Russia
Russia
Posted on Dec 3, 2019
Watch a GOP congressman learn Ukrainians don't own CrowdStrike live on CNN
2.24K
127
59
16
16
0
"Is CrowdStrike in part owned by a Ukrainian?" Weber asked. "No," Cuomo replied. "Really?" Weber said. "That's not the information that we have." "You have bad information," Cuomo said, adding that Trump's former homeland security advisers Tom Bossert called the Ukraine conspiracy theory a joke and U.S. intelligence, the GOP-led Senate Intelligence Committee, and Special Counsel Robert Mueller all corroborated CrowdStrike's conclusion that Russia hacked the DNC's servers.
Watch a GOP congressman learn Ukrainians don't own CrowdStrike live on CNN
Posted from theweek.com
Donald Trump
Russia
Ukraine
Election 2016
Posted >1 y ago
Responses: 11
11
11
0
SPC John Smith
SrA John Monette - We were doing Metallica song lyrics. Those are lyrics from the song Master of Puppets.
(1)
(0)
6
6
0
To get to the heart of this issue... As a cyber expert (from the government side) I can confidently say the Russians were the ones behind the DNC server exploits. That isn't to say no one else attempted and/or succeeded, because obviously it wasn't hard, noting the ease it took to socially engineer Podesta's to access his email account.
That said, Crowdstrike is known within our community to be a very reputable organization with many of the best analysts a cyber defense/forensics organization can have. Some, if not most, of their members have very solid experiences in the areas of cyber attack/exploit/defense. You can second guess my perspective here but the truth is, they are very good at what they do. Now with that said, could they be influenced to hold back their findings and/or make mistakes? Sure. But there is no evidence of such activity. The other co-owner George Kurtz I know to be one of the best in the business and I've also known several others personally (also very good) who went on to collaborate with and work for him. He is the co-author of the books "Hacking Exposed," which in the late 90s to early 2000s was considered the definitive guide to penetration testing and securing networks (and the subsequent versions are still one of the best resources to go to). My thesis for my masters quoted his work extensively and I worked along side the technical editor in red teaming Air Force/DoD network before he separated from the Air Force.
Now, many people criticize the DNC for not handing over their hard drives (the actual drives, not images) to the FBI. After all, this makes sense on the surface right? A crime has been committed, our election was compromised, and the DNC has egg on their face. What must be understood when it comes to looking at a server with forensics techniques, is that like any crime scene, there is a chain of custody. I'm not positive how Crowdstrike was allowed to analyze the servers (i.e. were they only given images too?) but the process of making images of the servers and handing them to the government has essentially broken the chain. You cannot be 100% positive nothing was modified or removed prior to the hand over. It also did not give the FBI analysts a chance to look at the systems live, with the volatile memory still active. Point is, both Crowdstrike and the FBI may not have all the answers as to what happened. But they are positive there was Russian activity and I believe this as fact.
But to be realistic here, can you blame them for not wanting to have the government analyze the live servers (including the data)? You realize once you let them in, you can't tell them where not to look. I'm not saying this from a perspective of they have something illegal to hide. But what they may have is all the research on opposing candidates and even all the information/talking points for their own. We've already seen that members within the government have managed to leak information, so why would the DNC trust the government not to do it to them? I realize the current belief by many is that there are people within the government, in key positions, using their role to leak information and hurt people like President Trump. I've even come to believe this is true, but this is admittedly opinion on my part, based on examples like Reality Winner, who represents a truly dumb ad hoc lone activist example. I am also not naive enough to think someone with conservative perspectives wouldn't do the same. This is why I say we need to aggressively root out and punish leakers as much as possible.
Getting back to Crowdstrike, I hardly believe the heritage of the owner really matters in this case, much less whether the Ukraine also penetrated the DNC servers. Maybe they did, maybe they didn't. The fact still remains Russia did and although I can appreciate the fact that Clinton was exposed as a result, they have no business in our election process. Fortunately in this case, what was exposed turned out to be true and Clinton will no longer have a chance at becoming our President. But I do not think Crowdstrike is behind some conspiracy to hide interference by the Ukrainian government. Regardless of any NDA they might have signed with the DNC, they are still obligated by law to report illegal activity and espionage by a foreign government. They have a lot to lose if it was ever proven they know something. So while the Congressman here doesn't look all too intelligent on the subject here (not that CNN is any better), the whole issue is stupid. On one side you have a media organization looking for another way to make a GOP congressman look uninformed and on the other you have a Congressman who is trying promote possible election interference by another nation in the wrong way. There is no proof Crowdstrike is behind anything here, only that they were allowed to initially analyze the DNC servers. So why involve them until we know for sure? President Trump believes there is a connection with the Ukrainians and the DNC/Clinton/Biden. Regardless of the fact that it benefits him by confirming this, it should be investigated. In the meantime, this Congressman needs to stop talking about conspiracy with far reaching connections to Ukraine and CNN needs to get back to reporting all of the truth, not just what they think makes Trump look bad.
That said, Crowdstrike is known within our community to be a very reputable organization with many of the best analysts a cyber defense/forensics organization can have. Some, if not most, of their members have very solid experiences in the areas of cyber attack/exploit/defense. You can second guess my perspective here but the truth is, they are very good at what they do. Now with that said, could they be influenced to hold back their findings and/or make mistakes? Sure. But there is no evidence of such activity. The other co-owner George Kurtz I know to be one of the best in the business and I've also known several others personally (also very good) who went on to collaborate with and work for him. He is the co-author of the books "Hacking Exposed," which in the late 90s to early 2000s was considered the definitive guide to penetration testing and securing networks (and the subsequent versions are still one of the best resources to go to). My thesis for my masters quoted his work extensively and I worked along side the technical editor in red teaming Air Force/DoD network before he separated from the Air Force.
