01:30 GMT +323 September 2017
Live
    Cyber crime

    Washington’s Cyber Investigator Tied ‘Russian Hacking’ to Non-Existent Events

    © Photo: PIxabay
    Military & Intelligence
    Get short URL
    Grant Ferowich
    132590366

    The cyber firm investigating allegations of a Moscow-sponsored attack on US Democratic Party servers has a history of linking "Russian hacking" with imaginary events. But just days ago, FBI Director James Comey heralded CrowdStrike as a "highly respected private company" before the Senate.

    Long before they were fingering Russia as the culprits in the US hack, the firm, CrowdStrike, was alleging Russia had used malware to destroy Ukrainian weapons – another conclusion that has left experts scratching their heads. 

    Data from the International Institute for Strategic Studies’ (IISS) was manipulated to support CrowdStrike’s explosive assertion that Russian cyber operators hacked into Ukrainian howitzer artillery units to target other Ukrainian ground forces. 

    "The CrowdStrike report uses our data," the IISS London Press Office told Sputnik, "but the inferences and analysis drawn from that data belong solely to the report’s authors."

    The accusation that Russia got Ukrainian weapons to fire at each other would be a bombshell, "except for the fact that the malware doesn’t ask for GPS location data," writes Jeffrey Carr, a cybersecurity expert who has taught at the US Army War College. 

    The CrowdStrike report on Ukraine also quoted "exaggerated figures of an 80 percent loss rate of Ukraine’s D-30 artillery caused in part by a variant of the same malware used in the DNC hack," Carr said. 

    "Open source reporting," the CrowdStrike Global Intelligence Team wrote, showed that "Ukrainian artillery forces have lost over 50 percent of their weapons in the two years of conflict and over 80 percent of D-30 howitzers." 

    According to the Artillery Land Forces of Ukraine, however, the number of "artillery weapons lost" are lower than what CrowdStrike suggested, "and are not associated with the specified cause."

    CrowdStrike’s assertions constituted a conclusion IISS never suggested, "nor one we believe to be accurate," the British think tank said in a statement to Sputnik. The decline in artillery assets cited by CrowdStrike is more properly attributed to a transfer of those assets to air force teams, not their outright destruction. 

    Fancy Bear, the subject of CrowdStrike’s report, is the same malware that CrowdStrike said was used to infiltrate the DNC’s servers. 

    "The fact that they would be tracking and helping the Russian military kill Ukrainian army personnel in eastern Ukraine and also intervening in the US election is quite chilling," CrowdStrike Chief Technology Officer Dimitri Alperovitch told the Washington Post in December.

    Chilling, maybe. But based on real evidence? That looks less likely.

    Six months after the FBI alleged that "Russian hackers" breached the Democratic National Committee, the FBI still had not bothered to request permission to access the breached servers, a DNC spokesman said in January. 

    "CrowdStrike is pretty good," an intelligence official said that month, adding that there was no reason to believe CrowdStrike’s report wasn’t accurate. 

    Agencies like the FBI, Justice Department and the US Attorney General’s Office requested DNC cooperation, but the FBI "never requested access to the DNC’s computer servers," DNC deputy communications director Eric Walker said in January. Instead, law enforcement officials relied on a CrowdStrike analysis as a pretext for allegations that Russia had attempted to interfere in the 2016 elections. 

    In January, Sputnik pointed out the obvious fallacy in such reasoning: Just because CrowdStrike’s credibility had not been disproven does not therefore prove the opposite point, that CrowdStrike possesses credibility. The argumentum ad ignoratium fallacy, or "the argument from ignorance," is now rearing its ugly head as reports emerge that CrowdStrike may not be as infallible as officials at the DNC, intelligence agencies and US government at large previously believed. 

    Related:

    UK Gov't to Hold Cybersecurity Conference on Alleged Russian Hacking Threat
    California Assemblyman Wants Schools to Teach ‘Russian Hacking’ of US Election
    Ex-US Intel Operatives Demand Evidence of ‘Russian Hacking’ – If It Exists
    Washington's Claims on Alleged Russian Hacking Promote Russian IT-Specialists
    Carter: Russian Hacking of US Election 'Aggressive Act'
    Tags:
    howitzer, malware, hacking, FBI, CrowdStrike, International Institute for Stragetic Studies (IISS), James Comey, United States, Ukraine
    Community standardsDiscussion
    Comment via FacebookComment via Sputnik
    • Сomment