Before a faulty software update dragged the company’s name into global headlines on Friday, Crowdstrike had a long history of involvement with US intelligence agencies, and played a key role in the ‘Russiagate’ hoax.
- Crowdstrike released a defective update to its cloud-based security software on Friday that left an array of users around the world – including banks, airlines, media outlets, and government agencies – unable to use their IT systems.
- The company issued a fix within several hours of the problem being identified, but thousands of flights remained canceled or delayed into Friday afternoon, while hospitals, police departments, and businesses continued to report issues getting back online.
Trusted by governments
- Founded by its CEO George Kurtz and former CTO Dmitri Alperovitch in 2011, Crowdstrike released its flagship Falcon platform two years later. Falcon monitors clients’ computers or servers for attacks, relays details of incoming threats to the company via a cloud-based monitoring service, and can then block or trace the attack.
Among the clients listed on Crowdstrike’s website are Amazon, Google, Visa, and Intel. More than 80% of US state governments use Crowdstrike, as do the national governments of Australia, Germany, Israel, and others.
- The Falcon platform requires deep access to a client’s devices, meaning that a faulty update can crash not just the software, but the device itself, as happened on a global scale on Friday.
Working with spies
Less than a year after Crowdstrike was founded, Kurtz and Alperovitch brought on board former FBI Executive Assistant Director Shawn Henry to head up its cybersecurity consultation wing. By 2014, Henry’s department was issuing a flurry of hacking and espionage accusations against China, Russia, and North Korea, with information provided by Crowdstrike helping the US Justice Department issue indictments that summer against five Chinese military officers who allegedly hacked US energy corporations.
Russiagate
Crowdstrike was hired by the US Democratic National Committee to investigate the theft of data from its servers in 2016. Published by WikiLeaks, the data revealed that the DNC had rigged the Democratic primary against Bernie Sanders, and that Hillary Clinton had effectively paid to control the committee.
Crowdstrike concluded that Russia was behind the breach, with Henry testifying to Congress that the company “saw activity that we believed was consistent with activity we’d seen previously and had associated with the Russian government.”
- Henry’s assessment bolstered the January 2017 Intelligence Community Assessment, in which US spy agencies determined that Russia “exfiltrated large volumes of data from the DNC.” This document in turn was used to justify Special Counsel Robert Mueller’s two-year probe into alleged Russian meddling in the 2016 presidential election.
However, the full transcript of Henry’s testimony was not declassified until 2020. In the complete transcript, Henry told lawmakers that his company had “no evidence that [any files] were actually exfiltrated” from the DNC’s servers, and that there was only “circumstantial evidence” and “indicators that that data was exfiltrated.”
WikiLeaks founder Julian Assange suggested in 2016 that a DNC staffer named Seth Rich – who died in suspicious circumstances after the apparent breach – was the source of the leak. Former NSA official and whistleblower William Binney argued in 2017 that all available evidence pointed to the leak being the work of a disgruntled DNC insider.
Source: RT
1 thought on “What you should know about CrowdStrike, the firm behind the global IT outage”
Comments are closed.