Now, many people criticize the DNC for not handing over their hard drives (the actual drives, not images) to the FBI. After all, this makes sense on the surface right? A crime has been committed, our election was compromised, and the DNC has egg on their face. What must be understood when it comes to looking at a server with forensics techniques, is that like any crime scene, there is a chain of custody. I'm not positive how Crowdstrike was allowed to analyze the servers (i.e. were they only given images too?) but the process of making images of the servers and handing them to the government has essentially broken the chain. You cannot be 100% positive nothing was modified or removed prior to the hand over. It also did not give the FBI analysts a chance to look at the systems live, with the volatile memory still active. Point is, both Crowdstrike and the FBI may not have all the answers as to what happened. But they are positive there was Russian activity and I believe this as fact.
But to be realistic here, can you blame them for not wanting to have the government analyze the live servers (including the data)? You realize once you let them in, you can't tell them where not to look. I'm not saying this from a perspective of they have something illegal to hide. But what they may have is all the research on opposing candidates and even all the information/talking points for their own. We've already seen that members within the government have managed to leak information, so why would the DNC trust the government not to do it to them? I realize the current belief by many is that there are people within the government, in key positions, using their role to leak information and hurt people like President Trump. I've even come to believe this is true, but this is admittedly opinion on my part, based on examples like Reality Winner, who represents a truly dumb ad hoc lone activist example. I am also not naive enough to think someone with conservative perspectives wouldn't do the same. This is why I say we need to aggressively root out and punish leakers as much as possible.
Getting back to Crowdstrike, I hardly believe the heritage of the owner really matters in this case, much less whether the Ukraine also penetrated the DNC servers. Maybe they did, maybe they didn't. The fact still remains Russia did and although I can appreciate the fact that Clinton was exposed as a result, they have no business in our election process. Fortunately in this case, what was exposed turned out to be true and Clinton will no longer have a chance at becoming our President. But I do not think Crowdstrike is behind some conspiracy to hide interference by the Ukrainian government. Regardless of any NDA they might have signed with the DNC, they are still obligated by law to report illegal activity and espionage by a foreign government. They have a lot to lose if it was ever proven they know something. So while the Congressman here doesn't look all too intelligent on the subject here (not that CNN is any better), the whole issue is stupid. On one side you have a media organization looking for another way to make a GOP congressman look uninformed and on the other you have a Congressman who is trying promote possible election interference by another nation in the wrong way. There is no proof Crowdstrike is behind anything here, only that they were allowed to initially analyze the DNC servers. So why involve them until we know for sure? President Trump believes there is a connection with the Ukrainians and the DNC/Clinton/Biden. Regardless of the fact that it benefits him by confirming this, it should be investigated. In the meantime, this Congressman needs to stop talking about conspiracy with far reaching connections to Ukraine and CNN needs to get back to reporting all of the truth, not just what they think makes Trump look bad.
(6)
(0)
MSgt Steve Sweeney
I appreciate the in depth perspective. Thank you. I am not sure the media organization was trying to make the congressman look uniformed. They did not force him to advance a claim of Ukrainian ownership. Cuomo was giving straight yes/no answers. Weber walked into a landmine he set for himself. That isn't CNN's fault.
(2)
(0)
Maj Kevin "Mac" McLaughlin
I'm sorry CPT but you are welcome to believe the theories of a Cryptanalyst, William Binney who's information was proven to be disinformation provided by the Russians. Also, no offense to Intelligence officers, but in cyber, they are still getting their feet wet. Analyzing a server isn't what they do either. The folks at Crowdstrike, some of which are former NSA, Air Force Cyber, and then some, are highly skilled cyber experts who know how to forensically analyze a server. William Binney left that world a long time ago and it has advanced extensively since then.
William Binney is nothing more than an alarmist who seemingly quit the NSA in 2001 because he disagreed with the NSA's surveillance programs. Ironically, he built one of them and it was shelved for another because it wasn't able to scale the mass amounts of data. His actions and whistle-blowing even inspired Snowden to do what he did.
William Binney is nothing more than an alarmist who seemingly quit the NSA in 2001 because he disagreed with the NSA's surveillance programs. Ironically, he built one of them and it was shelved for another because it wasn't able to scale the mass amounts of data. His actions and whistle-blowing even inspired Snowden to do what he did.
(2)
(0)
Maj Kevin "Mac" McLaughlin
1SG (Join to see) - The RNC did provide the exploited servers to the FBI. However, they were from an older Domain with older obsolete emails. The Russians never released them probably because there wasn't anything there. The primary network of the RNC hs not been reported as hacked to date. I'll also add that the DNC was warned of cyber activity, by the FBI, several months prior to the release of their emails. They essentially ignored the warnings.
(2)
(0)
6
6
0
MSgt Steve Sweeney
I doubt it. People will resist what is true in favor of what they want to believe.
(4)
(0)
(4)
(0)
SSgt Gary Andrews
Sorry....but to almost all members of the GOP, the truth is whatever Trump says it is.
(5)
(0)
Read This Next
Continue with Facebook 
Continue with Google