Send a Tweet
Most Popular Choices
Share on Facebook 104 Share on Twitter 10 Printer Friendly Page More Sharing
OpEdNews Op Eds    H3'ed 1/3/17

Why Crowdstrike's Russian Hacking Story Fell Apart--Say Hello to Fancy Bear

By       (Page 1 of 9 pages)   47 comments
Follow Me on Twitter     Message George Eliason
Become a Fan
  (60 fans)

Intel Network Graph
Intel Network Graph
(Image by George Eliason)
  Details   DMCA

In the wake of the JAR-16-20296 dated December 29, 2016, about hacking and influencing the 2016 election, the need for real evidence is clear. The joint report adds nothing substantial to the October 7th report. It relies on proofs provided by the cyber-security firm Crowdstrike that is clearly not on par with intelligence findings or evidence. At the top of the report is an "as is" statement showing this.

The difference between Dmitri Alperovitch's claims, which are reflected in JAR-1620296, and this article is that enough evidence is provided to warrant an investigation of specific parties for the DNC hacks. The real story involves specific anti-American actors that need to be investigated for real crimes.

For instance, the malware used was an out-dated version just waiting to be found. It makes it easier when it's an old known version. Another interesting point is that the Russian malware called Grizzly Steppe is from Ukraine . How did Crowdstrike miss this when it's their business to know

Later in this article, you'll meet and know a little more about the real "Fancy Bear and Cozy Bear." The bar for identification set by has never been able to get beyond words like probably, may be, could be, or should be in their attribution.

The article is lengthy because the facts need to be in one place. The bar Dimitri Alperovitch set for identifying the hackers involved is that low. Other than asking America to trust them, how many solid facts has Alperovitch provided to back his claim of Russian involvement?

The December 29th JAR adds a flowchart that shows how a basic phishing hack is performed. It doesn't add anything substantial beyond that. Noticeably, they use both their designation APT 28 and APT 29 as well as the CrowdStrike labels of Fancy Bear and Cozy Bear separately.

This is important because information from outside intelligence agencies has the value of rumor or unsubstantiated information at best according to policy. Usable intelligence needs to be free from partisan politics and verifiable. Intel agencies noted back in the early '90s that every private actor in the information game was radically political.

The article about Russia hacking the electric grid is a perfect example of why this intelligence is political and not taken seriously. If any proof of Russian involvement existed, the US would be at war. Under current laws of war, there would be no difference between an attack on the power grid or a missile strike.

According to the Hill, "Private security firms provided more detailed forensic analysis, which the FBI and DHS said Thursday correlated with the IC's findings.

"The Joint Analysis Report recognizes the excellent work undertaken by security companies and private-sector network owners and operators, and provides new indicators of compromise and malicious infrastructure identified during the course of investigations and incident response," read a statement. The report identifies two Russian intelligence groups already named by CrowdStrike and other private security firms.

In an interview with Washington's blog, William Binney, the creator of the NSA global surveillance system, said, "I expected to see the IPs or other signatures of APT's 28/29 [the entities which the U.S. claims hacked the Democratic emails] and where they were located and how/when the data got transferred to them from DNC/HRC [i.e., Hillary Rodham Clinton]/etc. They seem to have been following APT 28/29 since at least 2015, so, where are they?"

According to the latest Washington Post story, CrowdStrike's CTO tied a group his company dubbed "Fancy Bear" to targeting Ukrainian artillery positions in Debaltsevo as well as across the Ukrainian civil war front for the past 2 years.

Alperovitch states in many articles the Ukrainians were using an Android app to target the self-proclaimed Republics' positions and that hacking this app was what gave targeting data to the armies in Donbass instead.

Next Page  1  |  2  |  3  |  4  |  5  |  6  |  7  |  8  |  9

(Note: You can view every article as one long page if you sign up as an Advocate Member, or higher).

Must Read 4   News 2   Supported 1  
Rate It | View Ratings

George Eliason Social Media Pages: Facebook page url on login Profile not filled in       Twitter page url on login Profile not filled in       Linkedin page url on login Profile not filled in       Instagram page url on login Profile not filled in

George Eliason is an American journalist that lives and works in Donbass. He has been interviewed by and provided analysis for RT, the BBC, and Press-TV. His articles have been published in the Security Assistance Monitor, Washingtons Blog, (more...)

Go To Commenting
The views expressed herein are the sole responsibility of the author and do not necessarily reflect those of this website or its editors.
Writers Guidelines

Contact AuthorContact Author Contact EditorContact Editor Author PageView Authors' Articles
Support OpEdNews

OpEdNews depends upon can't survive without your help.

If you value this article and the work of OpEdNews, please either Donate or Purchase a premium membership.

If you've enjoyed this, sign up for our daily or weekly newsletter to get lots of great progressive content.
Daily Weekly     OpEd News Newsletter
   (Opens new browser window)

Most Popular Articles by this Author:     (View All Most Popular Articles by this Author)

The Nazis Even Hitler Was Afraid of

Odessa-- the First Pogrom-- The Obama Genocide

Ukraine: Notes from the Southeast

Ukraine without Borders: Should Obama Sanction the UN?

Ukraine- Kiev's Genocide: What's Happening in Slovyansk

Ukraine -- Kievs War | The Heroes of Novo Russia

To View Comments or Join the Conversation:

Tell A Friend