Sunday, July 16, 2017

CrowdStrike actions give appearance of Russian collusion. CrowdStrike knowingly allowed alleged Russian malware to remain on DNC computers for over a month (May 5-June 11), sat and watched emails go out the door leading up to 7/25 Democrat Convention. Were CrowdStrike personnel vetted in same way FBI agents are? Would DNC have paid FBI agents investigating its computers as it did CrowdStrike? Is DNC guilty of treason for using private intel and not FBI?

"The company hooked up monitoring software to the DNC system on May 5, 2016 and it 'lit up,' indicating a breach. The company immediately determined that the culprit was Russia....In the weeks that followed, CrowdStrike said it built an entirely new computer and phone system for the DNC and monitored the hackers as they pilfered emails and research files. Over a month passed before CrowdStrike finally booted the hackers out of the system on June 10, 2016."...The Democrat Convention began on July 25, 2016.
4/5/17, "EXCLUSIVE: Cybersecurity experts who were first to conclude that Putin hacked presidential election ABANDON some of their claims against Russia - and refuse to co-operate with Congress," Daily Mail, Alana Goodman 

"Alperovitch said the company hooked up monitoring software to the DNC system on May 5, 2016 and it 'lit up,' indicating a breach. The company immediately determined that the culprit was Russia, based on the hacking techniques and the location of the server that was stealing the data, he said.... 

In the weeks that followed, CrowdStrike said it built an entirely new computer and phone system for the DNC and monitored the hackers as they pilfered emails and research files. 

Over a month passed before CrowdStrike finally booted the hackers out of the system on June 10, 2016.

The vast majority of the email theft appears to have occurred during this time. Although hacker 'Guccifer 2.0' claimed to have had access for a year, there did not appear to be the publication of emails to back this claim."...


Added: Only a few days earlier, April 29, 2016, CrowdStrike had completed another job for the DNC and apparently noticed no "Russian hacking":

"From March to late April 2016, over a period of five weeks...CrowdStrike spent 128 hours performing an investigation for the DNC into unauthorized access by members of then-primary candidate Bernie Sanders’ campaign staff into Hillary Clinton’s section of the DNC’s voter file system....For unknown reasons, no Russian hacking was detected at that time (March-April 2016), suggesting CrowdStrike missed one or both of the Russian hacking groups that were allegedly present in the DNC network at the time."... 


CrowdStrike finally removed alleged Russian malware over weekend of June 11-12, 2016, per Washington Post

  5/15/17, updated 6/14/17, "Did Russia hack the DNC?" Jeffrey Marty,

 "The DNC re-hired CrowdStrike to evaluate its computer network. [On May 5, 2016] The company quickly assessed, using its own software, that two hacker networks affiliated with Russian intelligence likely carried out the attacks, one entering in 2015 and remaining (obtaining emails and messages) and the other entering at the end of April 2016 (taking opposition research files). CrowdStrike speculated that spear-phishing emails, which when opened install malicious software, were the method used; however, the firm denied having “hard evidence” in that regard. Notably, CrowdStrike was “not sure how the hackers got in, per a Washington Post article covering the story two months lateron June 14, 2016, which began the “Russian hackers” media narrative.... 

Nearly the entire theory is based on one report, from one private cybersecurity firm, with little-to-no corroboration by any intelligence agencies....

From March to late April 2016, over a period of five weeks, private cybersecurity firm CrowdStrike spent 128 hours performing an investigation for the DNC into unauthorized access by members of then-primary candidate Bernie Sanders’ campaign staff into Hillary Clinton’s section of the DNC’s voter file system. The breach lasted a total of one hour on December 15, 2015, after an internal firewall failed and provided the Sanders employees with unexpected access to the files. The DNC issued a press release about CrowdStrike’s findings on April 29, 2016, which confirmed–five weeks and 128 hours later–that a few Sanders staffers accessed Hillary Clinton’s voter data for an hour. For unknown reasons, no Russian hacking was detected at that time, suggesting CrowdStrike missed one or both of the Russian hacking groups that were allegedly present in the DNC network at the time.... 

