George Kurtz is the bestselling author of Hacking Exposed: Network Security Secrets & Solutions (now in its seventh edition) and CEO/co-founder of the digital security firm Crowdstrike. His company usually works in utter secrecy, unable to reveal the insights it uncovers as it protects the information of the world’s largest companies and governments. But the hack of the Democratic National Committee emails proved different than most of Crowdstrike’s working relationships: the DNC asked Crowdstrike for help without the condition that its findings remain secret.* In other words, the ultra tight-lipped company can speak about what it found lurking in the DNC computer systems.
What Crowdstrike found were two familiar “sophisticated adversaries” known as COZY BEAR and FANCY BEAR, described as two of the “best adversaries out of all the numerous nation-state, criminal and hacktivist/terrorist groups we encounter on a daily basis.” COZY BEAR infiltrated the (nonclassified) networks of the White House and the State Department last year. “Both adversaries engage in extensive political and economic espionage for the benefit of the government of the Russian Federation and are believed to be closely linked to the Russian government’s powerful and highly capable intelligence services,” Crowdstrike reported in June.
*[Crowdstrike writes: “we operate under strict confidentiality rules with our customers and cannot reveal publicly any information about these attacks. But on rare occasions, a customer decides to go public with information about their incident and give us permission to share our knowledge of the adversary tradecraft with the broader community and help protect even those who do not happen to be our customers. This story is about one of those cases.”