Open main menu

CrowdStrike, Inc. is an American cybersecurity technology company based in Sunnyvale, California. The company provides endpoint security, threat intelligence, and cyberattack response services.[1] The company has been involved in investigations of several high profile cyber-attacks, including the Sony Pictures hack,[2] the 2016 Democratic National Committee email leak, and the Democratic National Committee cyber attacks.[3]

CrowdStrike
Public
Traded asNASDAQCRWD (Class A)
IndustryInformation security
Founded2011
FoundersGeorge Kurtz, Dmitri Alperovitch
HeadquartersSunnyvale, California, U.S.
Key people
George Kurtz, CEO
Dmitri Alperovitch, CTO
Products
Number of employees
1,683 (April 30, 2019)
ParentCrowdStrike Holdings, Inc.
Websitecrowdstrike.com

The company is a wholly owned subsidiary of CrowdStrike Holdings, Inc.

According to the company, its customers include 44 of the Fortune 100 and 37 of the 100 top global companies.[4]

Contents

HistoryEdit

CrowdStrike was co-founded by George Kurtz (CEO),[5][6] Dmitri Alperovitch (CTO),[7] and Gregg Marston (CFO, retired) in 2011.[8][9] In 2012, Shawn Henry, a former Federal Bureau of Investigation (FBI) executive who led both the FBI's criminal and cyber divisions, was hired to lead sister company CrowdStrike Services, Inc., which focused on proactive and incident response services.[10] In June 2013, the company launched its first product, CrowdStrike Falcon.[11] The company became known for providing threat intelligence and attribution to nation state actors[12] that are conducting economic espionage and IP theft.[13]

In May 2014, supported by CrowdStrike's reports, the United States Department of Justice charged five Chinese military hackers for economic cyber espionage against United States corporations. CrowdStrike also uncovered the activities of Energetic Bear, an adversary group connected to the Russian Federation that conducted intelligence operations against global targets, primarily in the energy sector.

After the public Sony Pictures hack, CrowdStrike produced evidence implicating the government of North Korea within 48 hours, and demonstrated how the attack was carried out.[14] In 2014, CrowdStrike played a major role in identifying members of Putter Panda, the state-sponsored Chinese group also known as PLA Unit 61486, as the perpetrators of a number of cyberattacks on U.S. infrastructure and defense, as well as on European satellite and aerospace industries.[15][16]

In 2014 and 2015, CRN Magazine named the company to its Top Emerging Vendors List.[17] In May 2015, the company released researcher Jason Geffner's discovery of VENOM, a critical flaw in an open-source hypervisor called Quick Emulator (QEMU),[18] which is used in a number of common virtualization products. This vulnerability could allow attackers to access sensitive personal information.[19] In October 2015, CrowdStrike announced that it had identified Chinese hackers attacking technology and pharmaceutical companies immediately before and after President Barack Obama and Chinese President Xi Jinping publicly agreed not to use cyber-spies to conduct economic espionage against the other. The alleged hacking would have been in violation of that agreement.[20]

In 2016, the company was ranked #40 on the Deloitte Technology Fast 500, North America list,[21] and Inc. named CrowdStrike as one of America's 500 fastest-growing companies.[22]

CrowdStrike released research in 2017 showing that 66 percent of the attacks to which the company responded that year were fileless or malware-free. The company also compiled data on the average time needed to detect an attack and the percentage of attacks detected by organizations themselves.[23] In 2017 and 2018, CrowdStrike was listed on LinkedIn’s Top Companies: Start Ups,[24][25] on the Forbes Cloud 100,[26][27] and as one of the CNBC Disruptor 50.[28][29]

In February 2018, CrowdStrike reported that in November and December 2017 it had observed a credential harvesting operation in the international sporting sector, with possible links to the cyber attack on the opening ceremonies of the Winter Olympics in Pyeongchang.[30] That same month, Crowdstrike released research showing that 39 percent of all attacks observed by the company were malware-free intrusions. The company also named which industries attackers most frequently targeted.[31] That March, the company released a version of its Falcon product for mobile devices and launched the CrowdStrike store, which opens the Falcon platform to third-party applications.[32]

