The recent worldwide IT outage caused by a faulty CrowdStrike update has brought renewed attention to the cybersecurity firm’s dominant market position and its controversial role in the 2016 Democratic National Committee (DNC) “RussiaGate” hacking investigation.
The Financial Times reports that CrowdStrike, a leading cybersecurity company protecting 29,000 clients globally, recently caused widespread system crashes across various industries worldwide due to a faulty update pushed to its Falcon Sensor product for Microsoft users. This incident has affected a number of sectors, including airlines, trains, banks, and broadcasters, highlighting the far-reaching consequences of a single point of failure in the increasingly interconnected global IT infrastructure.
The exact number of affected customers remains unclear, but reports indicate that the issue is widespread, spanning Asia, Europe, and the United States. Many users have encountered the infamous “blue screen of death,” rendering their systems inoperable. While CrowdStrike and affected companies claim to have deployed a fix, initial reports suggest that the recovery process is both manual and complex, potentially leading to a time-consuming restoration of crashed PCs.
This global outage has brought renewed scrutiny to the concentration of power within the cybersecurity industry. According to SecurityScorecard, just 15 companies worldwide account for 62 percent of the market in cybersecurity products and services. The situation is even more pronounced in the modern endpoint security sector, where three companies – with Microsoft and CrowdStrike being the largest – controlled half the market last year, as reported by IDC.
The incident has also reignited discussions about CrowdStrike’s prominent role in the investigation of the alleged Russian hacking of the Democratic National Committee (DNC) during the 2016 U.S. presidential election. Breitbart News reported in 2017 that CrowdStrike, founded by experts George Kurtz and Dmitri Alperovitch, was contracted by the DNC to investigate a suspected breach of its computer systems. The company’s “RussiaGate” findings, which attributed the hack to Russian state actors, became a cornerstone of subsequent investigations into foreign interference in the U.S. election process.
However, details about CrowdStrike’s financing and connections have raised questions about potential conflicts of interest. In 2015, the company received a significant $100 million investment led by Google Capital, now known as CapitalG, an arm of Alphabet Inc., Google’s parent company. This connection is notable given that Eric Schmidt, the chairman of Alphabet at the time, was a well-known supporter of Hillary Clinton and a long-time donor to the Democratic Party.
The relationship between CrowdStrike and the FBI during the DNC hack investigation has also come under scrutiny. According to a senior law enforcement official quoted by CNN, the DNC “rebuffed” the FBI’s request to directly examine its servers after the alleged hacking. Instead, the FBI relied on CrowdStrike’s assessment that Russian agents were likely responsible for the breach. This decision led to “significant delays and inhibited the FBI from addressing the intrusion earlier,” according to the official.
Adding to the controversy, Eric Walker, the DNC’s deputy communications director, contradicted the FBI’s claim, stating that the agency never requested access to the servers. This discrepancy has fueled debate about the thoroughness of the investigation and the reliance on third-party assessments in high-profile cybersecurity cases.
CrowdStrike’s co-founder, Dmitri Alperovitch, a Russian expatriate, has been central to the company’s findings. According to an Esquire profile, Alperovitch discovered the alleged Russian breach when one of his analysts installed proprietary software on the DNC’s system. The company identified two separate groups of intruders, dubbed “Cozy Bear” and “Fancy Bear,” which they linked to Russian intelligence services.
The decision to go public with the findings was reportedly made at the DNC’s request, coinciding with manufactured concerns about former President Donald Trump’s relationship with Russia during the 2016 campaign. This timing has led some to question the political implications of the announcement.
CrowdStrike’s connections extend beyond Google and the DNC. Shawn Henry, the company’s president of services, is a retired executive assistant director of the FBI. Additionally, in April 2016, CrowdStrike’s General Counsel and Chief Risk Officer, Steven Chabinsky, was appointed to President Obama’s White House Commission on Enhancing National Cybersecurity.
These connections have raised questions about the potential for conflicts of interest in the cybersecurity industry, especially when dealing with politically sensitive investigations. In a PBS interview, Alperovitch was directly asked about potential conflicts, given CrowdStrike’s work for the DNC. He maintained that the company’s reports were based on evidence unrelated to the DNC hack, linking Russian actors to military operations in eastern Ukraine.
Read more at the Financial Times here.
Lucas Nolan is a reporter for Breitbart News covering issues of free speech and online censorship.