Pravy Sektor Hackers and Crowdstrike?
The only thread that holds the DNI report together at first glance is the false testimony and fake evidence Crowdstrike and Dmitri Alperovitch provided to the FBI and other agencies involved. When you look at the evidence presented and the sources it becomes evident that the Russian hack story doesn’t stand up against Crowdstrike’s own facts.
By examining facts, timelines, and sources needed for the DNI report, the only conclusion is the DNI report is strictly political. Because of this Craig Murray- Julian Assange’s story showing the emails were leaked is the only version of the story that stands. The facts on hand show criminality and negligence on the part of Crowdstrike, the FBI, and the DNI.
The Murray and Assange story stands on evidence many heavyweights in the Intel community are backing up their account as the only way the emails could have gotten to Wiki Leaks.
The DNI report uses of information obtained by self-identifying Ukrainian neo-nazis (Pravy Sektor members). For US Intel to offer this proof of Russian involvement is really bizarre. While heading 17 Intel agencies, the DNI was not concerned enough about Russia hacking or influencing the 2016 election to look into. Why is it that during the 10 days following the election, James Clapper knew so little about the subject?
According to the Washington Times ” As recently as Nov. 17, James Clapper, the nation’s top intelligence officer, told Congress his agencies “don’t have good insight” into a direct link between WikiLeaks and the emails supposedly hacked by a Russian operation from Democrats and the Hillary Clinton campaign.”
But the FBI had it covered for months. James Comey, Director of the FBI is in charge of the domestic version of the CIA. According to the 2006 update of the Intelligence Reform and Terrorism Prevention Act of 2004, “the FBI’s job in the streets of the United States would thus be a domestic equivalent, operating under the U.S. Constitution and quite different laws and rules, to the job of the CIA’s operations officers abroad.
According to the FBI Director, “there are now 5,000 agents and 2,000 intelligence analysts” 41 in the branch.
It is our hope that open source will become an integral part of all intelligence activities (FBI) and that, at some point in the future, there may no longer be a need for a separate directorate.”
With this in mind, Comey could have and should have simply phoned the NSA and received all the information he needed, chose not to. The question is why? Comey could have asked any of over 2000 analysts to look into it. Why didn’t the Director of the domestic CIA request information?
“According to William Binney (former Technical Director, World Geopolitical & Military Analysis, NSA), the NSA’s “extensive domestic data-collection network,” any data removed remotely from Hillary Clinton or DNC servers would have passed over fiber networks and therefore would have been captured by the NSA who could have then analyzed packet data to determine the origination point and destination address of those packets.”
After spending time in the election spotlight this year the only way FBI Director James Comey could not know any information about the alleged hack is that he didn’t want to.
The FBI report is based solely on Crowdstrike’s evidence which has become a laughing stock across the cyber security industry. Cyber security professionals are standing up saying how laughable Dimitri Alperovitch’s information is. For there to be any evidence of a hack, the DNI report has to use the FBI report and Crowdstrike’s evidence. This includes the tool X-Agent.
X-Agent was a key proof for Crowdstrike. In the NPR interview with Judy Woodruff, Crowdstrike’s CTO, Dimitri Alperovitch says the use of X-agent shows guilt as clearly as DNA results. This proof, according to him is unique to a single hacker group. Crowdstrike labeled this hacker group “Fancy Bear.” Just as important is the timeline it was used in.
According to Marcy Wheeler, Crowdstrike’s story of a Russian hacker falls apart on this point. Part of the problem is that Alperovitch stated his final undeniable and overwhelming proof was that it was used to target Ukrainian artillerymen throughout 2014. She argues given that timeline, the GRU, X-Agent had to be in development at least 6 months BEFORE Victor Yanukovych was ousted in a coup. Ukraine and Russia were on friendly terms.
