CrowdStrike

CrowdStrike

File:CrowdStrike logo.png
Industry	Information security
Founded	2011
Founders	George Kurtz, Dmitri Alperovitch
Headquarters	Sunnyvale, California
Key people	George Kurtz, CEO Dmitri Alperovitch, CTO
Products	Falcon Endpoint Protection, Falcon Intelligence, Falcon Overwatch and Falcon DNS
Parent	CrowdStrike Holdings, Inc.
Website	crowdstrike.com

CrowdStrike, Inc. is an American cybersecurity technology company based in Sunnyvale, California, and a wholly owned subsidiary of CrowdStrike Holdings, Inc. The company provides endpoint security, threat intelligence, and incident response services to customers in more than 170 countries.^[1][2] The company has been involved in countermeasure efforts to several high-profile cyber-attacks, including the Sony Pictures hack,^[3] the 2016 Democratic National Committee email leak, and the Democratic National Committee cyber attacks.^[4]

History

CrowdStrike was co-founded by entrepreneur George Kurtz (CEO),^[5][6] Dmitri Alperovitch (CTO),^[7] and Gregg Marston (CFO, retired). In 2012, Shawn Henry, a former Federal Bureau of Investigation (FBI) executive who led both the FBI's criminal and cyber divisions, was hired to lead sister company CrowdStrike Services, Inc., which is focused on proactive and incident response services.^[8]

The company gained recognition for providing threat intelligence and attribution to nation state actors^[9] conducting economic espionage and IP theft. This includes the outing of state-sponsored Chinese group, Putter Panda, linked to China's spying on United States defense and European satellite and aerospace industries.^[10] In May 2014, supported by CrowdStrike's reports, the United States Department of Justice charged five Chinese military hackers for economic cyber espionage against United States corporations. Similarly, the firm is known for uncovering the activities of Energetic Bear, an adversary group with a nexus to the Russian Federation that conducts intelligence operations against a variety of global victims with a primary focus on the energy sector.

Following the very public Sony Pictures hack, CrowdStrike produced attribution to the government of North Korea within 48 hours and demonstrated how the attack was carried out step-by-step.^[11] On May 2015, the company released Researcher Jason Geffner's discovery of VENOM, a critical flaw in open source hypervisor called Quick Emulator (QEMU),^[12] which is used in a number of common virtualization products.

In 2013, the company launched the Falcon software platform, a technology that stops breaches by combining next-generation antivirus, endpoint detection and response, and proactive hunting. In 2014, CrowdStrike was instrumental in identifying members of PLA Unit 61486 as the perpetrators of a number of cyberattacks on U.S. infrastructure.^[13][14]

In July 2015, Google invested in the company's Series C funding round, which in total raised $100 million. To date, CrowdStrike has achieved total funding of $256 million, with estimated annual revenue of $100 million and valuation more than $1 billion.^[15] Investors include Telstra, March Capital Partners, Rackspace, Accel Partners and Warburg Pincus.^[16][17] According to the company, its customers include three of the 10 largest global companies by revenue, five of the 10 largest financial institutions, three of the top 10 health care providers, and three of the top 10 energy companies.^[18]

In 2016, the company was ranked #40 on the Deloitte Fast 500 North America list.^[19]

Russian hacking investigations

CrowdStrike has figured prominently in the Democratic National Committee cyber attacks and the attribution of those attacks to Russian intelligence services. On March 20, 2017 during testimony before congress, James Comey stated "CrowdStrike, Mandiant, and ThreatConnect review[ed] the evidence of the hack and conclude[d] with high certainty that it was the work of APT 28 and APT 29 who are known to be Russian intelligence services."^[20] However, the FBI did not independently verify these findings because the DNC refused to give the FBI access to the server.^[21]

In December 2016, CrowdStrike released a report^[22] stating that Russian government-affiliated group Fancy Bear had hacked a Ukrainian artillery app. They erroneously concluded that Russia had used the hack to cause large losses to Ukrainian artillery units. The app (called ArtOS) is installed on tablet PCs and used for fire-control.^[23] The earliest version of the app (supported until 2015) was called POPR-D30 and installed on Android phones and tablets. CrowdStrike found a hacked variation of POPR-D30 being distributed on Ukrainian military forums that utilized an X-Agent implant. However, they failed to show that the hacked variation of POPR-D30 was actually installed by any Ukrainian soldiers.^[24][25]

The International Institute for Strategic Studies, whose data on Ukrainian D30 howitzer losses was misused by CrowdStrike in their report, rejected CrowdStrike's assessment of hacking causing losses to Ukrainian artillery units. The Ukrainian Ministry of Defense also rejected the CrowdStrike report, stating that actual artillery losses were "several times smaller than the number reported by [CrowdStrike] and are not associated with [Russian hacking]".^[26]

Cybersecurity firm Secureworks discovered a list of email addresses targeted by Fancy Bear in phishing attacks.^[27] The list included the email address of Yaroslav Sherstyuk, the developer of ArtOS.^[28] However, there is no evidence that they succeeded in hacking Sherstyuk's email.

