CrowdStrike, the cybersecurity firm now known for halting air travel, disrupting credit card payment systems, affecting banks, broadcasting services, street lights, emergency services, and hospitals worldwide with a single content update, has a controversial history. This is the same company that falsely attributed the Democratic National Committee (DNC) hack to Russia, setting the stage for the Russiagate scandal.
The DNC Hack and Russiagate
CrowdStrike, a private company working for the Clinton campaign, was relied upon by the FBI to investigate the "hacked" DNC servers instead of conducting their own independent investigation. It emerged four years later that CrowdStrike had "no evidence" of Russian hacking. Despite this, the Clinton campaign, CrowdStrike, and Special Counsel Robert Mueller concealed this information, even providing false statements to Congress.
This unprecedented reliance on a third-party company with ties to British and Israeli intelligence by the FBI raises significant questions. Shawn Henry, Chief Security Officer and President of CrowdStrike Services, joined the company in 2012 after a 24-year career with the FBI, where he held various operational and leadership roles, eventually overseeing half of the FBI's investigative operations, including all criminal and cyber investigations worldwide.
The Aftermath of the DNC Hack
CrowdStrike's handling of the DNC hack and the murder of DNC staffer Seth Rich remains controversial. Experts in the cybersecurity space immediately questioned CrowdStrike's claims during the announcement of the hack, as they seemed to possess knowledge that was impossible to verify.
In 2019, then-President Donald Trump asked Ukraine to investigate CrowdStrike.
One would expect such a company to have rigorous checks in place before rolling out code updates globally. The recent disruption caused by CrowdStrike's update illustrates the risks of centralized control and the importance of having contingency plans, such as incremental rollouts and backup systems.
The Broader Implications
The recent incident underscores the dangers of a cashless world. Stranded passengers unable to use credit cards, eat, or secure transportation highlight the vulnerability of relying solely on digital systems. Major investors in CrowdStrike include influential financial institutions like BlackRock, Vanguard Group, Morgan Stanley, and JP Morgan & Chase, suggesting that political connections may have played a role in the company's growth.
Lessons in Cybersecurity
This episode serves as a stark reminder to companies about the perils of centralizing control and the importance of considering national security implications. Cyberattacks can inflict warlike damage without the attacker ever leaving their chair. As technology governs everything from electricity routing to dam operations, the rapid evolution and complexity of cyber threats pose significant challenges.
The World Economic Forum (WEF) predicts a cyberattack by the end of the year that will dwarf the impact of recent lockdowns. The global economy's reliance on data, driven by Silicon Valley giants like Facebook, X/Twitter, LinkedIn, Instagram, and YouTube, further complicates the cybersecurity landscape.
International Cybersecurity Exercises
In 2021, 200 teams from 48 countries participated in a worldwide cybersecurity training exercise. The WEF's Cyber Polygon, involving entities like IBM, Santander, and Ernst and Young, has been affiliated with Russian government agencies, major global banks, and intelligence services from the US, UK, and Israel. These exercises test theories and strategies through the Carnegie Endowment for International Peace, involving central banks and major financial institutions worldwide.
The Foreseeable Cyber Crisis
Despite years of planning for a massive cyberattack on global financial systems, healthcare, water, and power infrastructures, the lack of preventative measures suggests a troubling complacency. Effective testing and safeguards should be in place before implementing global code changes.
CrowdStrike's history and recent disruptions highlight the critical need for robust cybersecurity strategies, independent investigations, and diversified control mechanisms to protect against the escalating threat of cyberattacks.