Dmitri Alperovitch (born 1980)
Born 1980 Moscow, U.S.S.R.
Alma mater Georgia Institute of Technology
Co-founder & CTO, CrowdStrikeInc.
Senior Fellow, Atlantic Council
VP, Threat Research, McAfee, Inc.
Employer CrowdStrike, Inc.
Dmitri Alperovitch is a Russian-born American computer security industry executive. He is co-founder and chief technology officer of CrowdStrike. In August 2011, as vice president of threat research at McAfee, he published Operation Shady RAT, a report on suspected Chinese intrusions into at least 72 organizations, including defense contractors, businesses worldwide, the United Nations and the International Olympic Committee. Alperovitch is a naturalized American citizen born in Russia who came to the United States in 1994 with his family.
Early life and education
Born in Moscow in the Russian S.F.S.R., a constituent republic of the Soviet Union, Alperovitch is a U.S. citizen. In 1994, his father was granted a visa to Canada, and a year later the family moved to Chattanooga. Alperovitch earned a B.S. in computer science in 2001, and a M.S. in information security in 2003, both from Georgia Institute of Technology. It was the school’s first graduate degree in information security.
Alperovitch worked at a number of computer security startups in the late 1990s and early 2000s, including e-mail security startup CipherTrust, where he was one of the leading inventors of the TrustedSource reputation system. Upon acquisition of CipherTrust by Secure Computing in 2006, he led the research team and launched the Software-as-a-Service business for the company. Alperovitch took over as vice president of threat research at McAfee, when the company acquired Secure Computing in 2008.
In January 2010, he led the investigation into Operation Aurora, the Chinese intrusions into Google and two dozen other companies. Subsequently, he led the investigation of Night Dragon espionage operation of the Western multinational oil and gas companies, and traced them to Song Zhiyue, a Chinese national living in Heze City, Shandong Province.
In late 2011, along with entrepreneur George Kurtz and Gregg Marston, Dmitri Alperovitch co-founded and became the chief technology officer of CrowdStrike, a security technology company focused on helping enterprises and governments protect their intellectual property and secrets against cyberespionage and cybercrime.
In 2015 CapitalG (formerly Google Capital), led a $100 million capital drive for CrowdStrike. The firm brought on board senior FBI executives, such as Shawn Henry, former executive assistant director (EAD) of the FBI's Criminal, Cyber, Response and Services Branch, and Steve Chabinsky, former deputy assistant director of the FBI's Cyber Division. By May of 2017, CrowdStrike had received $256 million in funding from Warburg Pincus, Accel Partners, and Google Capital and its stock was valued at just under $1 billion.
At six o'clock on the morning of May 6, Dmitri Alperovitch woke up in a Los Angeles hotel to an alarming email.Alperovitch is the thirty-six-year-old cofounder of the cybersecurity Brm CrowdStrike, and late the previous night, his company had been asked by the Democratic National Committee to investigate a possible breach of its network. A CrowdStrike security expert had sent the DNC a proprietary software package, called Falcon, that monitors the networks of its clients in real time. Falcon "lit up," the email said, within ten seconds of being installed at the DNC: Russia was in the network.
Alperovitch, a slight man with a sharp, quick demeanor, called the analyst who had emailed the report. "Are we sure it's Russia?" he asked.
The analyst said there was no doubt. Falcon had detected malicious software, or malware, that was stealing data and sending it to the same servers that had been used in a 2015 attack on the German Bundestag. The code and techniques used against the DNC resembled those from earlier attacks on the White House and the State Department. The analyst, a former intelligence officer, told Alperovitch that Falcon had identiBed not one but two Russian intruders: Cozy Bear, a group CrowdStrike's experts believed was affiliated with the FSB, Russia's answer to the CIA; and Fancy Bear, which they had linked to the GRU, Russian military intelligence.
Alperovitch then called Shawn Henry, a tall, bald Bfty-four-year-old former executive assistant director at the FBI who is now CrowdStrike's president of services. Henry led a forensics team that retraced the hackers' steps and pieced together the pathology of the breach. Over the next two weeks, they learned that Cozy Bear had been stealing emails from the DNC for more than a year. Fancy Bear, on the other hand, had been in the network for only a few weeks. Its target was the DNC research department, speciBcally the material that the committee was compiling on Donald Trump and other Republicans. Meanwhile, a CrowdStrike group called the Overwatch team used Falcon to monitor the hackers, a process known as shoulder-surBng.
Ultimately, the teams decided it was necessary to replace the software on every computer at the DNC. Until the network was clean, secrecy was vital. On the afternoon of Friday, June 10, all DNC employees were instructed to leave their laptops in the office. Alperovitch told me that a few people worried that Hillary Clinton, the presumptive Democratic nominee, was clearing house. "Those poor people thought they were getting Bred," he says.
For the next two days, three CrowdStrike employees worked inside DNC headquarters, replacing the software and setting up new login credentials using what Alperovitch considers to be the most secure means of choosing a password: \ipping through the dictionary at random. (After this article was posted online, Alperovitch noted that the passwords included random characters in addition to the words.) The Overwatch team kept an eye on Falcon to ensure there were no new intrusions. On Sunday night, once the operation was complete, Alperovitch took his team to celebrate at the Brazilian steakhouse Fogo de Chão.
A few people worried that Hillary Clinton, the presumptive Democratic nominee, was clearing house.
Hacking, like domestic abuse, is a crime that tends to induce shame. Companies such as Yahoo usually publicize their breaches only when the law requires it. For this reason, Alperovitch says, he expected that the DNC, too, would want to keep quiet.
By the time of the hack, however, Donald Trump's relationship to Russia had become an issue in the election. The DNC wanted to go public. At the committee's request, Alperovitch and Henry briefed a reporter from The Washington Post about the attack. On June 14, soon after the Post story publicly linked Fancy Bear with the Russian GRU and Cozy Bear with the FSB for the Brst time, Alperovitch published a detailed blog post about the attacks.
Alperovitch told me he was thrilled that the DNC decided to publicize Russia's involvement. "Having a client give us the ability to tell the full story" was a "milestone in the industry," he says. "Not just highlighting a rogue nation-state's actions but explaining what was taken and how and when. These stories are almost never told."