In January 2019, CrowdStrike published research reporting that Ryuk ransomware, used by cyber actor Grim Spider to target businesses, had accumulated more than $3.7 million in cryptocurrency payments since it first appeared in August.[33]

Also in 2019, CrowdStrike released its 2018 Global Threat Report, which ranked cybercriminals in order of fastest actors to operate within a network, with Russia coming in first.[34][35] The company also revealed that it tracked 81 named state-sponsored actors in 2018, and at least 28 were conducting active operations throughout the year. The research showed that of the sophisticated attacks that the company attributed to nation-states, China was responsible for the plurality: more than 25 percent.[36]

FundingEdit

In July 2015, Google invested in the company's Series C funding round, which in total raised $100 million. Series D in May 2017 brought in $100 million,[37] and Series E in June 2018 brought in $200 million.[38] In total, as of May 2019, the company has raised more than $480 million in funding.[39] In June 2018, the company said it was valued at more than $3 billion.[40] Investors include Telstra, March Capital Partners, Rackspace, Accel Partners and Warburg Pincus.[41][42]

As of 2017, CrowdStrike received $256 million of funding. Its estimated annual revenue at the time was $100 million, with a valuation of more than $1 billion.[43] Investors included Telstra, March Capital Partners, Rackspace, Accel Partners and Warburg Pincus.[44][45]

In June 2019, the company made its IPO on the NASDAQ.[46][47]

Russian hacking investigationsEdit

CrowdStrike helped investigate the Democratic National Committee cyber attacks and connected those attacks to Russian intelligence services. On March 20, 2017 during testimony before congress, James Comey stated "CrowdStrike, Mandiant, and ThreatConnect review[ed] the evidence of the hack and conclude[d] with high certainty that it was the work of APT 28 and APT 29 who are known to be Russian intelligence services."[48]

In December 2016, CrowdStrike released a report stating that Russian government-affiliated group Fancy Bear had hacked a Ukrainian artillery app.[49] They concluded that Russia had used the hack to cause large losses to Ukrainian artillery units. The app (called ArtOS) is installed on tablet PCs and used for fire-control.[50] The earliest version of the app (supported until 2015) was called POPR-D30 and installed on Android phones and tablets. CrowdStrike found a hacked variation of POPR-D30 being distributed on Ukrainian military forums that utilized an X-Agent implant.[51]

The International Institute for Strategic Studies rejected CrowdStrike's assessment of hacking causing losses to Ukrainian artillery units, saying that their data on Ukrainian D30 howitzer losses was misused by CrowdStrike in their report. The Ukrainian Ministry of Defense also rejected the CrowdStrike report, stating that actual artillery losses were "several times smaller than the number reported by [CrowdStrike] and are not associated with [Russian hacking]".[52]

Cybersecurity firm SecureWorks discovered a list of email addresses targeted by Fancy Bear in phishing attacks.[53] The list included the email address of Yaroslav Sherstyuk, the developer of ArtOS.[54] Additional Associated Press research supports CrowdStrike's conclusions about Fancy Bear.[55] Radio Free Europe notes that the AP report "lends some credence to the original CrowdStrike report, showing that the app had, in fact, been targeted."[56]

Following CrowdStrike's investigation of the 2016 Democratic National Committee hacks, journalist Yasha Levine questioned CrowdStrike's methodology, citing it as "forensics in reverse."[57]

Corporate affairsEdit

Fortune has given CrowdStrike three of its "Great Place to Work" awards,[58][59] and Inc. has praised the company's remote work program.[60]

