Kurtz was a former engineer at McAfee for many years. But he had grown disillusioned with the approach taken to cybersecurity across the industry.

In one of his blog posts, Kurtz wrote he was: "Tired of the status quo of technologies that were incapable of dealing with the most persistent attacks. 

"Tired of the malware-centric approaches that only focus on 40 per cent of the problem. Tired of on-premise security technologies that are disconnected, overly complex, easy to break, and costly to administer."

The idea behind CrowdStrike was different. He and his co-founders set out to develop a new approach to what's known as cloud-based endpoint security. The company's slogan was simple: "We stop breaches."

https://www.abc.net.au/news/2024-07-21/how-tech-rebels-triggered-the-world-s-biggest-it-meldown/104122956

READ FROM TOP.

NOTE THAT RUSSIA DID NOT SUFFER BECAUSE IT DOES NOT USE WINDOWS BUT USES ITS OWN SYSTEM.... HERE AT YD/GUS WE USE mac.....

SpaceX and Tesla CEO Elon Musk has revealed that his companies have stopped using web/cloud-based antivirus platform CrowdStrike, following Friday’s global Windows 10 outage.

The controversial cyber-security firmhas admitted that the massive failures were caused by a recent update it instigated that conflicted with Microsoft systems.

The IT meltdown affected Windows 10 users around the world, including airports, banks, and broadcasters. According to aviation analytics firm Cirium, at least 4,295 flights were grounded globally due to the outage. The worldwide glitch also hit a number of media outlets, including the UK-based Sky News – which went off the air for a while – as well as the Australian-based ABC, SBS, Channel 7, Channel 9, and News Corp Australia.

Responding to a post on X (formerly Twitter) on Friday, Musk wrote: “We just deleted Crowdstrike from all our systems.”

https://www.rt.com/news/601383-musk-deletes-crowdstrike-windows-outage/

READ FROM TOP....

While most of the world was grappling with the blue screen of death on Friday, one country that managed to escape largely unscathed was China.

The reason is actually quite simple: CrowdStrike is hardly used there. 

Very few organisations will buy software from an American firm that, in the past, has been vocal about the cyber-security threat posed by Beijing.

Additionally, China is not as reliant on Microsoft as the rest of the world. Domestic companies such as Alibaba, Tencent and Huawei are the dominant cloud providers.

So reports of outages in China, when they did come, were mainly at foreign firms or organisations. On Chinese social media sites, for example, some users complained they were not able to check into international chain hotels such as Sheraton, Marriott and Hyatt in Chinese cities.

Over recent years, government organisations, businesses and infrastructure operators have increasingly been replacing foreign IT systems with domestic ones. Some analysts like to call this parallel network the "splinternet".

"It's a testament to China's strategic handling of foreign tech operations," says Josh Kennedy White, a cybersecurity expert based in Singapore.

"Microsoft operates in China through a local partner, 21Vianet, which manages its services independently of its global infrastructure. This setup insulates China’s essential services - like banking and aviation - from global disruptions."

Beijing sees avoiding reliance on foreign systems as a way of shoring up national security.

It is similar to the way some Western countries banned Chinese tech firm Huawei’s technology in 2019 - or the UK's move to ban the use of Chinese-owned TikTok on government devices in 2023.

Since then, the US has launched a concerted effort to ban sales of advanced semiconductor chip tech to China, as well as attempts to stop American companies from investing in Chinese technology. The US government says all of these restrictions are on national security grounds.

https://www.bbc.com/news/articles/c3g01y047pdo

AS MENTIONED BEFORE, RUSSIA DOES NOT USE WINDOWS AND DID NO SUFFER ANY CROWDSTRIKE DISRUPTION....

READ FROM TOP.

A sloppy update to software made by US cybersecurity giant CrowdStrike has taken PCs and servers used by airlines, railways, banks, broadcasters and even medical facilities around the world offline. For anyone following US politics over the past decade or so, the company’s name should be eerily familiar.

CrowdStrike is making global headlines (and causing global headaches) this week after an update released Friday morning afflicted thousands of corporate machines running Microsoft products with the infamous blue screen of death error.

While the company has already put out a fix, the buggy update is expected to cause billions of dollars and hours in lost productivity, and experts say it may take “weeks” for businesses and governments worldwide to fully recover.