In the Bve years since Alperovitch cofounded CrowdStrike, he and his company have played a critical role in the development of America's cyberdefense policy. Frank Cilluffo, the former special assistant to the president for homeland security, likens Alperovitch to Paul Revere: "Dmitri, as an individual, has played a signiBcant role in elevating cybersecurity policy not only inside the private sector but more generally."
When I met Alperovitch in late September, at his open-plan offices outside Washington, D.C., he explained that CrowdStrike was created to take advantage of a simple but central lesson he'd learned about stopping hackers. It's not enough, he says, to play defense with technology: "Otherwise the adversary will scale up and it becomes a game of numbers, which they will win." Instead, attribution is crucial: First you need to identify the perpetrator, then you need to discover what motivates the crime, and finally—most important—you need to Bgure out how to Bght back.
Before Alperovitch founded CrowdStrike, the idea that attribution ought to be a central defense against hackers was viewed as heresy. In 2011, he was working in Atlanta as the chief threat officer at the antivirus software Brm McAfee. While sifting through server logs in his apartment one night, he discovered evidence of a hacking campaign by the Chinese government. Eventually he learned that the campaign had been going on undetected for Bve years, and that the Chinese had compromised at least seventyone companies and organizations, including thirteen defense contractors, three electronics Brms, and the International Olympic Committee.
That the Chinese government had been stealing information from the private sector was a shock to the security industry and to many U. S. officials. Almost no one thought that foreign governments used the Internet for anything other than old-fashioned espionage. "This was not spy versus spy," says John Carlin, who was until recently the assistant attorney general for national security. The hacking was economic sabotage.
While Alperovitch was writing up his report on the breach, he received a call from Renee James, an executive at Intel, which had recently purchased McAfee. According to Alperovitch, James told him, "Dmitri, Intel has a lot of business in China. You cannot call out China in this report."
Alperovitch removed the word China from his analysis, calling the operation Shady Rat instead. He told me that James's intervention accelerated his plans to leave Intel. (James declined to comment.) He felt that he was "now being censored because I'm working for a company that's not really an American company."
Alperovitch and George Kurtz, a former colleague, founded CrowdStrike as a direct response. The cybersecurity industry at the time, Alperovitch says, was "terriBed of losing their ability to market products in China." Their new company would push the idea that hacking was a means, not an end. "We saw that no one's really focused on the adversary," Alperovitch told me. "No one's focusing exclusively on how can we actually identify them, attribute them, deter them from taking this action again." CrowdStrike's tagline encapsulated its philosophy: "You don't have a malware problem, you have an adversary problem."
Aperovitch's June 14 blog post garnered so much media attention that even its ebullient author felt slightly overwhelmed. Inevitably there were questions about the strange names his company had given the Russian hackers. As it happened, "Fancy Bear" and "Cozy Bear" were part of a coding system Alperovitch had created. Animals signiBed the hackers' country of origin: Russians were bears, Chinese were pandas, Iranians were kittens, and North Koreans were named for the chollima, a mythical winged horse. By company tradition, the analyst who discovers a new hacker gets to choose the Brst part of the nickname. Cozy Bear got its nickname because the letters coz appeared in its malware code. Fancy Bear, meanwhile, used malware that included the word Sofacy, which reminded the analyst who found it of the Iggy Azalea song "Fancy."
The day after the media maelstrom, the reporters were back with less friendly questions: Had Alperovitch gotten his facts right? Was he certain Russia was behind the DNC hacks? The doubts were prompted by the appearance of a blogger claiming to be from Eastern Europe who called himself Guccifer 2.0. Guccifer said that the breach was his, not Russia's. "DNC'S servers hacked by a lone hacker," he wrote in a blog post that included stolen Bles from the DNC. "I guess CrowdStrike customers should think twice about company's competence," Guccifer wrote. "Fuck CrowdStrike!!!!!!!!!"
Guccifer said that the breach was his, not Russia's
Alperovitch was bewildered. In a career spanning nearly two decades, he had never made an incorrect attribution in public. "Did we miss something?" he asked CrowdStrike's forensics team. Henry and his staff went back over the evidence, all of which supported their original conclusion.
Alperovitch had also never seen someone claim to be the only intruder on a site. "No hacker goes into the network and does a full forensic investigation," he told me. Being called out, he said, was "very shocking. It was clearly an attack on us as well as on the DNC."
Alperovitch initially thought that the leaks were standard espionage and that Guccifer's attacks on CrowdStrike were just a noisy reaction to being busted. "I thought, Okay, they got really upset that they were caught," he said. But after documents from the DNC continued to leak, Alperovitch decided the situation was far worse than that. He concluded that the Russians wanted to use the leaked Bles to manipulate U. S. voters—a Brst. "It hit me that, holy crap, this is an in\uence operation. They're actually trying to inject themselves into the election," he said. "I believe that we may very well wake up on the morning the day after the election and Bnd statements from Russian adversaries saying, 'Do not trust the result.' "
As it turned out, many reporters found Guccifer's leaked documents too cumbersome to sift through, and some were nervous that Bles from the strange website might contain viruses. But on July 22, three days before the Democratic convention in Philadelphia, WikiLeaks dumped a massive cache of emails that had been stolen from the DNC. Unlike the leaks published by Guccifer, these were organized and easily searchable. Reporters soon found emails suggesting that the DNC leadership had favored Hillary Clinton in her primary race against Bernie Sanders, which led Debbie Wasserman Schultz, the DNC chair, along with three other officials, to resign.
Days later, Alperovitch got a call from a Reuters reporter asking whether the Democratic Congressional Campaign Committee had been hacked. CrowdStrike had, in fact, been working on a breach at the DCCC; once again, Alperovitch believed that Russia was responsible. Now, however, he suspected that only Fancy Bear was involved. A lawyer for the DCCC gave Alperovitch permission to conBrm the leak and to name Russia as the suspected author.
Two weeks later, Bles from the DCCC began to appear on Guccifer 2.0's website. This time he released information about Democratic congressional candidates who were running close races in Florida, Ohio, Illinois, and Pennsylvania. On August 12, he went further, publishing a spreadsheet that included the personal email addresses and phone numbers of nearly two hundred Democratic members of Congress.
Alperovitch was in New York when he read about the leak on Twitter. He and Henry were asked to join a conference call with Nancy Pelosi, the House minority leader, and the chair of the DCCC. Pelosi said she'd warned her colleagues to keep their phones away from their grandchildren until they got new numbers, as some members of Congress had already received threatening messages. Alperovitch offered to install Falcon on representatives' computers until the election.
