Fool Me Once: Crowdstrike Claimed Two Cases Of ‘Russian Hacking.’ One Has Been Proven Wrong.

by | Mar 22, 2017

undefined

The cyber-security company Crowdstrike claimed that the “Russia” hacked the Democratic National Committee. It also claimed that “Russia” hacked artillery units of the Ukrainian army. The second claim has now be found to be completely baseless. That same is probably the case with its claims related to the DNC.

Sometime around May 2016 the Democratic National Committee lost control over its email archives. It claimed that its servers had been “hacked” by someone related to Russian interests. DNC emails were published by Wikileaks and provided that the DNC had worked during the primaries against its statutes and in favor of one presidential candidate, Hillary Clinton. The DNC chair was forced to resign over the case.

The DNC had called in Crowdstrike, a company led by a one Dimitry Alperovich, a Senior Fellow of the NATO aligned “think tank” Atlantic Council. After a short investigation Crowdstrike claimed to found intruding software on the DNC servers that, it says, has been exclusively used by Russian intelligence services. From there followed claims that “Russia hacked the U.S. elections.”

When the DNC went public with the Crowdstrike claims the FBI never requested access to the servers to determine if a crime had been committed and to detect the culprit. Access to the servers had been informally denied by the DNC. The FBI simply followed (pdf), without any own forensic investigation of its own, the conclusions Crowdstrike had made.

A month later and in a different case the same Crowdstrike investigators claimed (pdf) that the artillery units of the Ukrainian army had had “excessive combat losses” of up to 80 percent in their fight with Ukrainian separatists. Crowdstrike asserted that Russian intelligence hacked an application used by the Ukrainians to aim their guns. The hack, it was claimed, enabled well targeted counter-fire that then destroyed the Ukrainian guns.

The author of the application denied that any such hacking had taken place. His software was provided only directly from him to Ukrainian army units. Independent cyber-security researchers also doubted the claims.

Crowdstrike had based its numbers for “excessive losses” of Ukrainian artillery units on statistics collected by the International Institute for Strategic Studies (IISS). The IISS now says that its statistics do not provide what Crowdstrike claimed. There were no “excessive losses” of Ukrainian artillery.

VOA first contacted IISS in February to verify the alleged artillery losses. Officials there initially were unaware of the CrowdStrike assertions. After investigating, they determined that CrowdStrike misinterpreted their data and hadn’t reached out beforehand for comment or clarification.

In a statement to VOA, the institute flatly rejected the assertion of artillery combat losses.

It seems that the whole “Ukrainian artillery hack” claims by Crowdstrike was simply made up. There was no “hack” and the claimed damage from the “hack” did not occur at all. Crowdstrike evidently found a “crime” and “Russian hacking” where none had happened.

In the case of the DNC hacking Crowdstrike also alleged a “crime” and “Russian hacking”. No hard evidence was ever provided for that claim, no competent police force ever investigated the crime scene and serious security researchers found that the Crowdstrike claims were likely taken from hot air.

The DNC was likely not hacked at all. Some insider with access to its servers may have taken the emails to publish them. On July 10 2016 the DNC IT administrator Seth Rich was found fatally shot on the streets of Washington DC. To this day no culprit has been found. The crime is unsolved. Five Congressional staffers and IT administrators from Pakistan, some of whom also worked for the DNC chair Debbie Wasserman-Schultz, are under criminal investigation for unauthorized access to Congressional computers. They had the password of Wasserman-Schultz and may have had access to the DNC servers.

Crowdstrike’s claims of “Russian hacking” have evidently been false with regards to the Ukrainian artillery. Crowdstrike’s claims of “Russian hacking” in the case of the DNC have never been supported or confirmed by independent evidence. There are reasons to believe that the loss of control of the DNC’s email archives were a case of unauthorized internal access and not a “hack” at all.

A company related to a NATO aligned “think-tank,” which is financed by weapon producers and other special interests, raises allegations against Russia that are quite possibly unfounded. These allegations are then used by NATO to build up a public boogeyman picture of “the Russian enemy.” In consequence the budgets for NATO militaries and the profits of weapon producers increase.

It is a simple racket, but with potentially very bad consequences for all of us.

Reprinted with permission from Moon of Alabama.

Author