Confused why Trump fingered CrowdStrike in that Ukraine call? You're not the only one...

Security biz that probed 2016 DNC hack makes an odd cameo in revealed transcript

A garbled remark by President Donald Trump in a just-released phone-call transcript with the Ukrainian head of state has focused attention on cloudy security shop CrowdStrike.

America's conspiracy-theorist-in-chief name-dropped Silicon Valley's CrowdStrike during a July chat with Ukranian President Volodymyr Zelensky, which was ostensibly to discuss bilateral relations. The call has become a focal point of a whistleblower scandal that has now triggered a House of Representatives impeachment investigation of the President.

An anonymous whistleblower has claimed that over the course of the call, Trump on multiple occasions suggested to Zelensky that US military aid payments could be withheld from the Ukraine unless it agreed to re-open a criminal corruption probe into one of Trump's potential 2020 election opponents: former Vice President Joe Biden – specifically, Biden's son. The Bidens deny any wrongdoing, and there is no evidence of wrongdoing.

So where does CrowdStrike come in? About halfway into the call transcript [PDF], released today under intense political pressure, Trump vaguely references the work CrowdStrike did back in 2016 when it looked into raids carried out by hackers against the Democratic National Committee (DNC) and its email and IT infrastructure.

'DNC hackers' used mobile malware to track Ukrainian artillery – researchers


"I would like you to do us a favor though because our country has been through a lot and Ukraine knows a lot about it," President Trump told Zelensky.

"I would like you to find out what happened with this whole situation with Ukraine, they say CrowdStrike ... I guess you have one of your wealthy people... The server, they say Ukraine has it."

It is not clear exactly what Trump means by "the server" in this incoherent ramble, as the DNC hack involved dozens of computer systems that were not physical machines but rather dozens of virtual machine instances hosted in a cloud data center, all of which were wiped to get rid of the malware the hackers had installed to spy on the committee.

According to the DNC, the FBI took full disk images of all affected machines, including 180 personal computer and 140 servers. CrowdStrike also viewed the images and passed its finding on to the Feds.

The Register pinged CrowdStrike to see if it had any idea why its name popped up, and the security house gave a polite statement more or less indicating they are just as in the dark as the rest of us.

"With regards to our investigation of the DNC hack in 2016, we provided all forensic evidence and analysis to the FBI," the statement reads. "As we’ve stated before, we stand by our findings and conclusions that have been fully supported by the US Intelligence community." ®

Updated to add

The whistleblower's report into the Ukrainian arms-for-probes affair is now out, and alleges the White House tried to cover the whole thing up.

Keep Reading

Trump administration says Russia behind SolarWinds hack. Trump himself begs to differ

Microsoft’s analysis of hack suggests someone else had a crack at SolarWinds in 2019 when next-level 'DLL hell' followed likely developer pipeline compromise

Ericsson warns investors: This Biden fellow coming into the White House may look to resolve China trade dispute...

And that might be bad news for our sales expectations

White House turns to Big Tech to fix coronavirus blunders while classifying previous conversations

What are Facebook, Google, Amazon, Microsoft et al supposed to do? We have some ideas

Days after President Trump suggests pausing election over security, US House passes $500m for states to shore up election security

Chances of it getting enacted in time for November – slim to almost nil

UK Cabinet Office spokesman tells House of Lords: We're not being complacent about impact of SolarWinds hack

Lib Dem blows raspberry at Sir Humphrey-style non-answer

White House creates 'Team Telecom' to probe whether foreign telcos should be allowed near US networks

Speedier license applications possible, uncertainty remains for many

VMware reveals critical hypervisor bugs found at Chinese white hat hacking comp. One lets guests run code on hosts

ESXi, Cloud Foundation, and desktop hypervisor users should get patching

Ed Snowden doesn’t need to worry about being turfed out of Russia any more

Immigration reforms allowing more skilled workers to stay seem to have resulted in permanent residency

Biting the hand that feeds IT © 1998–2021