"I remember getting off that call feeling completely outraged," he said. "I called up Shawn. I'm like, 'I can't believe the Russians are getting away with it. These are congresspeople. I can't believe that there's still no response from this government.' "
Alperovitch's friends in government told him privately that an official attribution so close to the election would look political. If the government named Russia, it would be accused of carrying water for Hillary Clinton. The explanations upset Alperovitch. The silence of the American government began to feel both familiar and dangerous. "It doesn't help us if two years from now someone gets indicted," he said. After Michelle Obama's passport was published online, on September 22, Alperovitch threw up his hands in exasperation. "That is Putin giving us the Bnger," he told me.
Dmitri Alperovitch knows a thing or two about what the Russians call "active measures," in which propaganda is used to undermine a target country's political systems. He was born in 1980 in Moscow, in an era when people were afraid to discuss politics even inside their homes. His father, Michael, was a nuclear physicist who barely escaped being sent to Chernobyl as part of a rescue mission in 1986. Many of Michael's close friends and colleagues died of radiation poisoning within months of \ying to the burning power plant. The takeaway for Dmitri was that "life is cheap in the Soviet Union."
Michael also taught Dmitri to code. Without a computer at home, Dmitri practiced by writing down algorithms on paper. In 1990, his father was sent to Maryland as part of a nuclear-safety training program for scientists. Per Soviet custom, Dmitri stayed in the USSR to ensure that his parents didn't defect. He lived with his grandparents, and when his parents returned, after a year, they brought him his Brst computer, an IBM PC.
Without a computer at home, Dmitri practiced by writing down algorithms on paper
In 1994, his father was granted a visa to Canada, and a year later the family moved to Chattanooga, where Michael took a job with the Tennessee Valley Authority. The work was not particularly challenging, so Michael began studying cryptography on the side. While Dmitri was still in high school, he and his father started an encryption-technology business. Dmitri says he loved the beauty of the math but also saw cryptography's fatal \aw: "If someone stole your keys to encrypt the data, it didn't matter how secure the algorithms were."
Alperovitch studied computer science at Georgia Tech and went on to work at an antispam software Brm. There he met a striking dark-haired computer geek named Phyllis Schneck. As a teenager, Schneck once showed her father that she could hack into the company where he worked as an engineer. Appalled, Dr. Schneck made his daughter promise never to do something like that again.
Fighting email spam taught Alperovitch a second crucial lesson. He discovered that every time he blocked a server, the spammers deployed a hundred new servers to take its place. Alperovitch realized that defense was about psychology, not technology.
To better understand his adversaries, Alperovitch posed as a Russian gangster on spam discussion forums, an experience he wrote up in a series of reports. One day he returned from lunch to a voice mail telling him to call the FBI immediately. He was terriBed. "I was not a citizen yet," he told me.
As it happened, the bureau was interested in his work. The government was slowly waking up to the realization that the Internet was ripe for criminal exploitation: "the great price of the digital age," in John Carlin's words. In 2004, the bureau was hacked by Joseph Colon, a disgruntled IT consultant who gained "god-level" access to FBI Bles. Colon was eventually indicted, but his attack showed the government how vulnerable it was to cybercrime.
In 2005, Alperovitch \ew to Pittsburgh to meet an FBI agent named Keith Mularski, who had been asked to lead an undercover operation against a vast Russian credit-card-theft syndicate. Mularski had no prior experience with the Internet; he relied on Alperovitch, whom he calls "a good guy and a friend," to teach him how to get into the forum and speak the lingo. Mularski's sting operation took two years, but it ultimately brought about Bfty-six arrests.
Alperovitch's Brst big break in cyberdefense came in 2010, while he was at McAfee. The head of cybersecurity at Google told Alperovitch that Gmail accounts belonging to human-rights activists in China had been breached. Google suspected the Chinese government. Alperovitch found that the breach was unprecedented in scale; it affected more than a dozen of McAfee's clients.
Three days after his discovery, Alperovitch was on a plane to Washington. He'd been asked to vet a paragraph in a speech by the secretary of state, Hillary Clinton. She'd decided, for the Brst time, to call out another country for a cyberattack. "In an interconnected world," she said, "an attack on one nation's networks can be an attack on all."
Despite Clinton's announcement, Alperovitch believed that the government, paralyzed by bureaucracy and politics, was still moving too slowly. In 2014, Sony called in CrowdStrike to investigate a breach of its network. The company needed just two hours to identify North Korea as the adversary. Executives at Sony asked Alperovitch to go public with the information immediately, but it took the FBI another three weeks before it conBrmed the attribution.
The delay still frustrates Alperovitch, who saw the long silence as a kind of disinformation. "Yesterday you had no idea. Today you're 100 percent certain. It wasn't credible." From the perspective of the government, however, the handling of the Sony hack was a triumph. "In twenty-six days we Bgured out it was North Korea," John Carlin told me. The attribution changed the focus, he said, from what Sony did wrong to how the government was going to respond to North Korea. As Phyllis Schneck, who now works at the Department of Homeland Security, told me, the government moves slowly because it cannot afford to be wrong: "Vendors like to be Brst. Government must be right."
The government's attitude toward attribution moved closer to Alperovitch's in September 2015, in the run-up to a state visit by Chinese president Xi Jinping. A year earlier, Bve members of the Chinese People's Liberation Army had been indicted by a grand jury in Pennsylvania for stealing economic secrets from the computers of U. S. Brms in the nuclear, solar, and metals industries. Carlin told me that the indictments were meant as "a giant No Trespass sign: Get off our lawn." But the indictment didn't stop the hackers. Alperovitch went on television to call for a stronger response. In April 2015, after President Obama signed an executive order threatening sanctions against the Chinese, Alperovitch received a call from the White House. "You should be happy," he was told. "You're the one who's been pushing for this."
Six months later, just before the state visit, The Washington Post reported that the U. S. was considering making good on the executive order. A senior State Department official told me that Xi did not want to be embarrassed by an awkward visit. The Chinese sent over a negotiating team, and diplomats from both countries stayed up all night working out an agreement. During the state visit, Obama and Xi announced that "neither country's government will conduct or knowingly support cyber-enabled theft of intellectual property" for the purpose of economic espionage. Since then, the Chinese burglaries have slowed dramatically.