Industry recognition

• Deloitte 2016 Technology Fast 500(TM) Ranking^[29]
• INC 500, 2016^[30]
• MIT Technology Review’s World’s 50 Most Innovative Companies, 2013^[31]
• SC Magazine, 2016 Best Security Company Finalist, 2016^[32]
• CRN Magazine 2014 and 2015 Top Emerging Vendors^[33]
• Dark Reading’s 20 Most Disruptive Startups to Watch, 2015^[34]

References

1. "CrowdStrike About Us Page". 2016. Retrieved 9 June 2016.
2. "CrowdStrike's security software targets bad guys, not their malware". TechRepublic.
3. "CrowdStrike demonstrates how attackers wiped the data from the machines at Sony". International Data Group. 2015. Retrieved 9 June 2016.
4. "Clinton campaign — and some cyber experts — say Russia is behind email release". The Washington Post. 24 July 2016.
5. George Kurtz, President/CEO & co-founder of CrowdStrike
6. "Standing up at the gates of hell: CrowdStrike CEO George Kurtz". Fortune. 29 July 2015.
7. Dmitri Alperovitch, Co-Founder and CTO of CrowdStrike
8. Messmer, Ellen. "Top FBI cyber cop joins startup CrowdStrike to fight enterprise intrusions". Network World.
9. "U.S. firm CrowdStrike claims success in deterring Chinese hackers". Reuters. 13 April 2015. Retrieved 14 June 2016.
10. Perlroth, Nicole (9 June 2014). "2nd China Army Unit Implicated in Online Spying". The New York Times. ISSN 0362-4331. Retrieved 14 June 2016.
11. "What's in a typo? More evidence tying North Korea to the Sony hack". PCWorld. Retrieved 14 June 2016.
12. "'Venom' vulnerability: Serious computer bug shatters cloud security". Fortune. 13 May 2015. Retrieved 14 June 2016.
13. Perlroth, Nicole (9 June 2014). "2nd China Army Unit Implicated in Online Spying". The New York Times. Retrieved 9 June 2014.
14. "Second China unit accused of cyber crime". Financial Times. 10 June 2014. Retrieved 10 June 2014.
15. Hackett, Robert. (May 17, 2017). "Hack Investigator CrowdStrike Reaches $1 Billion Valuation". Fortune website Retrieved 9 June 2017.
16. Miller, Ron. "Security Company CrowdStrike Scores $100M Led By Google Capital". TechCrunch.
17. "CrowdStrike - Warburg Pincus".
18. "Why Use CrowdStrike for Your Endpoint Protection". www.crowdstrike.com. Retrieved 14 June 2016.
19. "2016 Winners by rank" (PDF). Deloitte. Retrieved 31 October 2017.
20. https://www.washingtonpost.com/news/post-politics/wp/2017/03/20/full-transcript-fbi-director-james-comey-testifies-on-russian-interference-in-2016-election/ Retrieved 2017-05-22.
21. DNC denied FBI's request for access to the hacked server: The Hill
22. "Danger Close: Fancy Bear Tracking of Ukrainian Field Artillery Units". 22 December 2016.
23. Noosphere engineering school (31 October 2015). "New brainchild of engineering school was tested by the armed forces". noosphereengineering.com. Retrieved 28 December 2017. {{cite web}}: Cite has empty unknown parameter: |dead-url= (help)
24. Carr, Jeffrey (3 January 2017). "The GRU-Ukraine artillery hack that may never have happened". Medium. Retrieved 8 February 2018. {{cite web}}: Cite has empty unknown parameter: |dead-url= (help)
25. Boldi (3 January 2017). "Technical details on the Fancy Bear Android malware (poprd30.apk)". Laboratory of Cryptography and System Security, Budapest University of Technology and Economics. Retrieved 8 February 2018. {{cite web}}: Cite has empty unknown parameter: |dead-url= (help)
26. Kuzmenko, Oleksiy (23 March 2017). "Think Tank: Cyber Firm at Center of Russian Hacking Charges Misread Data". Voice of America. Retrieved 20 December 2017. {{cite news}}: Cite has empty unknown parameter: |dead-url= (help)
27. Secureworks counter threat unit threat intelligence (26 June 2016). "Threat Group-4127 targets Google accounts". Secureworks. Retrieved 8 February 2018. {{cite web}}: Cite has empty unknown parameter: |dead-url= (help)
28. Miller, Christopher (2 November 2017). "'Fancy Bear Tried To Hack E-Mail Of Ukrainian Making Artillery-Guidance App'". RadioFreeEurope. Retrieved 8 February 2018. {{cite news}}: Cite has empty unknown parameter: |dead-url= (help)
29. "2016 Technology Fast 500 award winners | Deloitte US". Deloitte United States. Retrieved 19 March 2017.
30. "INC. 500". 2016. Retrieved 24 August 2016.
31. "MIT Technology Review's World's 50 Most Innovative Companies". 2015. Retrieved 8 June 2016.
32. "SC Magazine, 2016 Best Security Company Finalist". 2016. Retrieved 8 June 2016.
33. "CRN Magazine 2014 and 2015 Top Emerging Vendors". 2015. Retrieved 8 June 2016.
34. "Dark Reading's 20 Most Disruptive Startups to Watch". 2015. Retrieved 8 June 2016.

Further reading

• The New York Times
• Network World
• Fortune (video news report)

External links

• Official website