Further, citing Jeffery Carr, X-Agent doesn’t have anywhere near the functionality that Crowdstrike claims it does. Carr goes on further to say two other entities have access to X-Agent which Crowdstrike presents as unique. The first is Crowdstrike itself. The second is the Ukrainian hacking group RUH8 which self-identifies with Pravy Sektor.
Pravy Sektor is a Ukrainian ultra-nationalist group that has been noted for torture, murder, kidnapping, and has been trying to start a war with Russia since the beginning of the Ukrainian civil war. Because of this, the Russian GRU can’t be implicated. The tool is in too many hands that want to do Russia harm. Crowdstrike has it. The neo-nazi Ukrainian hackers have it. The Atlantic Council may have it.
Carr said that 3 groups have it. This is based on the assumption that the DNC was hacked by Russians. There are literally only 2 groups that are known to have the X-Agent tool, Crowdstrike and Ukraine’s neo-nazi hackers that are part of Ukraine’s Intelligence Agency.
Wheeler goes further by saying Crowdstrike named the hacker before any evidence was developed. The hacker was the Russian GRU according to Alperovitch. After naming them without proof, Crowdstrike started searching for proof that the X-Agent could have been used by the Russian GRU. That was when Alperovitch’s most solid proof appeared. He claimed the Russians used the tool to spot Ukrainian artillery.
Crowdstrike never contacted the developer of the app they claimed was hacked over the course of 6 months. Crowdstrike claimed artillerymen downloaded the app that got hacked from a forum. But, according to the app developer, he had control over it all the way to end user. There was no chance for it to be hacked like Crowdstrike insists.
According to cyber security Jeffrey Carr “The Android APK malware doesn’t use GPS nor does it ask for GPS location information from the infected phone or tablet. That’s a surprising design flaw for custom-made malware whose alleged objective was to collect and transmit location data on Ukrainian artillery to the GRU [Russian military intelligence – ed],” Carr explained in a Medium post.…Crowdstrike hasn’t provided any evidence that the malware-infected Android app was used by even a single Ukrainian soldier.”
That core information needed for the DNI report to prove Russian hacking was provided by Crowdstrike. When that information proved to be wrong, the DNI report is empty of facts. Ukrainian Intelligence’s OSINT group InformNapalm does not want to be associated with it, even though they have a strong relationship with Crowdstrike, it’s just that bad.
“I have little liking of the security industry as the guys in this business of fear are fearmongers, but CrowdStrike failed to keep to even the mediocre standards generally accepted in the industry. They start their report with a bold statement alleging that the Ukrainian Armed Forces lost up to 80% of all their D30 howitzers. The figure of 80% did not come from the International Institute for Strategic Studies, but was voiced by colonelcassad (Ed.: the nickname of a Russian propagaDNIst blogger). And even he, when blurting out this 80% figure then says it is not due to combat losses, but rather to a transfer of weapons from the Ukrainian Army to the National Guard.”
From an X-Agent user standpoint, he then asks where is the “tell” hashes, control centers, or infected phones?”
Crowdstrike’s best cyber security hack evidence is a Russian blogger? Crowdstrike’s claim that this malware caused 80% of the Ukrainian losses is rebuffed by the Ukrainians themselves. The Ukrainian Defense Ministry called Crowdstrike liars. Why would people who want to start a war between the USA and Russia walk away from Crowdstrike’s help?
Simply put, the evidence of a Russian hack came from Crowdstrike. The issue is so hot (it could start a war) that the Ukrainian government doesn’t want to be standing near Crowdstrike’s overly simple lies when the facts came out. The simple tech facts listed above show there was no Russian hacking at the DNC.
The fatal shot to Crowdstrike’s evidence of a Russian hack and the DNI report comes from a Chalupa. What’s a Chalupa you ask? In the first part of these articles covering Russian election hacking, you were introduced to Alexandra, Andrea, and Irene Chalupa. All of them are integral to starting and pushing a Russian hacking story into the mainstream press. After dealing with Crowdstrike’s evidence, they can’t get far enough away from the story.