This past March, Alperovitch hosted a cyber war game at the Moscone Center in San Francisco. Four teams of ten people—representing the government, the private sector, European and Australian allies, and the hackers—met for two hours to play the game. Shawn Henry; John Carlin; Chris Painter, coordinator for cyber issues at the State Department; and Chris Inglis, the former deputy director of the NSA, were all part of the government team. Executives from JPMorgan Chase and Microsoft represented the private sector. A former member of GCHQ, the British intelligence organization, was on the international team. Frank Cilluffo played a hacker. Ash Carter, the defense secretary, arrived halfway through and asked to play, but the game was already under way, so he was politely turned down.
The game's premise was that ISIS had hacked the databases of several state DMVs and their European counterparts. After a twenty-minute brainstorm, the government team said it was organizing a crisis-response group, speaking to the private sector, and sharing information with the Department of Homeland Security and the FBI. The private team said it was trying to get information from the government. The international team, meanwhile, complained that no one had briefed it—a mistake, Alperovitch said.
The adversary team then stood up and announced, "While the government team is deliberating and talking to the private sector, we're going to kill some people." It was a chilling moment that had real-life echoes for many people in the room. In June 2015, a Kosovar named Ardit Ferizi hacked an online retailer and passed the personal details of more than a thousand U. S. government and military officials to a member of ISIS, who in turn posted them on Twitter. (The ISIS member was later killed by a U. S. drone strike in Syria, and the Kosovar hacker was sentenced to twenty-Bve years in prison.)
The government's reluctance to name the Russians as the authors of the DNC and DCCC hacks made Alperovitch feel that the lessons of the war game—call out your enemy and respond swiftly—had been wasted. He continued to be told by his friends in government that it was politically impossible for the United States to issue an official response to Russia. Some, especially in the State Department, argued that the United States needed Russia's help in Syria and could not afford to ratchet up hostilities. Others said an attribution without a concrete response would be meaningless. Still others insisted that classiBed security concerns demanded consideration.
Alperovitch was deeply frustrated: He thought the government should tell the world what it knew. There is, of course, an element of the personal in his battle cry. "A lot of people who are born here don't appreciate the freedoms we have, the opportunities we have, because they've never had it any other way," he told me. "I have."
"A lot of people who are born here don't appreciate the freedoms we have."
The government's hesitation was soon overtaken by events. During the Brst week of October, while Alperovitch was on a rare vacation, in Italy, Russia pulled out of an arms-reduction pact after being accused by the U. S. of bombing indiscriminately in Syria. The same day, the U. S. halted talks with Russia about a Syrian ceaseBre. On October 7, two days before the second presidential debate, Alperovitch got a phone call from a senior government official alerting him that a statement identifying Russia as the sponsor of the DNC attack would soon be released. (The statement, from the office of the director of national intelligence and the Department of Homeland Security, appeared later that day.) Once again, Alperovitch was thanked for pushing the government along.
He got the news just after leaving the Sistine Chapel. "It kind of put things in perspective," he told me. Though pleased, he wished the statement had warned that more leaks were likely. "It's nice that you have the DHS and DNI jointly putting the statement out on a Friday night, but the president coming out and saying, 'Mr. Putin, we know you're doing this, we Bnd it unacceptable, and you have to stop' would be beneBcial."
Less than a week later, after WikiLeaks released another cache of hacked emails—this time from John Podesta, Hillary Clinton's campaign chair—the White House announced that the president was considering a "proportional" response against Russia. Administration officials asked Alperovitch to attend a meeting to consider what to do. He was the only native Russian in the room. "You have to let them save face," he told the group. "Escalation will not end well."
“If someone steals your keys to encrypt the data, it doesn’t matter how secure the algorithms are.” — Dmitri Alperovitch, founder of CrowdStrike
Russians did not hack the DNC system, a Russian named Dmitri Alperovitch is the hacker and he works for President Obama. In the last five years the Obama administration has turned exclusively to one Russian to solve every major cyber-attack in America, whether the attack was on the U.S. government or a corporation. Only one “super-hero cyber-warrior” seems to “have the codes” to figure out “if” a system was hacked and by “whom.”
Dmitri’s company, CrowdStrike has been called in by Obama to solve mysterious attacks on many high level government agencies and American corporations, including: German Bundestag, Democratic National Committee, Democratic Congressional Campaign Committee (DCCC), the White House, the State Department, SONY, and many others.
CrowdStrike’s philosophy is: “You don’t have a malware problem; you have an adversary problem.”
CrowdStrike has played a critical role in the development of America’s cyber-defense policy. Dmitri Alperovitch and George Kurtz, a former head of the FBI cyberwarfare unit founded CrowdStrike. Shawn Henry, former executive assistant director at the FBI is now CrowdStrike’s president of services. The company is crawling with former U.S. intelligence agents.
Before Alperovitch founded CrowdStrike in 2011, he was working in Atlanta as the chief threat officer at the antivirus software firm McAfee, owned by Intel (a DARPA company). During that time, he “discovered” the Chinese had compromised at least seventy-one companies and organizations, including thirteen defense contractors, three electronics firms, and the International Olympic Committee. He was the only person to notice the biggest cyberattack in history! Nothing suspicious about that.
Alperovitch and the DNC
After CrowdStrike was hired as an independent “vendor” by the DNC to investigate a possible cyberattack on their system, Alperovitch sent the DNC a proprietary software package called Falcon that monitors the networks of its clients in real time. According to Alperovitch, Falcon “lit up,” within ten seconds of being installed at the DNC. Alperovitch had his “proof” in TEN SECONDS that Russia was in the network. This “alleged” evidence of Russian hacking has yet to be shared with anyone.
As Donald Trump has pointed out, the FBI, the agency that should have been immediately involved in hacking that effects “National Security,” has yet to even examine the DNC system to begin an investigation. Instead, the FBI and 16 other U.S. “intelligence” agencies simply “agree” with Obama’s most trusted “cyberwarfare” expert Dmitri Alperovitch’s “TEN SECOND” assessment that produced no evidence to support the claim.
Also remember that it is only Alperovitch and CrowdStrike that claim to have evidence that it was Russian hackers. In fact, only two hackers were found to have been in the system and were both identified by Alperovitch as Russian FSB (CIA) and the Russian GRU (DoD). It is only Alperovitch who claims that he knows that it is Putin behind these two hackers.