But behind the company’s reputation as a major provider of endpoint security products is the odd routineness of its name popping up in US politics.

During the 2016 US presidential election, the Clinton campaign asked none other than CrowdStrike for help investigating the hack attack against the Democratic National Committee – which had revealed embarrassing info about the party’s efforts to rig the nomination process in Mrs. Clinton’s favor.

CrowdStrike’s probe gave rise to the very first claims that Russia was behind the DNC hack, and the company provided its “forensic evidence and analysis” to the FBI, starting the ball rolling on the Russiagate conspiracy theory that Donald Trump was colluding with Russia to “steal” the election.

CrowdStrike executive Shawn Henry admitted under oath in congressional testimony in 2017 that the company had no “concrete evidence” to back up its “Russian hackers” story, but by that point it was too late, and Trump would spend virtually the entirety of his term in office dogged by the “collusion” claims.

CrowdStrike’s name also came up in the infamous 2019 phone call between Trump and Volodymyr Zelensky, with the then-US president asking Zelensky to “do us a favor” and “find out what happened” with CrowdStrike’s server, which Trump said was in Ukraine. The Trump team was convinced that CrowdStrike planted evidence on the DNC server to frame Russia while covering up Ukraine’s own efforts to “weaken the Trump bandwagon” during the 2016 race. Democratic politicians and anti-Trump media dismissed the president’s suspicions as groundless.

The Trump-Zelensky phone call, in which he also asked Kiev to look into then former vice president Joe Biden’s role in firing of a prosecutor probing his son Hunter Biden’s alleged corrupt activities while working for Ukrainian energy company Burisma, wound up sparking the first Trump impeachment in 2019.

CrowdStrike was also one a handful of firms tapped by the US Cybersecurity and Infrastructure Security Agency in 2021 to work out a ‘whole-of-nation’ cyber defense plan. The initiative has been criticized as an attempt to strengthen the US intelligence and Big Tech’s surveillance powers using cybersecurity as a cover.

https://sputnikglobe.com/20240720/from-clinton-fraud-to-trump-zelensky-call-recalling-crowdstrikes-shady-politics-amid-it-outage-1119442359.html

READ FROM TOP.....

The company with F.B.I. links was responsible for a massive computer outage affecting airlines, banks, and hospitals, following its dodgy role in the Russiagate affair. 

The cyber-security firm CrowdStrike, which was in the middle of the fake Russiagate scandal, suffered a serious blow beginning Thursday night when a faulty update to its security software that it sent out caused Microsoft computers across the world to crash, seriously affecting air and train travel; banking; broadcasting, health care and other industries.  

The devastating episode was costly for company: it has lost 12 percent of its value on the stock market. The amount of money lost by companies that were affected has not yet been calculated.  It is not the first time the 13-year old firm has been involved in controversy.  

We are reprinting here an article written for Consortium News in 2020 by former C.I.A. analyst Ray McGovern that exposes closed-door testimony by CrowdStrike executive Shawn Henry to the U.S. House intelligence committee in which he says there is no definitive evidence that Democratic Party emails had been hacked from its servers. 

That explosive testimony, which remained secret for nearly three years, exploded the myth that Russia had hacked the DNC and gave its emails to WikiLeaks. 

Twin Pillars of Russiagate Crumble

For two and a half years the House Intelligence Committee knew CrowdStrike didn’t have the goods on Russia. Now the public knows too.

By Ray McGovern
Special to Consortium News
May 9, 2020

House Intelligence Committee documents released Thursday reveal that the committee was told two and half years ago that the F.B.I. had no concrete evidence that Russia hacked Democratic National Committee computers to filch the DNC emails published by WikiLeaks in July 2016. 

The until-now-buried, closed-door testimony came on Dec. 5, 2017 from Shawn Henry, a protege of former F.B.I. Director Robert Mueller (from 2001 to 2012), for whom Henry served as head of the Bureau’s cyber crime investigations unit. 

Henry retired in 2012 and took a senior position at CrowdStrike, the cyber security firm hired by the DNC and the Clinton campaign to investigate the cyber intrusions that occurred before the 2016 presidential election. 

