CrowdStrike, The DNC’s Security Firm, Was Under Contract With The FBI
Claims of “Russian interference” have been ubiquitous in U.S. political discourse for almost a full year now; these often amount to a melange of allegations ranging from “hacking” to “influence campaigns” to “online trolls” sent by the Kremlin to harangue unsuspecting Midwestern voters. “Hacking,” however, remains the centerpiece of the narrative — the idea that Russian state actors “hacked” the Democratic National Committee and exfiltrated emails is routinely cited as the centerpiece of the overall “interference” thesis. After the alleged hacking, the DNC retained a private security firm — CrowdStrike — which made the determination that the Russian government was responsible, setting into motion a chain of Russia-related events that continue to unfold even now.
TYT can report that at the same time CrowdStrike was working on behalf of the DNC, the company was also under contract with the FBI for unspecified technical services. According to a US federal government spending database, CrowdStrike’s “period of performance” on behalf of the FBI was between July 2015 and July 2016. CrowdStrike’s findings regarding the DNC server breach — which continue to this day to be cited as authoritative by everyone from former FBI Director James Comey, to NBC anchor Megyn Kelly — were issued in June 2016, when the contract was still active.
Last week at a forum with Vladimir Putin, Kelly listed all the authoritative American entities which she claimed have corroborated the conclusion that Russian state actors “interfered” in the 2016 presidential election. (Notwithstanding its vagueness and imprecision, the term “interference” has come to be the standard term American media personalities invoke when seeking to describe how “Russians” maliciously undermined the sanctity of the 2016 US election process.) Querying Putin, Kelly repeated the canard that “17 intelligence agencies” had all independently concluded that Russia indeed “interfered” — whatever that means, exactly. She then continued: “Even private, non-partisan security firms say the same… that Russia interfered with the US election.”
The most prominent “private, non-partisan security firm” is CrowdStrike, and despite Kelly’s use of the term “non-partisan” to describe the firm, its fiduciary relationship with the DNC suggests otherwise. As the journalist Yasha Levine wrote in The Baffler,
Far from establishing an airtight case for Russian espionage, CrowdStrike made a point of telling its DNC clients what it already knew they wanted to hear: after a cursory probe, it pronounced the Russians the culprits. Mainstream press outlets, primed for any faint whiff of great-power scandal and poorly versed in online threat detection, likewise treated the CrowdStrike report as all but incontrovertible.
In April 2016, two months before the June report was issued, former President Barack Obama appointed Steven Chabinsky, “general counsel and Chief Risk officer” for CrowdStrike, to a presidential “Commission for Enhancing Cybersecurity,” further demonstrating CrowdStrike’s intermingling with powerful Democratic Party factions.
Neither the FBI nor CrowdStrike responded to requests for comment on the nature of the services provided. As of yet, the only entity known to receive primary access to the DNC servers is CrowdStrike. At a Senate Intelligence Committee hearing in January, Comey testified that the FBI had been denied access to the servers by the DNC after repeated requests. And unnamed FBI officials told reporters, “The FBI repeatedly stressed to DNC officials the necessity of obtaining direct access to servers and data, only to be rebuffed until well after the initial compromise had been mitigated.”
Comey’s long-awaited Congressional testimony on Thursday may provide additional insight into the FBI’s reliance on the firm.
Effectively, information that is now central to massively consequential geopolitical disputes has been “privatized“ and held exclusively by a profit-seeking entity. CrowdStrike’s findings continue to be repeated by journalists and politicians with unflinching certainty — despite the fact that it was forced to retract a central element of another report involving related malware attribution, raising doubts about the reliability of its DNC conclusions. As Jeffrey Carr, a security researcher who has been critical of CrowdStrike’s methods, told me: “The foundation of placing the blame on Russia was false.”
Power to determine world events is increasingly being concentrated in the hands of a tiny group of self-proclaimed “experts” who aren’t accountable to the public, but to clients and investors. CrowdStrike, evidently benefitting from the surge in PR, announced last month that it had been valued at one billion dollars.