Alperovitch failed to mention in his conclusive “TEN SECOND” assessment that Guccifer 2.0 had already hacked the DNC and made available to the public the documents he hacked – before Alperovitch did his ten second assessment. Alperovitch reported that no other hackers were found, ignoring the fact that Guccifer 2.0 had already hacked and released DNC documents to the public. Alperovitch’s assessment also goes directly against Julian Assange’s repeated statements that the DNC leaks did not come from the Russians.
The ridiculously fake cyber-attack assessment done by Alperovitch and CrowdStrike naïvely flies in the face of the fact that a DNC insider admitted that he had released the DNC documents. Julian Assange implied in an interview that the murdered Democratic National Committee staffer, Seth Rich, was the source of a trove of damaging emails the website posted just days before the party’s convention. Seth was on his way to testify about the DNC leaks to the FBI when he was shot dead in the street.
It is also absurd to hear Alperovitch state that the Russian FSB (equivalent to the CIA) had been monitoring the DNC site for over a year and had done nothing. No attack, no theft, and no harm was done to the system by this “false-flag cyber-attack” on the DNC – or at least, Alperovitch “reported” there was an attack. The second hacker, the supposed Russian military (GRU – like the U.S. DoD) hacker, had just entered the system two weeks before and also had done “nothing” but observe.
It is only Alperovitch’s word that reports that the Russian FSB was “looking for files on Donald Trump.” It is only this false claim that spuriously ties Trump to the “alleged” attack. It is also only Alperovitch who believes that this hack that was supposedly “looking for Trump files” was an attempt to “influence” the election. No files were found about Trump by the second hacker, as we know from Wikileaks and Guccifer 2.0’s leaks. To confabulate that “Russian’s hacked the DNC to influence the elections” is the claim of one well-known Russian spy. Then, 17 U.S. intelligence agencies unanimously confirm that Alperovitch is correct – even though there is no evidence and no investigation was ever conducted.
How does Dmitri Alperovitch have such power? Why did Obama again and again use Alperovitch’s company, CrowdStrike, when they have miserably failed to stop further cyber-attacks on the systems they were hired to protect? Why should anyone believe CrowdStrikes false-flag report?
After documents from the DNC continued to leak, and Guccifer 2.0 and Wikileaks made CrowdStrike’s report look foolish, Alperovitch decided the situation was far worse than he had reported. He single-handedly concluded that the Russians were conducting an “influence operation” to help win the election for Trump. This false assertion had absolutely no evidence to back it up.
On July 22, three days before the Democratic convention in Philadelphia, WikiLeaks dumped a massive cache of emails that had been “stolen” (not hacked) from the DNC. Reporters soon found emails suggesting that the DNC leadership had favored Hillary Clinton in her primary race against Bernie Sanders, which led Debbie Wasserman Schultz, the DNC chair, along with three other officials, to resign.
Just days later, it was discovered that the Democratic Congressional Campaign Committee (DCCC) had been hacked. CrowdStrike was called in again and once again, Alperovitch immediately “believed” that Russia was responsible. A lawyer for the DCCC gave Alperovitch permission to confirm the leak and to name Russia as the suspected author. Two weeks later, files from the DCCC began to appear on Guccifer 2.0’s website. This time Guccifer released information about Democratic congressional candidates who were running close races in Florida, Ohio, Illinois, and Pennsylvania. On August 12, Guccifer went further, publishing a spreadsheet that included the personal email addresses and phone numbers of nearly two hundred Democratic members of Congress.
Once again, Guccifer 2.0 proved Alperovitch and CrowdStrike’s claims to be grossly incorrect about the hack originating from Russia, with Putin masterminding it all. Nancy Pelosi offered members of Congress Alperovitch’s suggestion of installing Falcon, the system that failed to stop cyberattacks at the DNC, on all congressional laptops.
Key Point: Once Falcon was installed on the computers of members of the U.S. Congress, CrowdStrike had even further full access into U.S. government accounts.
Alperovitch’s “Unbelievable” History
Dmitri was born in 1980 in Moscow where his father, Michael, was a nuclear physicist, (so Dmitri claims). Dmitri’s father was supposedly involved at the highest levels of Russian nuclear science. He also claims that his father taught him to write code as a child.
In 1990, his father was sent to Maryland as part of a nuclear-safety training program for scientists. In 1994, Michael Alperovitch was granted a visa to Canada, and a year later the family moved to Chattanooga, where Michael took a job with the Tennessee Valley Authority.
While Dmitri Alperovitch was still in high school, he and his father started an encryption-technology business. Dmitri studied computer science at Georgia Tech and went on to work at an antispam software firm. It was at this time that he realized that cyber-defense was more about psychology than it was about technology. A very odd thing to conclude.
Dmitri Alperovitch posed as a “Russian gangster” on spam discussion forums which brought his illegal activity to the attention of the FBI – as a criminal. In 2005, Dmitri flew to Pittsburgh to meet an FBI agent named Keith Mularski, who had been asked to lead an undercover operation against a vast Russian credit-card-theft syndicate. Alperovitch worked closely with Mularski’s sting operation which took two years, but it ultimately brought about fifty-six arrests. Dmitri Alperovitch then became a pawn of the FBI and CIA.
In 2010, while he was at McAfee, the head of cybersecurity at Google told Dmitri that Gmail accounts belonging to human-rights activists in China had been breached. Google suspected the Chinese government. Alperovitch found that the breach was unprecedented in scale; it affected more than a dozen of McAfee’s clients and involved the Chinese government. Three days after his supposed discovery, Alperovitch was on a plane to Washington where he had been asked to vet a paragraph in a speech by the secretary of state, Hillary Clinton.
2014, Sony called in CrowdStrike to investigate a breach of its network. Alperovitch needed just “two hours” to identify North Korea as the adversary. Executives at Sony asked Alperovitch to go public with the information immediately, but it took the FBI another three weeks before it confirmed the attribution.
Alperovitch then developed a list of “usual suspects” who were well-known hackers who had identifiable malware that they commonly used. Many people use the same malware and Alperovitch’s obsession with believing he has the only accurate list of hackers in the world is plain idiocy exacerbated by the U.S. government’s belief in his nonsense. Alperovitch even speaks like a “nut-case” in his personal Twitters, which generally have absolutely no references to the technology he is supposedly the best at in the entire world.