Alexandra Chalupa was named one of 16 people that shaped the US election because of her Russian hacking tale. While trying to drum up anti-Russian sentiment and help with the election, they must have thought Crowdstrike would at least be able to come up with something credible. The Chalupas relationship to Crowdstrike and the Ukrainian hackers is detailed in that article.
The surprising move discredits Crowdstrike’s Russian hacking story in support of the Ukrainian Defense Ministry. Irene Chalupa, like Alperovitch, is a senior fellow at the Atlantic Council She also runs Ukrainian owned Stopfake.org.
Stopfake.org is an official propaganda channel for the Ukrainian government and unofficially for the Atlantic Council. Chalupa and her sisters have relationships with both Alperovitch and the Ukrainian hackers shown in the 1st Crowdstrike article.
Stopfake.org just started a local propaganda paper in the specific towns (Toretsk, Krasnogorovka, Maryanka, among others) listed in the 1st Crowdstrike article to re-educate the people and stop them from targeting Ukrainian artillerymen. These are specifically the towns where people were caught.
This move on the part of this particular Atlantic Council senior fellow totally discredits Crowdstrike’s story that an app infected with malware was responsible for destroying 80% of Ukrainian artillery. This was Alperovitch’s largest proof of “Russian hacking” the DNC that was given to the FBI, CIA, and DNI. He said this proof was as sure as a DNA match. The FBI is now stating openly all their evidence rests on Crowdstrike. Without this proof, there is no Russian hacking the DNC story.
Where it gets more damning (it’s hard to believe that’s possible) is that Stopfake’s propaganda effort to directly affect the towns where people were caught targeting Ukrainian artillery is being funded by the British Embassy in Ukraine.
Obviously, neither the UK government or MI5 place any weight in the Russian hacking story. Otherwise, why spend money on this effort targeting propaganda at the specific area named by Ukraine’s SBU.
To make matters worse for the FBI and DNI, Radio Liberty is helping to start the anti-targeting propaganda effort. Keep in mind that Radio Liberty is managed by the Broadcasting Board of Governors (BBG). The US Secretary of State John Kerry is a board member. Didn’t anyone tell him by dealing with the real problem, he was destroying the Russian hacking story so the real situation could be managed?
In the last article which is linked at the top, the penetration testers at Wordfence tested the uniqueness of the other tool Crowdstrike uses for identification called Grizzly Steppe. What they found was a Ukrainian-made malware that is outdated and a common hacking tool for WordPress websites. It cannot perform like Crowdstrike claims it does. This destroys the cyber-security giant’s story.
Without any evidence, Crowdstrike wrote the report the “Russians did it.” They in turn, gave it to the FBI, CIA, DNI, and whoever else would listen. Today, both Crowdstrike and the Ukrainian hackers are the only groups known that have the X-Agent tool.
Did the Bernie Sanders campaign get “berned” by Crowdstrike? In December 2015, Sanders filed suit against the DNC because the DNC froze access to voter data. The freeze came as a result of Crowdstrike’s fiDNIngs that Sanders staffers supposedly improperly accessing Clinton data files. Sanders accused the DNC of flagrantly favoring Clinton.
Why did the lawsuit get dropped? Crowdstrike investigated it and Sanders was convinced to drop the suit. Should Crowdstrike have notified Sanders that they had conflicts of interest?
Unless you are in the FBI, CIA, or DNI, the Russian hacking story doesn’t make any sense based on the facts. The facts say Crowdstrike supplied fraudulent evidence to the US government. Even the Ukrainians don’t want to be standing next to Crowdstrike when the truth comes out. Perhaps someone should investigate Crowdstrike and the Ukrainian hackers.
The next question is when did Clinton hire Crowdstrike and why? We know that Clinton paid around $1 million to internet trolls to turn Sanders supporters. How much money went into the Russian hacking story? We know that the Russian hacking story gained Crowdstrike a lot more revenue. But before all this happened:
According to Fortune “Between 2013 and 2014 its(Crowdstrike) revenue grew 142% and its customer base more than tripled, two reasons Google Capital (GOOG, +1.53%), the tech giant’s growth equity arm, led a $100 million investment in CrowdStrike in July, its first ever for a computer security company.