The following excerpts from Henry’s testimony speak for themselves. The dialogue is not a paragon of clarity; but if read carefully, even cyber neophytes can understand: 

Ranking Member Mr. [Adam] Schiff: Do you know the date on which the Russians exfiltrated the data from the DNC? … when would that have been?

Mr. Henry: Counsel just reminded me that, as it relates to the DNC, we have indicators that data was exfiltrated from the DNC, but we have no indicators that it was exfiltrated (sic). … There are times when we can see data exfiltrated, and we can say conclusively. But in this case, it appears it was set up to be exfiltrated, but we just don’t have the evidence that says it actually left.

Mr. [Chris] Stewart of Utah: Okay. What about the emails that everyone is so, you know, knowledgeable of? Were there also indicators that they were prepared but not evidence that they actually were exfiltrated?

Mr. Henry: There’s not evidence that they were actually exfiltrated. There’s circumstantial evidence … but no evidence that they were actually exfiltrated. … 

Mr. Stewart: But you have a much lower degree of confidence that this data actually left than you do, for example, that the Russians were the ones who breached the security?

Mr. Henry: There is circumstantial evidence that that data was exfiltrated off the network.

Mr. Stewart: And circumstantial is less sure than the other evidence you’ve indicated. …

Mr. Henry: “We didn’t have a sensor in place that saw data leave. We said that the data left based on the circumstantial evidence. That was the conclusion that we made.

In answer to a follow-up query on this line of questioning, Henry delivered this classic: “Sir, I was just trying to be factually accurate, that we didn’t see the data leave, but we believe it left, based on what we saw.”

Inadvertently highlighting the tenuous underpinning for CrowdStrike’s “belief” that Russia hacked the DNC emails, Henry added: “There are other nation-states that collect this type of intelligence for sure, but the — what we would call the tactics and techniques were consistent with what we’d seen associated with the Russian state.”

Not Transparent

Try as one may, some of the testimony remains opaque. Part of the problem is ambiguity in the word “exfiltration.” 

The word can denote (1) transferring data from a computer via the Internet (hacking) or (2) copying data physically to an external storage device with intent to leak it.

As the Veteran Intelligence Professionals for Sanity has been reporting for more than three years, metadata and other hard forensic evidence indicate that the DNC emails were not hacked — by Russia or anyone else.

Rather, they were copied onto an external storage device (probably a thumb drive) by someone with access to DNC computers. Besides, any hack over the Internet would almost certainly have been discovered by the dragnet coverage of the National Security Agency and its cooperating foreign intelligence services.

Henry testifies that “it appears it [the theft of DNC emails] was set up to be exfiltrated, but we just don’t have the evidence that says it actually left.” 

This, in VIPS view, suggests that someone with access to DNC computers “set up” selected emails for transfer to an external storage device — a thumb drive, for example. The Internet is not needed for such a transfer. Use of the Internet would have been detected, enabling Henry to pinpoint any “exfiltration” over that network.

Bill Binney, a former NSA technical director and a VIPS member, filed a sworn affidavit in the Roger Stone case. Binney said: “WikiLeaks did not receive stolen data from the Russian government. Intrinsic metadata in the publicly available files on WikiLeaks demonstrates that the files acquired by WikiLeaks were delivered in a medium such as a thumb drive.”

The So-Called Intelligence Community Assessment

There is not much good to be said about the embarrassingly evidence-impoverished Intelligence Community Assessment (ICA) of Jan. 6, 2017 accusing Russia of hacking the DNC.

But the ICA did include two passages that are highly relevant and demonstrably true:

(1) In introductory remarks on “cyber incident attribution”, the authors of the ICA made a highly germane point: “The nature of cyberspace makes attribution of cyber operations difficult but not impossible. Every kind of cyber operation — malicious or not — leaves a trail.”

(2) “When analysts use words such as ‘we assess’ or ‘we judge,’ [these] are not intended to imply that we have proof that shows something to be a fact. … Assessments are based on collected information, which is often incomplete or fragmentary … High confidence in a judgment does not imply that the assessment is a fact or a certainty; such judgments might be wrong.” [And one might add that they commonly ARE wrong when analysts succumb to political pressure, as was the case with the ICA.]

The intelligence-friendly corporate media, nonetheless, immediately awarded the status of Holy Writ to the misnomered “Intelligence Community Assessment” (it was a rump effort prepared by “handpicked analysts” from only C.I.A., F.B.I., and NSA), and chose to overlook the banal, full-disclosure-type caveats embedded in the assessment itself.