ReferencesEdit

  1. ^ "CrowdStrike's security software targets bad guys, not their malware". TechRepublic.
  2. ^ "CrowdStrike demonstrates how attackers wiped the data from the machines at Sony". International Data Group. 2015. Retrieved 9 June 2016.
  3. ^ "Clinton campaign — and some cyber experts — say Russia is behind email release". The Washington Post. 24 July 2016.
  4. ^ "Learn More About Us | CrowdStrike". crowdstrike.com. Retrieved 1 July 2019.
  5. ^ "George Kurtz - President, CEO and Co-Founder of Crowdstrike". crowdstrike.com. Retrieved 1 July 2019.
  6. ^ "In conversation with George Kurtz, CEO of CrowdStrike". Fortune. Retrieved 1 July 2019.
  7. ^ "Dmitri Alperovitch - Co-founder and CTO of Crowdstrike". crowdstrike.com. Retrieved 1 July 2019.
  8. ^ "Standing up at the gates of hell: CrowdStrike CEO George Kurtz". Fortune. 29 July 2015.
  9. ^ Albert-Deitch, Cameron (15 May 2019). "CrowdStrike, the $3.4 Billion Startup That Fought Russian Spies in 2016, Just Filed for an IPO". Inc.com. Retrieved 1 July 2019.
  10. ^ Messmer, Ellen. "Top FBI cyber cop joins startup CrowdStrike to fight enterprise intrusions". Network World.
  11. ^ Messmer, Ellen (18 June 2013). "Start-up tackles advanced persistent threats on Microsoft, Apple computers". Network World. Retrieved 1 July 2019.
  12. ^ Editorial, Reuters. "Business & Financial News, U.S & International Breaking News | Reuters". U.S. Retrieved 1 July 2019.
  13. ^ "U.S. firm CrowdStrike claims success in deterring Chinese hackers". Reuters. 13 April 2015. Retrieved 14 June 2016.
  14. ^ "What's in a typo? More evidence tying North Korea to the Sony hack". PCWorld. Retrieved 14 June 2016.
  15. ^ Perlroth, Nicole (9 June 2014). "2nd China Army Unit Implicated in Online Spying". The New York Times. ISSN 0362-4331. Retrieved 14 June 2016.
  16. ^ "Second China unit accued of cyber crime". Financial Times. 10 June 2014. Retrieved 10 June 2014.
  17. ^ Staff, C. R. N. "2015 Emerging Vendors". CRN. Retrieved 1 July 2019.
  18. ^ "'Venom' vulnerability: Serious computer bug shatters cloud security". Fortune. 13 May 2015. Retrieved 14 June 2016.
  19. ^ Goodin, Dan (13 May 2015). "Extremely serious virtual machine bug threatens cloud providers everywhere". Ars Technica. Retrieved 1 July 2019.
  20. ^ Yadron, Danny. "Report Warns of Chinese Hacking". WSJ. Retrieved 1 July 2019.
  21. ^ "2016 Winners by rank" (PDF). Deloitte. Archived from the original (PDF) on 7 February 2019. Retrieved 2 July 2019.
  22. ^ "CrowdStrike". Inc.com. Retrieved 1 July 2019.
  23. ^ Gallagher, Sean (6 December 2017). ""Malware-free" attacks mount in big breaches, CrowdStrike finds". Ars Technica. Retrieved 1 July 2019.
  24. ^ "LinkedIn Top Companies | Startups: The 50 industry disruptors you need to know now". www.linkedin.com. Retrieved 1 July 2019.
  25. ^ "LinkedIn Top Startups 2018: The 50 most sought-after startups in the U.S. (26-50)". www.linkedin.com. Retrieved 1 July 2019.
  26. ^ Communications, Forbes Corporate. "Forbes Releases 2017 Cloud 100 List of the Best Private Cloud Companies in the World". Forbes. Retrieved 1 July 2019.
  27. ^ Communications, Forbes Corporate. "Forbes Releases 2018 Cloud 100 List of the Best Private Cloud Companies in the World". Forbes. Retrieved 1 July 2019.