Presumably, a private security company's employees [such as CrowdStrike's] are not vetted in a similar manner to FBI agents. It goes without saying that no one would ever find it acceptable for the DNC to pay the salaries of FBI agents investigating its network, but that's exactly what happened in the business relationship between the DNC and Crowdstrike-a blatant conflict of interest. Further, choosing not to testify about methods and conclusions at an oversight hearing is not optional for the FBI, which is controlled (in theory) by our Constitution."...

Added: Malware was allowed to remain until June 11-12, 2016, per Washington Post: DNC Chair Wasserman Schultz said: "When we discovered the intrusion, we...reached out to CrowdStrike immediately. Our team moved as quickly as possible to kick out the intruders and secure our network.”"...Yes, CrowdStrike was there "immediately" on May 5, but didn't "kick out the intruders" until June 11-12, 2016:

6/14/2016, "Russian government hackers penetrated DNC, stole opposition research on Trump," Washington Post, Ellen Nakashima  

"Some of the hackers had access to the DNC network for about a year, but all were expelled over the past weekend in a major computer cleanup campaign, the committee officials and experts said." ["The past weekend" was June 11-12, 2016] 

"DNC leaders were tipped to the hack in late April (2016)....DNC leadership acted quickly after the intrusion’s discovery to contain the damage."...

Rep. Debbie Wasserman Schultz (Fla.), DNC chairwoman: 

When we discovered the intrusion, we treated this like the serious incident it is and reached out to CrowdStrike immediately. Our team moved as quickly as possible to kick out the intruders and secure our network.”"..


Added: DNC received professional cybersecurity warnings and advice in fall 2015 but ignored them: Bloomberg

7/27/2016, "Democrats Ignored Cybersecurity Warnings Before Theft," Bloomberg, Michael Riley

"The Democratic National Committee was warned last fall (2015) that its computer network was susceptible to attacks but didn’t follow the security advice it was given, according to three people familiar with the matter.

The missed opportunity is another blow to party officials already embarrassed by the theft and public disclosure of e-mails that have disrupted their presidential nominating convention in Philadelphia and led their chairwoman to resign.

Computer security consultants hired by the DNC made dozens of recommendations after a two-month review, the people said. Following the advice, which would typically include having specialists hunt for intruders on the network, might have alerted party officials that hackers had been lurking in their network for weeks -- hackers who would stay for nearly a year. 

Instead, officials didn’t discover the breach until April (2016). The theft ultimately led to the release of almost 20,000 internal e-mails through WikiLeaks last week on the eve of the convention."...


Added source about CrowdStrike:

Oct. 24, 2016, "The Russian Expat Leading the Fight to Protect America," Esquire, Vicky Ward

"On the morning of May 6, Dmitri Alperovitch woke up in a Los Angeles hotel....Late the previous night, his company had been asked by the Democratic National Committee to investigate a possible breach of its network. A CrowdStrike security expert had sent the DNC a proprietary software package, called Falcon, that monitors the networks of its clients in real time. Falcon "lit up," the email said, within ten seconds of being installed at the DNC: Russia was in the network."... 


Added: Everybody loves CrowdStrike: The Republican Establishment is also a CrowdStrike client: 

7/5/17, "Hacked computer server that handled DNC email remains out of reach of Russia investigators," Washington Times, Dan Boylan

"CrowdStrike has added the National Republican Congressional Committee to its client list. The NRCC also declined to answer questions for this report."...
"The firm (Crowdstrike) also has found success in generating venture capital support. Fortune magazine reported that it has raised $256 million and boasts a “valuation exceeding $1 billion.” 

Investors include Warburg Pincus, whose president, Timothy Geithner, worked for the Clinton and Obama administrations. [Weapons manufacturers such as Lockheed Martin, Raytheon, and Northrop Grumman are also CrowdStrike investors]. The Clinton campaign’s largest corporate contributor, Google, whose employees donated more than $1.3 million to Mrs. Clinton’s campaign last year, also has funded CrowdStrike.

During the election cycle last year, the DNC paid CrowdStrike more than $410,000. This year, it has collected more than $121,000 from the party.

The DNC declined to answer questions about CrowdStrike. During a telephone call with The Times, DNC communications staff also refused to discuss the location of its infamous server....

CrowdStrike has added the National Republican Congressional Committee to its client list. The NRCC also declined to answer questions for this report."...



No comments:

Post a Comment