One Article Review
| Source |  Errata Security |
|---|---|
| Identifiant | 1363510 |
| Date de publication | 2019-09-26 13:24:44 (vue: 2019-09-26 20:06:54) |
| Titre | CrowdStrike-Ukraine Explained |
| Texte | Trump's conversation with the President of Ukraine mentions "CrowdStrike". I thought I'd explain this.What was said?This is the text from the conversation covered in this“I would like you to find out what happened with this whole situation with Ukraine, they say Crowdstrike... I guess you have one of your wealthy people... The server, they say Ukraine has it.”Personally, I occasionally interrupt myself while speaking, so I'm not sure I'd criticize Trump here for his incoherence. But at the same time, we aren't quite sure what was meant. It's only meaningful in the greater context. Trump has talked before about CrowdStrike's investigation being wrong, a rich Ukrainian owning CrowdStrike, and a "server". He's talked a lot about these topics before.Who is CrowdStrike?They are a cybersecurity firm that, among other things, investigates hacker attacks. If you've been hacked by a nation state, then CrowdStrike is the sort of firm you'd hire to come and investigate what happened, and help prevent it from happening again.Why is CrowdStrike mentioned?Because they were the lead investigators in the DNC hack who came to the conclusion that Russia was responsible. The pro-Trump crowd believes this conclusion is false. If the conclusion is false, then it must mean CrowdStrike is part of the anti-Trump conspiracy.Trump always had a thing for CrowdStrike since their first investigation. It's intensified since the Mueller report, which solidified the ties between Trump-Russia, and Russia-DNC-Hack.Personally, I'm always suspicious of such investigations. Politics, either grand (on this scale) or small (internal company politics) seem to drive investigations, creating firm conclusions based on flimsy evidence. But CrowdStrike has made public some pretty solid information, such as BitLy accounts used both in the DNC hacks and other (known) targets of state-sponsored Russian hackers. Likewise, the Mueller report had good data on Bitcoin accounts. I'm sure if I looked at all the evidence, I'd have more doubts, but at the same time, of the politicized hacking incidents out there, this seems to have the best (public) support for the conclusion.What's the conspiracy?The basis of the conspiracy is that the DNC hack was actually an inside job. Some former intelligence officials lead by Bill Binney claim they looked at some data and found that the files were copied "locally" instead of across the Internet, and therefore, it was an insider who did it and not a remote hacker.I debunk the claim here, but the short explanation is: of course the files were copied "locally", the hacker was inside the network. In my long experience investigating hacker intrusions, and performing them myself, I know this is how it's normally done. I mention my own experience because I'm technical and know these things, in contrast with Bill Binney and those other intelligence officials who have no experience with such things. He sounds impressive that he's formerly of the NSA, but he was a mid-level manager in charge of budgets. Binney has never performed a data breach investigation, has never performed a pentest.There's other parts to the conspiracy. In the middle of all this, a DNC staffer was murdered on the street, possibley due to a mugging. Naturally this gets included as part of the conspiracy, this guy ("Seth Rich") must've been the "insider" in this attack, and mus |
| Envoyé | Oui |
| Condensat | 2017 2017trump 2020 :everyone @realdonaldtrump about abuse access accounts across actually after again against ago agrees all also always american among android angle anti any anything app appears april are areas aren arm armed around articles artillery asset attack attacks back bank based basis because become been before behind being believe believes best between big bill billions binney bitcoin bitly bogus both breach budgets but buying came can capitalists case caused certainly charge cia cites civil claim come communicating company competence competency complicated computer conclusion conclusions conclusionthe conflict connection conspiracies conspiracy context contrast control controlling conversation convince copied copy country couple course cover covered creating crimea criminal criminals criticism criticize crowd crowdstrike cyber cybersecurity cyberwar damage data debate debunk debunked details did disagreed disagrees disgraceful disk dnc does dollars don donald done doubts drive due eastern either election email errors ever every everyone everything evidence example exist experience explain explained explains explanation extremely false far fbi feeds field fighting files find firm firms first flimsy forces forefront forfeiture form former formerly forums found frequently from front general get gets give going good google got government grabbed grand greater grid ground guess guy hack hacked hacker hackers hacking hacks had hangs happened happening has hates have help here hillary him himself hire his how illegitimate image imaged impeached important impressive incident incidents included includes including incoherence indeed information inside insider instead intelligence intensified internal internet interrupt intrusions investigate investigated investigates investigating investigation investigations investigator investigators investment involved involving is: its job john judged july just know known knows largely last lead leading level like likewise list locally long looked loses lot lots loyalty made mainstream major manager many mean meaningful means meant media memory men mention mentioned mentions mid middle minorities mishandled misses moment more most mostly much mueller mugging multiple murdered must myself narrative nation naturally need network never nobody nopetya normally not nothing notpetya nsa numerous obsessed obviously occasional occasionally occupation occupies officially officials oligarchs once one only other others otherwise out outright overstated own owning owns part particular parts pentest people performed performing person personally persons physically podesta point point: politicized politics possibley postulate power president pretty prevent private pro proving public pulled punishment putin quite rather read really refused relied remote report reporting reports responsible rewards rich rock russia russian russians said same say scale scenes second secretly seem seems separatists server servers seth short should side since single situation small solid solidified some somebody sort sounds speaking specific specifics sponsored spouting staffer state steals street strong subtle successfully such support sure surrounds suspected suspicious take talked talking talks targets technical tell text than that them then theories theorists theory there therefore these thing things this“i thoroughly those thought thus ties time times tl;dr top topics tower troublesome trump truth trying twice ukraine ukrainian underreported unknown unofficially used useless venture victim victimizes virus/worm want way wealthy weapons what when which who whole wholly why will work working world would wouldn wrong year years you your zero ”personally |
| Tags | Data Breach Hack Guideline |
| Stories | NotPetya |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.