The reasons Google would invest are obvious. Fortune goes further in an interview with Crowdstrike CEO George Kurtz.
“Security is of foremost interest to Google,” said Google Capital partner Gene Frantz, mentioning Google’s expertise in protecting IT assets. “We identified what we think will be a very large and very important security company in the world.”
“To have Google align with our vision and kick the tires—they wouldn’t write us a huge check unless they checked us out—to have that level of validation in less than four years is incredibly rewarding,” George Kurtz CEO of Crowdstrike said.
There are only two scenarios that explain this situation. Crowdstrike thought nobody would fact check. Alperovitch started the hacking story to influence the election results and it got away from him. Or Crowdstrike is guilty of gross incompetence and may be guilty of over selling their capabilities and expertise to investors.
Either way, with the cyber security industry laughing at Crowdstrike’s evidence, an investigation needs to happen to find out how this company brought the USA to the brink of war with Russia. A cyber attack is an act of war. It doesn’t matter if Alperovitch didn’t imagine the story would get this big.
As it becomes clear to investors that Crowdstrike either willfully perjured themselves to the FBI, CIA, DNI, as well as the president, will they vote with their feet on the value of the company?
According to Wired “In its statement, the FBI agreed with the DNC’s implication that it had instead relied on data from Crowdstrike… The possibility that the FBI based its investigation on inferior-quality evidence is significant..”
Why does part of the official DNI Russia hacked DNC/ Fancy Bear story rely in part on information from a Russian blogger that writes about the civil war in Ukraine like Crowdstrike does? Honestly, come on guys, this is embarrassing. It gets a lot worse.
According to the DNI report “A journalist who is a leading expert on the Internet Research Agency claimed that some social media accounts that appear to be tied to Russia’s professional trolls—because they previously were devoted to supporting Russian actions in Ukraine—started to advocate for President-elect Trump as early as December 2015. ”
This journalist is Jessikka Aro. She works as Finnish YLE’s investigative journalist and is an expert in strategic communication issues for NATO and EU institutions. Unfortunately, she was also a drug dealer and according to her court papers and according to the article, a strong believer in self-medication.
Aro first came to notice when she wrote a story about Russian trolls. Since then, she has been NATO’s go-to girl. Recently she crowdfunded $30,000 for hacking and OSINT tools to “further her research.”
None of this says where she came from. Jessikka Aro is a protege of Aaron Weisburd and Joel Harding. I have written extensively about both of these men. Their way of protecting America is to hack and ruin American and Western-based News Websites. Weisburd takes it to the extreme and as the linked articles show his group hacks, plants evidence, and tries to “inform” the FBI or appropriate agency that you are the criminal. Because it’s cyber, you may never know he was there. He badgers internet providers to take down sites, threatens people, and steals their livelihoods.
NATO’S Jessikka Aro and Aaron Weisburd destroying Commentary Website
There they are giving the high-five after one successful attack on a Canadian-based news commentary website. If there was anything illegal or God forbid, immoral, why didn’t they call the police?
Aaron Weisburd became a player in intelligence when Richard Clark decided to bring freelance terror hunters into the fold. He ingrained OSINT as the key Intel tool to use. Weisburd came in after the grandfather of federal OSINT broke ground for him. Steve Emerson and Rita Katz supplied most of the people on the bad lists that the Federal Government made.
Emerson, Katz, and Weisburd trained Federal Intelligence Agencies including FBI, CIA, and abroad including NATO personnel how to use OSINT techniques. For Weisburd it would only be natural to introduce his protege to NATO since they are directly involved in Ukrainian propaganda. Since I’ll be getting to this in the next article, let’s take a look at how intelligent the intelligence is that they generate.
