Power of Story
Send a Tweet        
- Advertisement -

Share on Google Plus Share on Twitter 10 Share on Facebook 2 Share on LinkedIn Share on PInterest Share on Fark! Share on Reddit Share on StumbleUpon Tell A Friend 1 (13 Shares)  

Printer Friendly Page Save As Favorite View Favorites (# of views)   47 comments
OpEdNews Op Eds

Why Crowdstrike's Russian Hacking Story Fell Apart--Say Hello to Fancy Bear

By   Follow Me on Twitter     Message George Eliason     Permalink
      (Page 1 of 9 pages)
Related Topic(s): ; ; ; ; ; ; ; ; ; ; (more...) , Add Tags  (less...) Add to My Group(s)

Must Read 4   News 2   Supported 1  
View Ratings | Rate It

opednews.com Headlined to H3 1/3/17

Author 58313
Become a Fan
  (55 fans)
- Advertisement -

Intel Network Graph
Intel Network Graph
(Image by George Eliason)
  Permission   Details   DMCA

- Advertisement -

In the wake of the JAR-16-20296 dated December 29, 2016, about hacking and influencing the 2016 election, the need for real evidence is clear. The joint report adds nothing substantial to the October 7th report. It relies on proofs provided by the cyber-security firm Crowdstrike that is clearly not on par with intelligence findings or evidence. At the top of the report is an "as is" statement showing this.

The difference between Dmitri Alperovitch's claims, which are reflected in JAR-1620296, and this article is that enough evidence is provided to warrant an investigation of specific parties for the DNC hacks. The real story involves specific anti-American actors that need to be investigated for real crimes.

For instance, the malware used was an out-dated version just waiting to be found. It makes it easier when it's an old known version. Another interesting point is that the Russian malware called Grizzly Steppe is from Ukraine . How did Crowdstrike miss this when it's their business to know

- Advertisement -

Later in this article, you'll meet and know a little more about the real "Fancy Bear and Cozy Bear." The bar for identification set by has never been able to get beyond words like probably, may be, could be, or should be in their attribution.

The article is lengthy because the facts need to be in one place. The bar Dimitri Alperovitch set for identifying the hackers involved is that low. Other than asking America to trust them, how many solid facts has Alperovitch provided to back his claim of Russian involvement?

The December 29th JAR adds a flowchart that shows how a basic phishing hack is performed. It doesn't add anything substantial beyond that. Noticeably, they use both their designation APT 28 and APT 29 as well as the CrowdStrike labels of Fancy Bear and Cozy Bear separately.

This is important because information from outside intelligence agencies has the value of rumor or unsubstantiated information at best according to policy. Usable intelligence needs to be free from partisan politics and verifiable. Intel agencies noted back in the early '90s that every private actor in the information game was radically political.

The Hill.com article about Russia hacking the electric grid is a perfect example of why this intelligence is political and not taken seriously. If any proof of Russian involvement existed, the US would be at war. Under current laws of war, there would be no difference between an attack on the power grid or a missile strike.

According to the Hill, "Private security firms provided more detailed forensic analysis, which the FBI and DHS said Thursday correlated with the IC's findings.

- Advertisement -

"The Joint Analysis Report recognizes the excellent work undertaken by security companies and private-sector network owners and operators, and provides new indicators of compromise and malicious infrastructure identified during the course of investigations and incident response," read a statement. The report identifies two Russian intelligence groups already named by CrowdStrike and other private security firms.

In an interview with Washington's blog, William Binney, the creator of the NSA global surveillance system, said, "I expected to see the IPs or other signatures of APT's 28/29 [the entities which the U.S. claims hacked the Democratic emails] and where they were located and how/when the data got transferred to them from DNC/HRC [i.e., Hillary Rodham Clinton]/etc. They seem to have been following APT 28/29 since at least 2015, so, where are they?"

According to the latest Washington Post story, CrowdStrike's CTO tied a group his company dubbed "Fancy Bear" to targeting Ukrainian artillery positions in Debaltsevo as well as across the Ukrainian civil war front for the past 2 years.

Alperovitch states in many articles the Ukrainians were using an Android app to target the self-proclaimed Republics' positions and that hacking this app was what gave targeting data to the armies in Donbass instead.

Next Page  1  |  2  |  3  |  4  |  5  |  6  |  7  |  8  |  9

 

- Advertisement -

Must Read 4   News 2   Supported 1  
View Ratings | Rate It

George Eliason is an American journalist that lives and works in Donbass. He has been interviewed by and provided analysis for RT, the BBC, and Press-TV. His articles have been published in the Security Assistance Monitor, Washingtons Blog, (more...)
 

Share on Google Plus Submit to Twitter Add this Page to Facebook! Share on LinkedIn Pin It! Add this Page to Fark! Submit to Reddit Submit to Stumble Upon



Go To Commenting
/* The Petition Site */
The views expressed in this article are the sole responsibility of the author and do not necessarily reflect those of this website or its editors.

Writers Guidelines

Contact AuthorContact Author Contact EditorContact Editor Author PageView Authors' Articles
- Advertisement -

Most Popular Articles by this Author:     (View All Most Popular Articles by this Author)

The Nazis Even Hitler Was Afraid of

Ukraine: Notes from the Southeast

Odessa-- the First Pogrom-- The Obama Genocide

Ukraine- Kiev's Genocide: What's Happening in Slovyansk

Ukraine -- Kievs War | The Heroes of Novo Russia

Zaporozhye Nuclear Problem may be even Scarier