Dmitri – Front Man for His Father’s Russian Espionage Mission
After taking a close look at the disinformation around Dmitri and his father, it is clear to see that Michael Alperovitch became a CIA operative during his first visit to America. Upon his return to Russia, he stole the best Russian encryption codes that were used to protect the top-secret work of nuclear physics in which his father is alleged to have been a major player. Upon surrendering the codes to the CIA when he returned to Canada, the CIA made it possible for a Russian nuclear scientist to become an American citizen overnight and gain a top-secret security clearance to work at the Oakridge plant, one of the most secure and protected nuclear facilities in America. Only the CIA can transform a Russian into an American with a top-secret clearance overnight.
We can see on Michael Alperovitch’s Linked In page that he went from one fantastically top-secret job to the next without a break from the time he entered America. He seemed to be on a career path to work in every major U.S. agency in America. In every job he was hired as the top expert in the field and the leader of the company. All of these jobs after the first one were in cryptology, not nuclear physics. As a matter of fact, Michael became the top expert in America overnight and has stayed the top expert to this day.
Most of the work of cyber-security is creating secure interactions on a non-secure system like the Internet. The cryptologist who assigns the encryption codes controls the system from that point on.
Michael Alperovitch’s Linked In Page
Gorky State University, Russia, MS in Applied Mathematics
Sr. Security Architect : VT IDirect -2014 – Designing security architecture for satellite communications including cryptographic protocols, authentication.
Principal SME (Contractor) : DISA-Defense Information Systems Agency (Manager of the Global Information Grid) – 2012-2014 – Worked on PKI and identity management projects for DISA utilizing Elliptic Curve Cryptography. Performed application security and penetration testing.
Technical Lead (Contractor) : U.S. Department of the Treasury – 2011 – Designed enterprise validation service architecture for PKI certificate credentials with Single Sign On authentication.
Principal Software Engineer : Comtech Mobile Datacom – 2007-2010 – Subject matter expert on latest information security practices, including authentication, encryption and key management.
Sr. Software Engineer : TriCipher – 2006-2007 – Designed and developed security architecture for TriCipher Armored Credential Authentication System.
Lead Software Engineer : BellSouth – 2003-2006 – Designed and built server-side Jabber-based messaging platform with Single Sign On authentication.
Principal Software Research Engineer : Pathfire, Inc. – 2001-2002 – Designed and developed Digital Rights Management Server for Video on Demand and content distribution applications. Pathfire provides digital media distribution and management solutions to the television, media, and entertainment industries. The company offers Digital Media Gateway, a digital IP store-and-forward platform, delivering news stories, syndicated programming, advertising spots, and video news releases to broadcasters. It provides solutions for content providers and broadcasters, as well as station solutions.
11/14/2000 - Video Network, Inc. Closes $66 Million Financing Round,Announces Plans to Change Company Name to Pathfire
Key Strategic Investors Include Enron Broadband Services, Reuters and PanAmSat
New Pathfire Name Reflects Company’s Pioneering Applications for Distribution and Management of Digital Media Across Numerous Industries
ATLANTA, GEORGIA, and NEW YORK, NEW YORK, November 14, 2000
Video Networks Inc. (VNI), a leading business-to-business provider of digitized video and related e-commerce applications for the media industry, announced today that it has closed on a $66 million round of private financing led by Quadrangle Group LLC, a private equity firm specializing in the media and communications industries.
Quadrangle's $20 million investment was the cornerstone of a round of financing that also included several key strategic and financial investors, such as Enron Broadband Services, a subsidiary of Enron Corp. (NYSE: ENE); Halpern Denny & Company; PanAmSat (NASDAQ: SPOT); Reuters; Riggs Capital Partners; and Sand Hill Capital. VNI said that it expects to announce business partnerships with several of its new strategic investors in the near future.
This round of financing included participation by existing high-quality VNI investors, such as Alliance Technology Ventures, AT&T Ventures, Bank of America Capital Investors, Institutional Venture Partners (IVP), Kinetic Ventures, Monarch Capital Partners, Noro-Moseley Partners, UPS Strategic Enterprise Fund and U.S. Venture Partners. Robertson Stephens functioned as VNI's agent for this significant round of financing.
Michael J. Eckert, president and CEO of VNI, said, "We are pleased and gratified that such a large number of blue-chip companies and firms have joined our existing investors in supporting VNI's vision and direction, and we are quite enthusiastic about the significant strategic value they bring. Our ability to secure a lead investor of Quadrangle's stature represents a strong vote of confidence in our employees, and of course in our groundbreaking technology. Through its deep relationships and high regard within the media and communication industries, Quadrangle will be a valuable partner as we continue to build this company."
Joshua L. Steiner, managing principal of Quadrangle, said, "We believe that VNI offers its customers superior service and significant cost-savings. The fact that leading media companies like NBC and Charter Communications rely on VNI for mission-critical solutions gives us great confidence in the company's prospects."
Steven Rattner, managing principal of Quadrangle, said, "Quadrangle's strategy is to focus on high-quality investments in the media and communications industries, and to invest in companies where we can make a difference. We are very excited about this company and its management team, and we look forward to helping VNI increase its product offerings and expand its customer base."
Quadrangle will receive one seat on the VNI Board of Directors and has the right to nominate a second board member, subject to the approval of the other shareholders in this round of financing.
VNI is a leading business-to-business provider of digital media content distribution and management services to the broadcasting and cable industries, with emerging operations in the areas of radio, digital cinema, syndication and streaming content on the Internet. VNI provides a distribution platform and software applications for the delivery and management of digitized video content and has developed unique e-commerce solutions that improve the efficiency of related billing and processing transactions. VNI's customers include major broadcast networks, cable companies, advertising agencies and other leading media companies.
Company to Change Name to "Pathfire," Reflecting Its Continuing Evolution
VNI's decision to change its name to Pathfire reflects a new stage of its development and its unique ability to distribute and manage digital media across numerous segments of the media industry.
The name is meant to evoke the speed and efficiency the company's leading-edge software applications and related networking capabilities bring to the management and exchange of digitized media assets in the cable, broadcast, media and entertainment industries. The company will officially adopt the Pathfire name and will launch an extensive rebranding campaign during the first quarter of 2001.