In January 2015 Steve Emerson, the man that trained federal intelligence agents including the FBI how to use OSINT tools claimed on Fox News that Birmingham, England is an entirely Muslim city. The Telegraph writes “An American “terrorism expert” who claimed that Birmingham is a Muslim-only city is “clearly a complete idiot”, David Cameron has said.
If Emerson is the expert they leaned on to learn this form of Intel gathering, it’s not hard to see why a common cyber criminal is listed as a go-to expert in the DNI report.
According to the DNI report “Russian efforts to influence the 2016 US presidential election represent the most recent expression of Moscow’s longstanding desire to undermine the US-led liberal democratic order, but these activities demonstrated a significant escalation in directness, level of activity, and scope of effort compared to previous operations.”
The DNI report adds” We also assess Putin and the Russian Government aspired to help President-elect Trump’s election chances when possible by discrediting Secretary Clinton and publicly contrasting her unfavorably to him. All three agencies agree with this judgment. CIA and FBI have high confidence in this judgment; NSA has moderate confidence. ”
While CNN said on January 6th, “Officials said this was just one of multiple indicators to give them high confidence of both Russian involvement and Russian intentions. Officials reiterated that there is no single intercepted communication that qualifies as a “smoking gun” on Russia’s intention to benefit Trump’s candidacy or to claim credit for doing so.”
Which intercepted communications are they talking about? According to the Sydney Morning Herald the Ukrainian hacker group RUH8 hacked the Russian government email of Vladislav Surkov. The Russian government denies the hack happened.
Within hours of the attack, the Atlantic Council was examining the “hacked email.” They said there was no smoking gun. Is the DNI report leaning on the alleged hacking by self-identifying Pravy Sektor ultra-nationalists that want to start a war with Russia? RFE/RL is certainly glorifying the neo-nazis. These are the intercepted communications the report mentions.
Discussing the same subject Information War expert Joel Harding who has been working for the Ukrainians against the Russians stated “One of the really neat things about this election is seeing all my information operations and information warfare friends on social media, contributing and commenting, looking darned intelligent! Theirs is normally the voice of reason, maturity, and intelligence…and now for something completely different. Good news.
Russian propaganda is being ignored in the United States.”
Because any possibility of a Russian hack at the DNC has been taken away, the rest of the DNI report comes across as a long political whine. The only 2 groups that are known to possess X-Agent are Crowdstrike and the Ukrainian hacker RUH8. The DNI report relies on both to hold their facts together. Both are discredited. The following admission should interest John Podesta.
According to a RFE/RL interview, “RUH8 says the Cyber Alliance uses “all tools and methods” at its disposal to hack into their perceived foes’ accounts. In particular, he says, spear-phishing — using messages that mimic those of legitimate companies along with a request and link to change personal security information — “is quite efficient. People readily give up their passwords and personal info,” he says. “They receive something in their [e-]mail like, ‘Your account will be suspended if you don’t confirm [your security details].’ They click that link and we have them.”
Is it me or has RUH8 done everything except openly confess to hacking Podesta? Spear-fishing is the tactic said to be used in the DNC hacking. Only 2 known groups have the X-Agent and only RUH8 states openly that they changed the course of world geopolitics. Neither of them has been investigated. Security analysts are starting to speculate that if there was a hack, the Ukrainians probably did it. The self-identifying Pravy Sektor members RUH8 are also claiming to have hacked the Russian government email.
The FBI now in charge of domestic intelligence didn’t investigate anything. All the evidence to prove a Russian hack has been shown clearly to be flawed and faked. Crowdstrike is guilty of at least perjury based on their own statements and the evidence they gave to the FBI. The DNI and 17 Intel agencies are relying on neo-nazi group hackers that openly mock them.
This only leaves only one scenario that has an unblemished track record. Julian Assange and Craig Murray told the truth. The emails were leaked.
Why Crowdstrike’s Russian Hacking Story Fell Apart 2 The DNI Report Faked Sources was originally published on Washington's Blog