The U.S. government is actually exceptionally vulnerable.
— Dmitri Alperovitch
We've been worried for some time that one of the ways that North Korea can retaliate against further escalation of tensions is via cyber, and particularly attacks against our financial sector. This is something they have really perfected as an art against South Korea.
CrowdStrike stands fully by its analysis and findings identifying two separate Russian intelligence-affiliated adversaries present in the DNC network in May 2016.
Chollima is actually a national animal of North Korea. It's a mythical flying horse.
AI is going to be extremely beneficial, and already is, to the field of cybersecurity. It's also going to be beneficial to criminals.
Cyber espionage is very lucrative for economic benefit to a nation.
The GRU is used for both tactical intelligence collection in the battlefield in support of Russian military operations and also strategic active measures or psychological warfare overseas.
Victims don't want to know they're victims. I guess that's just victim psychology: if you don't know about it, it's not really happening.
Fancy Bear actually went after opposition research and, specifically, research related to the Trump candidacy.
Every world leader is trying to figure out who Mr. Trump is, especially if he's elected president, and they want to know what his foreign policies would be. Russia is no exception.
A rapidly growing number of nation states have determined that cyberespionage is a highly valuable tool not only to steal national and military secrets but also to pillage the most valuable business information from international competitors and pass it on to domestic industries to help them out-innovate and out-negotiate their rivals.
When I see something like Russian intelligence services interfering with our electoral process, I find that incredibly offensive.
We should enable the private sector to engage in self-defense in the cyber world like we do in the physical world.
If someone stole your keys to encrypt the data, it didn't matter how secure the algorithms were.
The U.S. is not great at defense, but in my travels overseas, I realized that everyone else is even worse.
Russia is a Tier 1 cyber power.
Advanced nation-states are now using cyber power for unrestricted economic warfare and national security-motivated espionage, as well as a force multiplier and signaling instrument in conflicts.
I think every organization needs to assume that they are compromised.
Cyber criminals are good... but they cut corners. They don't spend a lot of time tweaking things and making sure that every aspect of the attack is obfuscated.
I divide the entire set of Fortune Global 2000 firms into two categories: those that know they've been compromised and those that don't yet know.
Out of any country on the planet, I can't think of a country that has been more focused than Iran from the high levels of government on cyber, and that includes the United States.
It's been really hard to watch the news of this Anonymous and LulzSec stuff because most of what they do - defacing Web sites and running denial-of-service attacks - is not serious. It's really just nuisance.
With Fancy Bear, we have medium-level confidence it's GRU, which is Russia's military intelligence agency, and with Cozy Bear, we have low-level confidence it's FSB, the Russian federal security service.
While cyber espionage is having a tremendous negative affect on the global economy from the theft-caused drain of intellectual property and the resulting adverse incentives for continued investments in innovative growth, the threat from destructive and disruptive attacks is amplifying the risks even further.
Transnational organized cybercriminal groups have stolen hundreds of millions of dollars from financial institutions and ordinary citizens.
After the investigation of Operation Aurora, the cyberattack on Google from within China that was revealed in 2010, I realized a completely new type of security strategy and technology was needed.
What you really want is for a cyberattack to be very costly and risky so it is used only rarely and only against really high-value targets.
You have a very large population of hackers in Eastern Europe in general and Russia especially. A lot of them consider themselves patriotic individuals and will take broad direction from government policies.
The Chinese need to be held accountable for their continued attempts to steal IP and trade secrets through cyber-intrusions into commercial companies.
It's a great honor to be selected as one of 'Foreign Policy''s Leading Global Thinkers for 2013.
I think it's safe to say that the Russians are extremely interested in anything that has to do with the U.S. political system. And it's not out of the realm of possibility that they are in many other systems.
In Russia, you have political parties engaged in all kinds of nefarious activity. And they may just assume that in America it works the exact same way.
In 2018, my biggest worry is actually about North Korea. I worry a great deal that they may do a destructive attack, perhaps against our financial sector, in an attempt to deter a potential U.S. strike against either their nuclear facilities or even the regime itself.
In the physical world, we would never blame the victim of the assault for that assault taking place, but yet we do so all the time in the cyber world. I think that's completely misguided.
Obviously, you have the DNC engaged in communication with lots of different parties, and anything you can use to gain intelligence about what's going on in the U.S. political system and what the candidates are thinking is of high interest to Russian intelligence.
The difference between theft and destruction is often a few keystrokes.
The Internet is a global resource that does not belong to any one nation or alliance. It has contributed to amazing economic growth, collaboration, civil education, and awe-inspiring lifestyle improvements for billions of people.
Organizations, whether they are nonprofits or enterprise, need to be aware that nation-states are coming after them for political espionage, economic espionage, or destructive attacks.
At CrowdStrike, we look for traces of the adversary and try to find out who the adversary is, what they are after, and what their tradecraft is. We also disseminate that information to enable collective action.
A lot of people who are born here don't appreciate the freedoms we have, the opportunities we have, because they've never had it any other way.
