CrowdStrike, Inc. is an American cybersecurity technology company based in Sunnyvale, California, and a wholly owned subsidiary of CrowdStrike Holdings, Inc. The company provides endpoint security, threat intelligence, and incident response services to customers in more than 170 countries. The company has been involved in countermeasure efforts to several high-profile cyber-attacks, including the Sony Pictures hack, the 2016 Democratic National Committee email leak, and the Democratic National Committee cyber attacks.
Video CrowdStrike
History
CrowdStrike was co-founded by entrepreneur George Kurtz (CEO), Dmitri Alperovitch (CTO), and Gregg Marston (CFO, retired). In 2012, Shawn Henry, a former Federal Bureau of Investigation (FBI) executive who led both the FBI's criminal and cyber divisions, was hired to lead sister company CrowdStrike Services, Inc., which is focused on proactive and incident response services.
The company gained recognition for providing threat intelligence and attribution to nation state actors conducting economic espionage and IP theft. This includes the outing of state-sponsored Chinese group, Putter Panda, linked to China's spying on United States defense and European satellite and aerospace industries. In May 2014, supported by CrowdStrike's reports, the United States Department of Justice charged five Chinese military hackers for economic cyber espionage against United States corporations. Similarly, the firm is known for uncovering the activities of Energetic Bear, an adversary group with a nexus to the Russian Federation that conducts intelligence operations against a variety of global victims with a primary focus on the energy sector.
Following the very public Sony Pictures hack, CrowdStrike produced attribution to the government of North Korea within 48 hours and demonstrated how the attack was carried out step-by-step. On May 2015, the company released Researcher Jason Geffner's discovery of VENOM, a critical flaw in open source hypervisor called Quick Emulator (QEMU), which is used in a number of common virtualization products.
In 2013, the company launched the Falcon software platform, a technology that stops breaches by combining next-generation antivirus, endpoint detection and response, and proactive hunting. In 2014, CrowdStrike was instrumental in identifying members of PLA Unit 61486 as the perpetrators of a number of cyberattacks on U.S. infrastructure.
In July 2015, Google invested in the company's Series C funding round, which in total raised $100 million. To date, CrowdStrike has achieved total funding of $256 million, with estimated annual revenue of $100 million and valuation more than $1 billion. Investors include Telstra, March Capital Partners, Rackspace, Accel Partners and Warburg Pincus. According to the company, its customers include three of the 10 largest global companies by revenue, five of the 10 largest financial institutions, three of the top 10 health care providers, and three of the top 10 energy companies.
In 2016, the company was ranked #40 on the Deloitte Fast 500 North America list.
Maps CrowdStrike
Russian hacking investigations
CrowdStrike has figured prominently in the Democratic National Committee cyber attacks and the attribution of those attacks to Russian intelligence services. On March 20, 2017 during testimony before congress, James Comey stated "CrowdStrike, Mandiant, and ThreatConnect review[ed] the evidence of the hack and conclude[d] with high certainty that it was the work of APT 28 and APT 29 who are known to be Russian intelligence services." However, the FBI did not independently verify these findings because the DNC refused to give the FBI access to the server.
In December 2016, CrowdStrike released a report stating that Russian government-affiliated group Fancy Bear had hacked a Ukrainian artillery app. They erroneously concluded that Russia had used the hack to cause large losses to Ukrainian artillery units. The app (called ArtOS) is installed on tablet PCs and used for fire-control. The earliest version of the app (supported until 2015) was called POPR-D30 and installed on Android phones and tablets. CrowdStrike found a hacked variation of POPR-D30 being distributed on Ukrainian military forums that utilized an X-Agent implant. However, they failed to show that the hacked variation of POPR-D30 was actually installed by any Ukrainian soldiers.
The International Institute for Strategic Studies, whose data on Ukrainian D30 howitzer losses was misused by CrowdStrike in their report, rejected CrowdStrike's assessment of hacking causing losses to Ukrainian artillery units. The Ukrainian Ministry of Defense also rejected the CrowdStrike report, stating that actual artillery losses were "several times smaller than the number reported by [CrowdStrike] and are not associated with [Russian hacking]".
Cybersecurity firm Secureworks discovered a list of email addresses targeted by Fancy Bear in phishing attacks. The list included the email address of Yaroslav Sherstyuk, the developer of ArtOS. However, there is no evidence that they succeeded in hacking Sherstyuk's email.
Industry recognition
- Deloitte 2016 Technology Fast 500(TM) Ranking
- INC 500, 2016
- MIT Technology Review's World's 50 Most Innovative Companies, 2013
- SC Magazine, 2016 Best Security Company Finalist, 2016
- CRN Magazine 2014 and 2015 Top Emerging Vendors
- Dark Reading's 20 Most Disruptive Startups to Watch, 2015
References
Further reading
- The New York Times
- Network World
- Fortune (video news report)
External links
- Official website
Source of article : Wikipedia
0 Comments