Thursday, July 13, 2017

On Oct. 7, 2016, two days before 2nd pres. debate between Hillary and Trump, CrowdStrike's Alperovitch gets call from Obama official to alert him that US was about to blame Russia for loss of DNC emails, thanked him for pushing US to name Russia. Also in Oct. 2016, Obama officials invited Alperovitch to a meeting to consider what to do about DNC emails-Esquire, 10/24/2016

Oct. 24, 2016, "The Russian Expat Leading the Fight to Protect America," Esquire, Vicky Ward

"In a war against hackers, Dmitri Alperovitch and CrowdStrike are our special forces (and Putin's worst nightmare)."

(parag. 7) "Hacking, like domestic abuse...tends to induce shame. Companies such as Yahoo usually publicize their breaches only when the law requires it. For this reason, Alperovitch says, he expected that the DNC, too, would want to keep quiet....

The (US) government's attitude toward attribution moved closer to [CrowdStrike] Alperovitch's in September 2015....A year earlier [2014], five members of the Chinese People's Liberation Army had been indicted by a grand jury in Pennsylvania for stealing economic secrets from the computers of U. S. firms in the nuclear, solar, and metals industries....Alperovitch went on television to call for a stronger response. In April 2015, after President Obama signed an executive order threatening sanctions against the Chinese, Alperovitch received a call from the White House. "You should be happy," he was told. "You're the one who's been pushing for this."...

On October 7, [2016] two days before the second presidential debate [between Hillary and Trump], Alperovitch got a phone call from a senior government official alerting him that a statement identifying Russia as the sponsor of the DNC attack would soon be released. . (The statement, from the office of the director of national intelligence and the Department of Homeland Security, appeared later that day.) Once again, Alperovitch was thanked for pushing the government along....

Though pleased, he wished the statement had warned that more leaks were likely. "It's nice that you have the DHS and DNI jointly putting the statement out on a Friday night, but the president coming out and saying, 'Mr. Putin, we know you're doing this, we find it unacceptable, and you have to stop' would be beneficial."

Less than a week later [early Oct. 2016], after WikiLeaks released another cache of hacked emails—this time from John Podesta, Hillary Clinton's campaign chair—the White House announced that the president was considering a "proportional" response against Russia. 

Administration officials asked Alperovitch to attend a meeting to consider what to do. He was the only native Russian in the room. "You have to let them save face," he told the group. "Escalation will not end well.""


Added:Claims of attribution aren’t testable or repeatable because the hypothesis is never proven right or wrong."
"Rush to Judgment," "The evidence that the Russians hacked the DNC is collapsing,",  
"“It’s important to know that the process of attributing an attack by a cybersecurity company has nothing to do with the scientific method,writes Carr:
Claims of attribution aren’t testable or repeatable because the hypothesis is never proven right or wrong. Neither are claims of attribution admissible in any criminal case, so those who make the claim don’t have to abide by any rules of evidence (i.e., hearsay, relevance, admissibility).”

Likening attribution claims of hacking incidents by cybersecurity companies to intelligence assessments, Carr notes that, unlike government agencies such the CIA, these companies are never held to account for their misses:

“When it comes to cybersecurity estimates of attribution, no one holds the company that makes the claim accountable because there’s no way to prove whether the assignment of attribution is true or false unless (1) there is a criminal conviction, (2) the hacker is caught in the act, or (3) a government employee leaked the evidence.”" 


Added: "“The only things that pay in the cybersecurity world are claims of attribution,” Mr. Carr said.  “Which foreign government attacked you?""

July 5, 2017, "Hacked computer server that handled DNC email remains out of reach of Russia investigators," Washington Times, Dan Boylan

"“The only things that pay in the cybersecurity world are claims of attribution,” Mr. Carr said.  “Which foreign government attacked you? If you are critical of the attack, you make zero money. CrowdStrike is the poster child for companies that operate like this.”" (end of article)


No comments: