What Is CrowdStrike, the Company Trump Mentioned During His Ukraine Call?
The “transcript” of President Donald Trump’s call with Ukrainian President Volodymyr Zelensky has been released, and there are more questions than it answers.
One such question is Trump’s reference to CrowdStrike. According to the White House’s memo, Trump said, “I would like you to do us a favor though because our country has been through a lot and Ukraine knows a lot about it. I would like you to find out what happened with this whole situation with Ukraine, they say Crowdstrike…”
“I guess you have one of your wealthy people… The server, they say Ukraine has it,” the memo continues. “There are a lot of things that went on, the whole situation. I think you’re surrounding yourself with some of the same people.”
CrowdStrike is a U.S.-based internet security company that was hired to investigate the hack of the Democratic National Committee’s servers in 2016. It defines itself as a “cloud-native endpoint protection platform built to stop breaches.” The company determined at the time that two groups affiliated with the Russian government were responsible for the attack.
“With regards to our investigation of the DNC hack in 2016, we provided all forensic evidence and analysis to the FBI,” CrowdStrike told Fortune in a statement. “As we’ve stated before, we stand by our findings and conclusions that have been fully supported by the US Intelligence community.”
But what is CrowdStrike?
According to a June 2016 blog post on CrowdStrike’s website, the company was hired by the DNC to “respond to a suspected breach.” They reportedly “immediately identified two sophisticated adversaries on the network,” called Cozy Bear and Fancy Bear. CrowdStrike was already familiar with both actors, calling them “some of the best threat actors out of all the numerous nation-state, criminal and hacktivist/terrorist groups” they regularly encounter.
The company concluded that the two groups compromised the same systems within the DNC network, but they “identified no collaboration between the two actors, or even an awareness of one by the other.” Despite this, CrowdStrike is confident that they were both working “for the benefit of the government of the Russian Federation and are believed to be closely linked to the Russian government’s powerful and highly capable intelligence services.”
CrowdStrike’s findings were later corroborated by several other independent cybersecurity firms. Yet Trump has repeatedly sought to cast doubt on the conclusions of these firms, pushing an unsubstantiated conspiracy theory that the DNC had hid one of its servers from the FBI, a server that reportedly has information about who was actually responsible for the hack.
In July 2018, following his Helsinki meeting with Russian President Vladimir Putin, Trump said, “You have groups that are wondering why the FBI never took the server. Why didn’t they take the server? Where is the server, I want to know, and what is the server saying?”
But according to a report from The Daily Beast at the time, “no machines are actually missing”— the DNC and CrowdStrike handed over a copy of all of the DNC images back at the time of the breach.
Trump’s call with Zelensky suggests that he believes, despite all evidence to the contrary, that someone in Ukraine is in possession of the ‘missing’ server that could exonerate Russia.
More must-read stories from Fortune:
—Pelosi announced Trump’s impeachment inquiry 24 hours ago—and a lot has happened
—As Trump’s impeachment odds double, bets spike globally
—Ukrainian president tweets photo with Trump amid controversy
—These are the key players in the Trump impeachment inquiry
—How impeachment momentum massively shifted among Democrats
—The 25 most powerful women in politics