What is Donald Trump Referring to When He Says “CrowdStrike”?
On Donald Trump’s now infamous phone call with Ukrainian President Volodymyr Zelenskyy, Trump states, “I would like you to find out what happened with this whole situation with Ukraine, they say Crowdstrike… I guess you have one of your wealthy people… The server, they say Ukraine has it…”
What was Trump referring to when he mentioned Crowdstrike? We’ve been getting three big questions from our community regarding Crowdstrike:
What or who is CrowdStrike?
Who is this “one of your wealthy people”?
What is the server the President Trump refers to?
Here is what we now know regarding these questions:
What or who is CrowdStrike?
CrowdStrike (CrowdStrike Holdings, Inc) is an American cybersecurity firm. The Democratic National Committee (DNC) brought in Crowdstrike to investigate the hack on their systems in 2016. CrowdStrike determined that there were two different attacks committed on the DNC. One in the Summer of 2015, ATP 29 (Advanced Persistent Threat 29). A separate attack, APT 28, was initiated in January-February 2016. CrowdStrike would later determine that both attacks originated from Russia.`
CrowdStrike gave APT 29 the nickname Cozy Bear and has said with a medium level of confidence that it is associated with the Russian Foreign Intelligence Service (SVR).
CrowdStrike gave APT 28 the nickname Fancy Bear and has said with a medium level of confidence that it is associated with the Russian military intelligence agency GRU. The UK Foreign and Commonwealth Office and security firms SecureWorks, ThreatConnect, and FireEye have also said the group responsible for the attacks is sponsored by the Russian government.
CrowdStrike is a U.S. Cybersecurity firm based in Sunnyvale California. Founded by George Kurtz and Dmitri Alperovitch. Alperovitch is a U.S. citizen born in Russia.
Who is this “one of your wealthy people”?
Crowd Strike founder Dmitri Alperovitch served as a senior fellow with the Washington D.C. based think tank The Atlantic Council. Alperovitch did research on misinformation and digital warfare.
Victor Pinchuk, described on the internet as “Ukrainian Oligarch”, is an outspoken critic of Russia. Forbes estimates his net worth at $1.4 billion. Pinchuk has also done some work with The Atlantic Council. Websites specializing in conspiracy theories are connecting Pinchuk and Alperovitch and have expanded claims that Victor Pinchuk owns CrowdStrike. These sites go on to claim that Pinchuk was pulling the strings behind the scenes of the DNC hacking investigation and had a server stolen from the DNC.
CrowdStrike is a publicly traded company (Nasdaq CRWD), and there are no SEC filings listing Victor Pinchuk as an owner of more than 5%. Additionally the only institutional holders of more than 5% is The Vanguard group and T. Rowe Price. CrowdStrike has a market capitalization north of $13 billion. Far in excess of what Forbes estimates Pinchuk’s net worth.
As a side note CRWD was up 11% at close of market Monday. Presumably, this is due in part to the additional press coverage.
What is the server that President Trump refers to?
The dark corners of the internet speculate that there was a missing server from the DNC hack. The hack involved 140 cloud-based servers, and they were all decommissioned in 2016. There was no single server that was, stolen in the dead of night and smuggled to the Ukraine. This unfounded theory was based on a fundamental misunderstanding of both the technology involved and the firm involved.
We hope that is useful in better understanding one small component of a complicated set of issues. We welcome your comments.
References
https://www.us-cert.gov/sites/default/files/publications/JAR_16-20296A_GRIZZLY%20STEPPE-2016-1229.pdf
https://www.foxnews.com/politics/trump-official-says-wh-lawyers-directed-moving-ukraine-call-transcript-to-secure-system
https://www.cnn.com/2019/09/25/politics/donald-trump-ukraine-transcript-call/index.html
https://www.npr.org/2019/09/27/765186504/what-the-cybersecurity-company-crowdstrike-has-to-do-with-the-trump-ukraine-matt
https://www.crowdstrike.com/blog/who-is-fancy-bear/
https://www.crowdstrike.com/blog/who-is-cozy-bear/
This is how it looked on Linkedin
https://www.linkedin.com/pulse/what-donald-trump-referring-when-he-says-crowdstrike-trevor-vernon/