"We wanted a name that evoked the things we do as a company as well as the unique and dynamic way in which we do them," Eckert said. "Pathfire speaks to our ability to distribute content and also to our ability to surround that content with applications and services that make it more valuable."
Quadrangle Group LLC is an investment firm specializing in the media and communications industries. It was founded in March 2000 by four Managing Directors of Lazard Frères & Co. LLC who have more than 50 years of combined experience in private equity and in media and communications. The firm's advisory board and other investors include many prominent executives of leading media and communications companies.
Video Networks Inc.
Laurie Sillay Lahr
Director, Marketing Communications
770.619.0801, ext. 1240
Tom Engdahl is a rare bird in these parts, and he almost migrated to California.
The CEO of 8-week-old Video Networks Inc. is a veteran entrepreneur, with two successful start-ups on his resume. West Coast venture capitalists, who love backing a proven commodity, wanted to back VNI, but only if he relocated to his native California.
That didn't sit well with the locals here, not to mention Engdahl and his family, comfortably ensconced in Atlanta since 1983. So Engdahl and venture capitalist Stephen Fleming, with the help of several institutions, convinced the investors -- two prestigious West Coast venture funds -- through cajoling and cash that Atlanta could profitably house VNI.
Though his North Atlanta office has little furniture and personnel (the sign outside still reads "Commonwealth Insurance," the previous tenant), Engdahl has secured investments from Fleming's Atlanta-based Alliance Technology Ventures, as well as Institutional Venture Partners (IVP) and U.S. Venture Partners (USVP), both based in Palo Alto, Calif. Rosemont, Ill.-based Comdisco Inc., whose network VNI will use, also has an equity stake in the company.
The total investment is worth about $4.3 million. VNI wants to transmit video digitally through an electronic infrastructure -- not a new idea, but one no one has successfully executed.
After Engdahl left Digital Video Inc. -- his second successful start-up -- in 1995, IVP general partner Geoff Yang offered him a slot as an "entrepreneur in residence" at IVP. Engdahl commuted between Atlanta and Palo Alto for a year, advising potential investors and researching his next opportunity.
Dmitri Alperovitch’s story began several years earlier. Dmitri immigrated to America in the 1990s from the Soviet Union while in his mid-teens. His family settled in Chattanooga, Tennessee, which is different in many ways from Russia’s capital city Moscow, one of the most populated cities in the world. One thing that served Dmitri well in America was his education in Soviet schools, which emphasized math and science. Dmitri became interested in cybersecurity at a young age. “I started a company with my dad when I was still in high school,” he told me in an interview. His father, a nuclear physicist, wasn’t able to get a job in nuclear power, given the lack of new plants being built in the U.S. However, he became interested in cryptography. “I got more interested in the security side of cryptography and encryption and realized early on that no matter how good you were mathematically, if someone was able to steal your keys, then the quality of the algorithm didn’t matter.”
Dmitri attended Georgia Tech and received the school’s first graduate degree in information security. He considered himself fortunate to land a job with CipherTrust, an email security company, and expected to work on encryption and cryptography. Instead, the company focused on how to block spam, including phishing attacks, that were being launched through email. “It highlighted how quickly things can deteriorate. We went from 5% of email traffic being spam to 95% in less than 6 months.”
Dmitri thinks the malware industry was slow to learn because malware threats evolved less rapidly. At CipherTrust, he gained an appreciation for the importance of gaining intelligence. “I started infiltrating those underground forums where the spammers were talking about their latest capabilities . . . That’s something we’ve leveraged heavily at CrowdStrike, to be an intelligence-driven company, so we can stay one step ahead.”
In 2011, George Kurtz, Dmitri Alperovitch and Gregg Marston founded CrowdStrike, and it is now headquartered in Sunnyvale, CA, with a valuation of $3 billion and approximately 1,200 employees. According to CrowdStrike, its customers now include “12 of the 20 Fortune largest global companies, 10 of the 20 largest financial institutions,” and many of the largest energy, healthcare providers and technology companies. (CrowdStrike is considering an initial public offering in 2019, according to Reuters.) CrowdStrike is one of 50 current U.S. billion-dollar startups with an immigrant founder, according to research by the National Foundation for American Policy.
Immigrants play a major role in the company. Dmitri Alperovitch is the company’s chief technology officer. Alex Ionescu, who was born in Romania, worked in Canada and then immigrated to the U.S., is chief architect and helped design the company’s “end-point solution,” according to Dmitri. Dr. Sven Krasser, an immigrant from Germany, is CrowdStrike’s chief scientist.
From the beginning, the company sought to hire people without the limitation of geographic location, a not uncommon practice in cutting-edge companies and something policymakers should keep in mind when proposing immigration restrictions. Dmitri notes he never even met many of the CrowdStrike’s first employees until an “all-hands meeting in New York” weeks after the company started. [...]
● The Top Secret Messenger software was developed by Encryption Software Inc. It encrypts the messages of some of the most popular instant messaging programs today, like ICQ and MSN. It can also be used with e-mail clients such as Microsoft Outlook and Outlook Express to encrypt e-mail messages. This product uses both private and public key cryptosystems, including a 307-bit key for its implementation of the ECC.
"Elliptic curves were proposed for use as the basis for discrete logarithm-based cryptosystems almost 20 years ago, independently by Victor Miller of IBM and Neal Koblitz of the University of Washington . At that time, elliptic curves were already being used in various cryptographic contexts.
Elliptic curves are rich mathematical structures that have shown usefulness in many different types of applications. ECC, like RSA has the role in digital signatures, secure key distribution, and encryption. ECC has the upper hand in the efficiency of algorithm. Some devices have limited processing capacity, storage, power supply, and bandwidth like the newer wireless devices and cellular telephones. When used, efficiency of the resource use is very important in these devices. ECC provides encryption functionality requiring a smaller percentage of the resources required by RSA and other algorithms, so it is used in these types of devices. In most cases, the longer the key length, the more protection that is provided, but ECC can provide the same level of protection with a smaller key size than RSA. Since smaller keys as in ECC require fewer resources of the device to perform the mathematical tasks. ECC cryptosystems use the properties of elliptic curves in their public key systems. The elliptic curves provide ways of constructing groups of elements and specific rules of how the elements within these groups combine. The properties between the groups are used to build cryptographic algorithms."
