reading: CrowdStike Revises and Retracts Parts of Explosive Russian Hacking Report

Leave a comment

Posted in Foreign Policy, Governments, Intelligence

Tagged ,

Rush to Judgment, by Justin Raimondo

Posted on March 24, 2017 | Leave a comment

The Russian intelligence “hacking” of the Democratic National Committee has been accepted as fact by all good Democrats. There are, however, a multitude of problems with the attribution. From Justin Raimondo at antiwar.com:

The allegation – now accepted as incontrovertible fact by the “mainstream” media – that the Russian intelligence services hacked the Democratic National Committee (and John Podesta’s emails) in an effort to help Donald Trump get elected recently suffered a blow from which it may not recover.

Crowdstrike is the cybersecurity company hired by the DNC to determine who hacked their accounts: it took them a single day to determine the identity of the culprits – it was, they said, two groups of hackers which they named “Fancy Bear” and “Cozy Bear,” affiliated respectively with the GRU, which is Russian military intelligence, and the FSB, the Russian security service.

How did they know this?

These alleged “hacker groups” are not associated with any known individuals in any way connected to Russian intelligence: instead, they are identified by the tools they use, the times they do their dirty work, the nature of the targets, and other characteristics based on the history of past intrusions.

Yet as Jeffrey Carr and other cyberwarfare experts have pointed out, this methodology is fatally flawed. “It’s important to know that the process of attributing an attack by a cybersecurity company has nothing to do with the scientific method,” writes Carr:

“Claims of attribution aren’t testable or repeatable because the hypothesis is never proven right or wrong. Neither are claims of attribution admissible in any criminal case, so those who make the claim don’t have to abide by any rules of evidence (i.e., hearsay, relevance, admissibility).”

Likening attribution claims of hacking incidents by cybersecurity companies to intelligence assessments, Carr notes that, unlike government agencies such the CIA, these companies are never held to account for their misses:

“When it comes to cybersecurity estimates of attribution, no one holds the company that makes the claim accountable because there’s no way to prove whether the assignment of attribution is true or false unless (1) there is a criminal conviction, (2) the hacker is caught in the act, or (3) a government employee leaked the evidence.”

This lack of accountability may be changing, however, because Crowdstrike’s case for attributing the hacking of the DNC to the Russians is falling apart at the seams like a cheap sweater.

To continue reading: Rush to Judgment

Leave a comment

Posted in Crime, Foreign Policy, Governments, Technology

Tagged ,

Credibility of Cyber Firm that Claimed Russia Hacked the DNC Comes Under Serious Question, by Michael Krieger

Posted on March 22, 2017 | Leave a comment

The “Under Serious Question” in the title is too charitable to Creditstrike, the firm that found “Russian hackers” responsible for last year’s DNC hack. Creditstrike was a private firm hired by the DNC to find that conncection, but the DNC refused to turn its computers over to the FBI and let them investigate, and potentially confirm, Creditstrike’s conclusion. So Creditstrike didn’t have much credibility to begin with, and this newest disclosure destroys what little it had. From Michael Krieger at libertyblitzkrieg.com:

Before I get to the meat of this post, we need to revisit a little history. The cyber security firm hired to inspect the DNC hack and determine who was responsible is a firm called Crowdstrike. Its conclusion that Russia was responsible was released in December of last year, and many people immediately called its analysis (and the U.S. government’s) into question.

Jeffrey Carr was one of the most prominent cynics, and as he noted in his post, FBI/DHS Joint Analysis Report: A Fatally Flawed Effort:

The FBI/DHS Joint Analysis Report (JAR) “Grizzly Steppe” was released yesterday as part of the White House’s response to alleged Russian government interference in the 2016 election process. It adds nothing to the call for evidence that the Russian government was responsible for hacking the DNC, the DCCC, the email accounts of Democratic party officials, or for delivering the content of those hacks to Wikileaks.

It merely listed every threat group ever reported on by a commercial cybersecurity company that is suspected of being Russian-made and lumped them under the heading of Russian Intelligence Services (RIS) without providing any supporting evidence that such a connection exists.

Unlike Crowdstrike, ESET doesn’t assign APT28/Fancy Bear/Sednit to a Russian Intelligence Service or anyone else for a very simple reason. Once malware is deployed, it is no longer under the control of the hacker who deployed it or the developer who created it. It can be reverse-engineered, copied, modified, shared and redeployed again and again by anyone. In other words — malware deployed is malware enjoyed!

To continue reading: Credibility of Cyber Firm that Claimed Russia Hacked the DNC Comes Under Serious Question

 

Leave a comment

Posted in Foreign Policy, Geopolitics, Government, Intelligence, Technology

Tagged ,