Then National Intelligence Director James Clapper and the directors of the C.I.A., F.B.I., and NSA briefed President Obama on the ICA on Jan. 5, 2017, the day before they gave it personally to President-elect Donald Trump. 

On Jan. 18, 2017, at his final press conference, Obama saw fit to use lawyerly language on the key issue of how the DNC emails got to WikiLeaks, in an apparent effort to cover his own derriere. 

Obama: “The conclusions of the intelligence community with respect to the Russian hacking were not conclusive as to whether WikiLeaks was witting or not in being the conduit through which we heard about the DNC e-mails that were leaked.” 

So we ended up with “inconclusive conclusions” on that admittedly crucial point. What Obama was saying is that U.S. intelligence did not know—or professed not to know—exactly how the alleged Russian transfer to WikiLeaks was supposedly made, whether through a third party, or cutout, and he muddied the waters by first saying it was a hack, and then a leak.

From the very outset, in the absence of any hard evidence, from NSA or from its foreign partners, of an Internet hack of the DNC emails, the claim that “the Russians gave the DNC emails to WikiLeaks” rested on thin gruel.

In November 2018 at a public forum, I asked Clapper to explain why President Obama still had serious doubts in late Jan. 2017, less than two weeks after Clapper and the other intelligence chiefs had thoroughly briefed the outgoing president about their “high-confidence” findings. 

Clapper replied: “I cannot explain what he [Obama] said or why. But I can tell you we’re, we’re pretty sure we know, or knew at the time, how WikiLeaks got those emails.” Pretty sure? 

Preferring CrowdStrike; ’Splaining to Congress

CrowdStrike already had a tarnished reputation for credibility when the DNC and Clinton campaign chose it to do work the F.B.I. should have been doing to investigate how the DNC emails got to WikiLeaks. It had asserted that Russians hacked into a Ukrainian artillery app, resulting in heavy losses of howitzers in Ukraine’s struggle with separatists supported by Russia. A Voice of America reportexplained why CrowdStrike was forced to retract that claim. 

Why did F.B.I. Director James Comey not simply insist on access to the DNC computers? Surely he could have gotten the appropriate authorization. In early January 2017, reacting to media reports that the F.B.I. never asked for access, Comey told the Senate Intelligence Committee there were “multiple requests at different levels” for access to the DNC servers.

“Ultimately what was agreed to is the private company would share with us what they saw,” he said. Comey described CrowdStrike as a “highly respected” cybersecurity company. 

Asked by committee Chairman Richard Burr (R-NC) whether direct access to the servers and devices would have helped the F.B.I. in their investigation, Comey said it would have. “Our forensics folks would always prefer to get access to the original device or server that’s involved, so it’s the best evidence,” he said.

Five months later, after Comey had been fired, Burr gave him a Mulligan in the form of a few kid-gloves, clearly well-rehearsed, questions:

BURR: And the F.B.I., in this case, unlike other cases that you might investigate — did you ever have access to the actual hardware that was hacked? Or did you have to rely on a third party to provide you the data that they had collected? 

COMEY: In the case of the DNC, … we did not have access to the devices themselves. We got relevant forensic information from a private party, a high-class entity, that had done the work. But we didn’t get direct access.

BURR: But no content?

COMEY: Correct.

BURR: Isn’t content an important part of the forensics from a counterintelligence standpoint?

COMEY: It is, although what was briefed to me by my folks — the people who were my folks at the time is that they had gotten the information from the private party that they needed to understand the intrusion by the spring of 2016. 

In June last year it was revealed that CrowdStrike never produced an un-redacted or final forensic report for the government because the F.B.I. never required it to, according to the Justice Department.

By any normal standard, former F.B.I. Director Comey would now be in serious legal trouble, as should Clapper, former C.I.A. Director John Brennan, et al. Additional evidence of F.B.I. misconduct under Comey seems to surface every week — whether the abuses of FISA, misconduct in the case against Gen. Michael Flynn, or misleading everyone about Russian hacking of the DNC. If I were attorney general, I would declare Comey a flight risk and take his passport. And I would do the same with Clapper and Brennan.

