Trying to Keep Up

Somebody (or somebodies) is trying very hard to create some real trouble between the US and the Russians. Who it is, I can't say. But the Democrats and the US media are certainly helping them along. Jeffrey Carr, who recently debunked some of the Russia-hacked-Vermont's-grid "fake" news, has now written another article debunking CrowdStrike's latest claim that led to widespread reporting in the US media that the same Russian group who supposedly hacked Vermont also hacked Ukrainian field artillery. (Crowdstrike, you will recall, is the company that made the claims of Russian hacking of the US presidential election.)

Crowdstrike’s latest report regarding Fancy Bear contains its most dramatic and controversial claim to date; that GRU-written mobile malware used by Ukrainian artillery soldiers contributed to massive artillery losses by the Ukrainian military. “It’s pretty high confidence that Fancy Bear had to be in touch with the Russian military,” Dmitri Alperovich told Forbes. “This is exactly what the mission is of the GRU.”

  Medium

Read the whole article if you like, but I'm going to jump straight to the conclusions:

Crowdstrike never contacted the app’s developer to inform him about their findings. Had they performed that simple courtesy, they might have learned from Jaroslav Sherstuk how improbable, if not impossible, their theory was. Instead, they worked inside of their own research bubble, performed no verification of infected applications or tablets used by Ukraine’s artillery corps, and extrapolated an effect of 80% losses based upon a self-proclaimed, pro-Russian propagandist and an imaginary number of infected applications.

Major media outlets including the The Washington Post, CNN, NBC News, and PBS Newshour ran the story without fact-checking a single detail. Motherboard, Forbes, SC Magazine, and other media did the same. Only VOA and Bloomberg took the time to question Crowdstrike’s claims and do some of their own investigating.

[...]

Part of the evidence supporting Russian government involvement in the DNC and related hacks (including the German Bundestag and France’s TV5 Monde) stemmed from the assumption that X-Agent malware was exclusively developed and used by Fancy Bear. We now know that’s false, and that the source code has been obtained by others outside of Russia.

The GRU, according to Crowdstrike, developed a variant of X-Agent to infect an Android mobile app in order to geolocate and destroy Ukraine’s D-30 howitzers. To do this, they chose an artillery app which had no way to send or receive data, and wrote malware for it that didn’t ask for GPS position information? Bitch, please.

[...]

Crowdstrike invented a “devastating” cyber attack out of thin air and called it DNA evidence of Russian government involvement.

Maybe it's time to investigate Crowdstrike.  Maybe we should start with co-founder Dmitri Alperovitch, a Russian ex-pat?

....but hey, do what you want...you will anyway.