The recent global IT outage caused by a faulty update by CrowdStrike has focused new attention on the cybersecurity company’s market power and its controversial role in the “Russiagate” hacking investigation of the 2016 Democratic National Committee (DNC).
of Financial Times Reports CrowdStrike, a leading cybersecurity company that protects 29,000 customers worldwide, has revealed that a flawed update it pushed out to its Falcon Sensor product for Microsoft users caused widespread system crashes across a range of industries around the world. The incident affected many industries, including airlines, railways, banks and broadcasters, highlighting the far-reaching impact of single points of failure in an increasingly interconnected global IT infrastructure.
While the exact number of affected customers is unknown, reports suggest the issue is widespread across Asia, Europe and the United States. Many users encountered the infamous “Blue Screen of Death,” rendering their systems inoperable. While CrowdStrike and affected companies claim to have deployed a fix, early reports suggest the recovery process is manual and complicated, and can take a long time to restore a crashed PC.
This global outage has once again highlighted the concentration of power in the cybersecurity industry. According to SecurityScorecard, just 15 companies worldwide control 62% of the market share for cybersecurity products and services. IDC reports that this situation is even more pronounced in the modern endpoint security sector, where three companies, led by Microsoft and CrowdStrike, controlled half of the market last year.
The incident also reignited discussion about CrowdStrike’s key role in the investigation into the alleged Russian hacking of the Democratic National Committee (DNC) during the 2016 US presidential election. Breitbart News reported in 2017 that CrowdStrike, founded by experts George Kurtz and Dmitri Alperovich, was contracted to investigate the alleged intrusion into the DNC’s computer systems. The company’s “Russiagate” findings, which attributed the hack to Russian state actors, became the cornerstone of subsequent investigations into foreign interference in the US electoral process.
But details about CrowdStrike’s funding and ties raise questions about potential conflicts of interest. The company received a $100 million investment in 2015 led by Google Capital (now known as Capital G), a subsidiary of Google parent Alphabet. The ties are notable given that Alphabet’s then-chairman, Eric Schmidt, was a well-known supporter of Hillary Clinton and a longtime donor to the Democratic Party.
CrowdStrike’s relationship with the FBI during the DNC hack investigation has also come under scrutiny. According to a senior law enforcement official cited by CNN, the DNC “refused” FBI requests to directly investigate its servers after the alleged hack. Instead, the FBI relied on CrowdStrike’s assessment that Russian agents were likely responsible for the intrusion. That decision “resulted in significant delays and prevented the FBI from addressing the intrusion earlier,” the official said.
Adding fuel to the controversy, Eric Walker, deputy communications director for the Democratic National Committee, disputed the FBI’s claims and said the bureau never requested access to the servers, a contradiction that has intensified debate over the thoroughness of investigations and the reliance on third-party reviews in high-profile cybersecurity cases.
CrowdStrike co-founder and Russian expatriate Dmitri Alperovich has played a central role in the company’s investigation. According to a profile in Esquire, Alperovich discovered the alleged Russian leak when one of the company’s analysts installed proprietary software on the DNC’s systems. The company identified two groups of intruders, dubbed “Cozy Bear” and “Fancy Bear,” and linked them to Russian intelligence.
The decision to release the findings was reportedly made at the urging of the Democratic National Committee and coincided with concerns about fabricated stories about ties between former President Donald Trump and Russia during the 2016 election, raising questions about the political implications of the release.
CrowdStrike’s ties extend beyond Google and the DNC: The company’s president of services, Shawn Henry, is a former deputy executive director of the FBI, and in April 2016, CrowdStrike’s general counsel and chief risk officer, Steven Chabinsky, was appointed to President Obama’s White House Commission on National Cybersecurity Enhancement.
The connections raise questions about potential conflicts of interest in the cybersecurity industry, especially when dealing with politically sensitive investigations. In an interview with PBS, Alperovich was asked directly about potential conflicts of interest given CrowdStrike’s work for the DNC. He argued that the company’s report was based on evidence unrelated to the DNC hack that linked Russian actors to military operations in eastern Ukraine.
Click here for details of Financial Times here.
Lucas Nolan is a reporter for Breitbart News covering free speech and online censorship.