Top Secret Messenger :Top Secret Messenger (TSM) is product developed by Encryption Software, Inc. It provides a powerful public-key encryption platform, TSM provides integrated add-on for popular instant messengers thus integrating the new IM technology with existing system applications
Top Secret Messenger (Encryption Software Inc; $15; Windows (Outlook), plus...): http://www.encrsoft.com
Authentication Giant VeriSign Hacked Repeatedly in 2010
By Matt Liebowitz
updated 2/3/2012 2:50:09 PM ET
Update: VeriSign has released a public statement about the data breach. See below.
VeriSign, the Internet infrastructure company at the heart of the World Wide Web, was hacked repeatedly in 2010 by attackers who stole undisclosed but potentially critical information.
According to a report by Reuters, the previously undisclosed breaches took place in 2010 at the Reston, Va.-based firm, which verifies the integrity of top-level domains including all .com and .net addresses and until recently was one of the largest providers of Secure Sockets Layer (SSL) authentication certificates, used by most financial sites to ensure the legitimacy of sites beginning with "https."
"Oh my God," said Stewart Baker, formerly of the Department of Homeland Security and the National Security Agency, when told by Reuters of the breach. "That could allow people to imitate almost any company on the Net."
VeriSign told Reuters its executives "do not believe these attacks breached the servers that support our Domain Name System network," but it did not rule out the possibility of such an attack.
Compromising a Domain Name System (DNS) server could be catastrophic, as these servers verify that a site's Internet Protocol address — for example, 184.108.40.206 — matches up with what users type in to their browsers, such as "www.securitynewsdaily.com."
If an outside party tampered with a company's DNS servers, especially those as powerful as VeriSign's, that could potentially mean millions of people navigating to sites like Google and Amazon, or to their online banking websites, would actually be landing on spoofed, malicious sites controlled by the perpetrators.
In August 2010, VeriSign sold its authentication-certificate business to security-software giant Symantec. Authentication certificates, also known as SSL certificates, are issued to online retailers and other companies that sell products and provide services online. Those companies use the certificates to verify their identities to Web browsers. For example, an authentication certificate known to belong to Amazon proves to your browser that you're logged into the Amazon website.
Were the information about both the DNS server verification and the authentication certificates to fall into the wrong hands, malicious parties could "spoof" large parts of the Internet and World Wide Web.
"You could create a Bank of America certificate or Google certificate that is trusted by every browser in the world," Dmitri Alperovitch, head of Asymmetric Cyber Operations, LLC, and until recently vice president of threat research at Symantec's main rival, McAfee, told Reuters.
The Reuters report did not say if the data breach occurred before or after VeriSign transferred its authentication-certificate business to Symantec. SecurityNewsDaily could not reach VeriSign for comment.
"There is no indication that the 2010 corporate network security breach mentioned by VeriSign, Inc. was related to the acquired SSL product production systems," a Symantec spokeswoman told Reuters.
The VeriSign attacks came to light in a U.S. Securities and Exchange Commission filing in October that followed new SEC guidelines on disclosing security breaches to investors.
1999 - Encryption Software in business - TSM is available -
ICQ Password Revealer
From: dmitri () ENCRSOFT COM (Dmitri Alperovitch)
Date: Mon, 10 May 1999 09:29:01 -0400
A few weeks ago, it was posted that ICQ99 stores the password used to access the ICQ network in plain-text in the .DAT files.
We have written a program that demonstrates this by parsing these .DAT files for password and showing it to the user.
It can be downloaded at http://www.encrsoft.com/products.html#icqpass
Note: The option to save password can be turned off in ICQ's Security & Privacy settings.
Encryption Software - Developers of TSM for ICQ, an ICQ encryption add-on
dmitri () encrsoft com
Microsoft is investigating a complaint that expired Hotmail accounts retain the linked MS Instant Messenger buddy lists, and those lists are available to the next person who registers the same e-mail address on a Hotmail account.
Microsoft spokeswoman Leslie Hui acknowledged the company is aware of the problem, but didn't say for how long, or when the access to supposedly expired buddy lists would be closed off.
The glitch first came to light more than a year ago, when Dmitri Alperovitch, a software developer and part-founder of Encryption Software Inc., left a message at the Bugtraq Web site in which he detailed the programming glitches. He didn't indicate that the possible holes had created any real problems.
Alperovitch wrote in an e-mail to Computerworld, "I did not receive any official response from Microsoft" after his Bugtraq post last year.
"I first checked it a year ago because I expected Microsoft to learn from the mistakes that ICQ and other early IM developers have made in regards with security. I was left quite disappointed that they repeated the same mistakes that others have made, in regards to not using any kind of encryption and also tying the service so closely to Hotmail, which has been plagued with all kinds of security problems in the recent months, which could have potentially compromised the security of not only users' e-mails, but also their IM contact lists and messages." [...]
The list honors innovators in five categories: inventors, entrepreneurs, visionaries, humanitarians and pioneers. To compile the list, MIT Technology Review editors solicited nominations, selected fewer than 100 finalists and asked a distinguished panel of judges to score each finalist on the originality and impact of their work. From those scores, editors compiled the final list of 35 innovators.
Dmitri Alperovitch, 32, was recognized in the entrepreneur category for his role in co-founding the security company CrowdStrike, which enables cyber-attack victims to strike back against cyber-espionage.
Vijay Balasubramaniyan, 33, was recognized in the inventor category for developing Pindrop Security, which enables its clients to determine the origins of fraudulent phone calls, including those attempting identity theft.
Julie Kientz, 33, was recognized in the visionary category for her work in using computing tools to help people with sleep disorders and families with autistic children. She now works at the University of Washington, where she directs the Computing for Healthy Living and Learning Lab.
Alperovitch earned a bachelor’s degree in computer science in 2001 and a master’s in information security in 2003, both at Georgia Tech. Balasubramaniyan earned a doctorate in computer science from Georgia Tech in 2011. Both men completed research at the College of Computing’s Information Security Center. Kientz earned her doctorate in computer science in 2008, completing her research in the School of Interactive Computing.
Dmitri's citizenship papers were approved Oct. 25th, 2010. The public record of his citizenship application is blocked from public records by the U.S. Citizenship and Immigration Services. His file is marked, "Withheld pursuant to (b)(6) COW2010000515".
Baby Bear earned a bachelor’s degree in computer science in 2001 and a master’s in information security in 2003, both at Georgia Tech