Schiff: Every Confidence, But No Evidence

Both pillars of Russiagate — collusion and a Russian hack — have now fairly crumbled.

Thursday’s disclosure of testimony before the House Intelligence Committee shows Chairman Adam Schiff lied not only about Trump-Putin “collusion,” [which the Mueller report failed to prove and whose allegations were based on DNC and Clinton-financed opposition research] but also about the even more basic issue of “Russian hacking” of the DNC. 

[See: “The Democratic Money Behind Russia-gate”]

Five days after Trump took office, I had an opportunity to confront Schiff personally about evidence that Russia “hacked” the DNC emails. He had repeatedly given that canard the patina of flat fact during an address at the old Hillary Clinton/John Podesta “think tank,” The Center for American Progress Action Fund.

Fortunately, the cameras were still on when I approached Schiff during the Q&A: “You have every confidence but no evidence, is that right?” I asked him. His answer was a harbinger of things to come. This video clip may be worth the four minutes needed to watch it.

Ray McGovern works with Tell the Word, a publishing ministry of the ecumenical Church of the Saviour in inner-city Washington. A former C.I.A. analyst, his retirement he co-founded Veteran Intelligence Professionals for Sanity.

https://consortiumnews.com/2024/07/20/crowdstrike-further-tainted-by-worldwide-crash/

READ FROM TOP.

Cybersecurity firm CrowdStrike offered $US10 UberEats gift cards to teammates and partners who aided in the IT outage.

The vouchers were ineligible after Uber flagged them as potential fraud because of high usage rates, CrowdStrike confirmed. 

An estimated 8.5 million computers were disabled during the worldwide outage. 

Virtual gift cards offered by Cybersecurity firm CrowdStrike to those who aided customers through the global IT outage have been blocked and flagged for potential fraud by Uber. 

The recent global IT outage — which saw an estimated 8.5 million computers disabled and brought much of the world to a standstill — was caused by a single update to CrowdStrike software that runs on Microsoft Windows.

A CrowdStrike spokesperson confirmed to the ABC the company sent the $US10 ($15) vouchers to "teammates and partners" who had helped customers in the aftermath of the outage. 

Tech news website TechCrunch reported that recipients received an error message when trying to activate the voucher, stating it had "been cancelled by the issuing party and is no longer valid". 

CrowdStrike confirmed that Uber had blocked the gift cards and flagged them as fraud due to high usage rates.

"CrowdStrike did not send gift cards to customers or clients," the spokesperson said. 

"We did send these to our teammates and partners who have been helping customers through this situation.

"Uber flagged it as a fraud because of high usage rates." 

Partners of the company sell and manage CrowdStrike for customers, the spokesperson said. 

The ABC has reached out to Uber for comment but is yet to hear back. 

https://www.abc.net.au/news/2024-07-26/crowdstrike-gift-cards-blocked/104145562

READ FROM TOP.....

By Neenah Payne

On July 19, CrowdStrike Holdings (CRWD) shut down many key systems worldwide when one of its software updates crashed the screens of more than 8.5 million users of Microsoft Windows.

Digital Dystopia: Lessons from the Global IT Outage on the Perils of Cashless Living explains:

On July 19, 2024, a content update by cybersecurity giant CrowdStrike caused millions of Microsoft systems worldwide to crash. As reported by Nick Corbishley for Naked Capitalism, this outage had far-reaching consequences: “When a content update by the cyber-security giant CrowdStrike caused millions of Microsoft systems around the world to crash on Friday morning, bringing the operating systems of banks, payment card firms, airlines, hospitals, NHS clinics, retailers and hospitality businesses to a standstill, businesses were faced with a stark choice: go cash-only, or close until the systems came back online.”

This incident laid bare the vulnerability of our tightly coupled IT-based societies, particularly in the realm of banking and payments. The fallout was especially severe in countries like Australia, where cashless transactions have been actively encouraged by the government. In the face of this digital meltdown, cash emerged as a crucial lifeline for businesses and consumers alike. 

In a startling shift, major British newspapers have begun highlighting the dangers of a fully cashless society following a widespread IT outage that crippled digital payment systems across the globe. This event has brought to light the inherent fragility of our increasingly digitized financial infrastructure and serves as a stark reminder of the vital role cash still plays in our economy.

