March 23, 2017 – Crowdstrike co-founder and donor to the Clinton Foundation, Dmitri Alperovitch, is a senior fellow at the Atlantic Council, a think tank with openly anti-Russian sentiments
“The cyber security firm outsourced by the Democratic National Committee, CrowdStrike, reportedly misread data, falsely attributing a hacking in Ukraine to the Russians in December 2016. Voice of America, a US Government funded media outlet, reported, “the CrowdStrike report, released in December, asserted that Russians hacked into a Ukrainian artillery app, resulting in heavy losses of howitzers in Ukraine’s war with Russian-backed separatists. But the International Institute for Strategic Studies (IISS) told VOA that CrowdStrike erroneously used IISS data as proof of the intrusion. IISS disavowed any connection to the CrowdStrike report.
(…) The investigation methods used to come to the conclusion that the Russian Government led the hacks of the DNC, Clinton Campaign Chair John Podesta, and the DCCC were further called into question by a recent BuzzFeed report by Jason Leopold, who has developed a notable reputation from leading several non-partisan Freedom of Information Act lawsuits for investigative journalism purposes. On March 15 that the Department of Homeland Security released just two heavily redacted pages of unclassified information in response to an FOIA request for definitive evidence of Russian election interference allegations. Leopold wrote, “what the agency turned over to us and Ryan Shapiro, a PhD candidate at MIT and a research affiliate at Harvard University, is truly bizarre: a two-page intelligence assessment of the incident, dated Aug. 22, 2016, that contains information DHS culled from the internet. It’s all unclassified — yet DHS covered nearly everything in wide swaths of black ink. Why? Not because it would threaten national security, but because it would reveal the methods DHS uses to gather intelligence, methods that may amount to little more than using Google.”
In lieu of substantive evidence provided to the public that the alleged hacks which led to Wikileaks releases of DNC and Clinton Campaign Manager John Podesta’s emails were orchestrated by the Russian Government, CrowdStrike’s bias has been cited as undependable in its own assessment, in addition to its skeptical methods and conclusions. The firm’s CTO and co-founder, Dmitri Alperovitch, is a senior fellow at the Atlantic Council, a think tank with openly anti-Russian sentiments that is funded by Ukrainian billionaire Victor Pinchuk, who also happened to donate at least $10 million to the Clinton Foundation.
In 2013, the Atlantic Council awarded Hillary Clinton it’s Distinguished International Leadership Award. In 2014, the Atlantic Council hosted one of several events with former Ukrainian Prime Minister Arseniy Yatsenyuk, who took over after pro-Russian President Viktor Yanukovych was ousted in early 2014, who now lives in exile in Russia.” (Read more: CounterPunch, 3/23/2017)
December 30, 2016 – The credibility of cyber firm Crowdstrike, claiming Russia hacked the DNC, comes under serious question
“The cyber security firm hired to inspect the DNC hack and determine who was responsible is a firm called Crowdstrike. Its conclusion that Russia was responsible was released last year, but several people began to call its analysis into question upon further inspection.
Jeffrey Carr was one of the most prominent cynics, and as he noted in his December post, FBI/DHS Joint Analysis Report: A Fatally Flawed Effort:
The FBI/DHS Joint Analysis Report (JAR) “Grizzly Steppe” was released yesterday as part of the White House’s response to alleged Russian government interference in the 2016 election process. It adds nothing to the call for evidence that the Russian government was responsible for hacking the DNC, the DCCC, the email accounts of Democratic party officials, or for delivering the content of those hacks to Wikileaks.
It merely listed every threat group ever reported on by a commercial cybersecurity company that is suspected of being Russian-made and lumped them under the heading of Russian Intelligence Services (RIS) without providing any supporting evidence that such a connection exists.
Unlike Crowdstrike, ESET doesn’t assign APT28/Fancy Bear/Sednit to a Russian Intelligence Service or anyone else for a very simple reason. Once malware is deployed, it is no longer under the control of the hacker who deployed it or the developer who created it. It can be reverse-engineered, copied, modified, shared and redeployed again and again by anyone. In other words — malware deployed is malware enjoyed!
If ESET could do it, so can others. It is both foolish and baseless to claim, as Crowdstrike does, that X-Agent is used solely by the Russian government when the source code is there for anyone to find and use at will.
If the White House had unclassified evidence that tied officials in the Russian government to the DNC attack, they would have presented it by now. The fact that they didn’t means either that the evidence doesn’t exist or that it is classified.
If it’s classified, an independent commission should review it because this entire assignment of blame against the Russian government is looking more and more like a domestic political operation run by the White House that relied heavily on questionable intelligence generated by a for-profit cybersecurity firm with a vested interest in selling “attribution-as-a-service”.
Nevertheless, countless people, including the entirety of the corporate media, put total faith in the analysis of Crowdstrike despite the fact that the FBI was denied access to perform its own analysis. Which makes me wonder, did the U.S. government do any real analysis of its own on the DNC hack, or did it just copy/paste Crowdstrike?
As The Hill reported in January:
The FBI requested direct access to the Democratic National Committee’s (DNC) hacked computer servers but was denied, Director James Comey told lawmakers on Tuesday.
The bureau made “multiple requests at different levels,” according to Comey, but ultimately struck an agreement with the DNC that a “highly respected private company” would get access and share what it found with investigators.
“We’d always prefer to have access hands-on ourselves if that’s possible,” Comey said, noting that he didn’t know why the DNC rebuffed the FBI’s request.
This is nuts. Are all U.S. government agencies simply listening to what Crowdstike said in coming to their “independent” conclusions that Russia hacked the DNC? If so, that’s a huge problem. Particularly considering what Voice of America published yesterday in a piece titled, Cyber Firm at Center of Russian Hacking Charges Misread Data:
An influential British think tank and Ukraine’s military are disputing a report that the U.S. cybersecurity firm CrowdStrike has used to buttress its claims of Russian hacking in the presidential election.
The CrowdStrike report, released in December, asserted that Russians hacked into a Ukrainian artillery app, resulting in heavy losses of howitzers in Ukraine’s war with Russian-backed separatists.
But the International Institute for Strategic Studies (IISS) told VOA that CrowdStrike erroneously used IISS data as proof of the intrusion. IISS disavowed any connection to the CrowdStrike report. Ukraine’s Ministry of Defense also has claimed combat losses and hacking never happened.
The challenges to CrowdStrike’s credibility are significant because the firm was the first to link last year’s hacks of Democratic Party computers to Russian actors, and because CrowdStrike co-founder Dimiti Alperovitch has trumpeted its Ukraine report as more evidence of Russian election tampering.“