The Threat of Financial Deplatforming

The risks of a cashless society extend beyond mere inconvenience during IT outages. There’s a growing concern about the potential for financial institutions to deny services based on political or ideological grounds, effectively creating a form of financial censorship.

Florida’s Chief Financial Officer Jimmy Patronis has taken proactive steps to address this issue. In January 2024, Patronis announced that 117 banks in Florida had signed an attestation agreeing not to politically discriminate, allowing them to qualify as Qualified Public Depositories (QPDs) eligible to accept public funds. This move followed the signing of House Bill 3, which aims to prevent banks from canceling services based on personal beliefs, whether political, religious, or any other factor demonstrating impartiality.

Patronis stated, “With the continued rise of Environmental and Social Governances (ESG) infiltrating our economic institutions, I am extremely happy to see the positive effects of HB 3. These 117 QPDs have officially made a commitment to put returns over politics. They understand that if they de-bank customers over political persuasion, they are threatening their own bottom lines.”

This legislative action in Florida highlights the growing awareness of the potential for financial institutions to be weaponized against individuals or organizations based on their beliefs or speech. It underscores the importance of maintaining alternative payment methods, including cash, to ensure financial inclusion and freedom of expression.

Multiple National and Global Shocks in July

In the video below, Del Bigtree, host of The Highwire which airs online Thursdays from 2-4 PM ET, discussed with reporter Jefferey Jaxen the strange lack of curiosity by the corporate media after the biggest IT outage that affected millions of people around the world.

Jaxen questions the reasons for this unprecedented global outage which came less than a week after the assassination attempt on former President Donald Trump on July 13 at a rally in Pennsylvania. Biden Resigns: Speaks To Nation 8PM ET links to an interview with Jack Posobiec who said Trump’s Vice Presidential pick JD Vance was reportedly scheduled to attend that rally. Had he done so, the world may have witnessed a double assassination. Secret Service Director Resigns After Congressional Hearing shows that strange lapse of security by Secret Service Director Kimberly Cheatle led to her resignation after she was grilled by a bipartisan Congressional hearing on July 22.

Biden Resigns: Speaks To Nation 8PM ET explains that after his poor performance in the debate with Donald Trump on June 27, President Biden vowed to stay in the race. However, on July 22, Tucker Carlson discussed Biden’s sudden resignation with a post on “X”. Biden finally spoke to the nation on July 24 and endorsed VP Kamala Harris. Although Democrats see Trump as “a threat to democracy”, Posobiec and Bigtree say Harris was given Biden’s delegates in an undemocratic process.

Decoding Unprecedented Global Crowd Strike Outage

In the video below, Jaxen and Bigtree remind us that Event 201 in October 2019 was a dress rehearsal for COVID policies. They wonder if this outage was designed to prepare the public for an outage used to justify the introduction of Central Bank Digital Currencies (CBDCs) or to wage war, etc.

They discuss the “Blue screen of death” as reported in ‘Blue Screen of Death’ For Global Microsoft Users. They point out the critical importance of questioning this global outage – which was somehow magically fixed by the next day. They express exasperation that the corporate media failed to raise key questions.

DECODING THE CROWDSTRIKE OUTAGE (video) 7/25/24

In the aftermath of the largest global cyber incident in history, the corporate media is strangely silent on the details that matter. How could this impossible event happen? Was this a test run? Why is the public being aggressively prepped for a cyber attack? “The HighWire” investigates.

The CrowdStrike failure had potential consequence perhaps as severe and widespread as the failure of the Secret Service to protect former President Trump at the rally on July 13. Congress called for the Secret Service Director to testify on July 22 and she resigned the next day.

The 7/22/24 NY Times article Congress Calls for Tech Outage Hearing to Grill CrowdStrike C.E.Oshows that Congress plans to schedule hearings about the CrowdStrike outage, but doesn’t say when. So, there is none of the urgency seen with the failure of the Secret Service.

For More Information

Manufactured Uncertainty

Neenah Payne writes for Activist Post

https://www.activistpost.com/2024/08/was-global-crowdstrike-outage-a-dress-rehearsal.html

READ FROM TOP

YOURDEMOCRACY.NET RECORDS HISTORY AS IT SHOULD BE — NOT AS THE WESTERN MEDIA WRONGLY REPORTS IT.