  28. ^ CNBC (16 May 2017). "The 2017 CNBC Disruptor 50 list of companies". www.cnbc.com. Retrieved 1 July 2019.
  29. ^ staff, CNBC com (22 May 2018). "Meet the 2018 CNBC Disruptor 50 companies". www.cnbc.com. Retrieved 1 July 2019.
  30. ^ "Russian actors mentioned as possibly launching cyberattack on 2018 Winter Olympic Games". SC Media. 12 February 2018. Retrieved 1 July 2019.
  31. ^ "Cyber criminals catching up with nation state attacks". ComputerWeekly.com. Retrieved 1 July 2019.
  32. ^ "CrowdStrike announces endpoint detection for mobile devices". channellife.com.au. Retrieved 1 July 2019.
  33. ^ "Ryuk ransomware poses growing threat to enterprises". SearchSecurity. Retrieved 1 July 2019.
  34. ^ "Russian hackers 8 times faster than Chinese, Iranians, North Koreans". NBC News. Retrieved 1 July 2019.
  35. ^ Greenberg, Andy (19 February 2019). "Russian Hackers Go From Foothold to Full-On Breach in 19 Minutes". Wired. ISSN 1059-1028. Retrieved 1 July 2019.
  36. ^ "Persistent Attackers Rarely Use Bespoke Malware". Dark Reading. Retrieved 1 July 2019.
  37. ^ Kuranda, Sarah (17 May 2017). "Crowdstrike Lands $100M Funding Round, Looks To Expand Globally And Invest In Partners". CRN. Retrieved 1 July 2019.
  38. ^ "Cybersecurity startup CrowdStrike raises $200 million at $3 billion valuation". VentureBeat. 19 June 2018. Retrieved 1 July 2019.
  39. ^ "CrowdStrike". Crunchbase. Retrieved 1 July 2019.
  40. ^ "Cybersecurity startup CrowdStrike raises $200 million at $3 billion valuation". VentureBeat. 19 June 2018. Retrieved 1 July 2019.
  41. ^ "Security Company CrowdStrike Scores $100M Led By Google Capital". TechCrunch. Retrieved 1 July 2019.
  42. ^ "CrowdStrike". Warburg Pincus. Retrieved 1 July 2019.
  43. ^ Hackett, Robert. (May 17, 2017). "Hack Investigator CrowdStrike Reaches $1 Billion Valuation". Fortune website Retrieved 9 June 2017.
  44. ^ Miller, Ron. "Security Company CrowdStrike Scores $100M Led By Google Capital". TechCrunch.
  45. ^ "CrowdStrike - Warburg Pincus".
  46. ^ Murphy, Hannah (12 June 2019). "Cyber security group CrowdStrike's shares jump nearly 90% after IPO". Financial Times.
  47. ^ Feiner, Lauren (12 June 2019). "CrowdStrike pops more than 70% in debut, now worth over $11 billion". CNBC. Retrieved 12 June 2019.
  48. ^ https://www.washingtonpost.com/news/post-politics/wp/2017/03/20/full-transcript-fbi-director-james-comey-testifies-on-russian-interference-in-2016-election/ Retrieved 2017-05-22.
  49. ^ "Russian hackers linked to DNC attack also targeted Ukrainian military, says report". theverge.com. 23 December 2016. Retrieved 26 June 2019.
  50. ^ Noosphere engineering school (31 October 2015). "New brainchild of engineering school was tested by the armed forces". noosphereengineering.com. Retrieved 28 December 2017.
  51. ^ Boldi (3 January 2017). "Technical details on the Fancy Bear Android malware (poprd30.apk)". Laboratory of Cryptography and System Security, Budapest University of Technology and Economics. Retrieved 8 February 2018.
  52. ^ Kuzmenko, Oleksiy (23 March 2017). "Think Tank: Cyber Firm at Center of Russian Hacking Charges Misread Data". Voice of America. Retrieved 20 December 2017.
  53. ^ Secureworks counter threat unit threat intelligence (26 June 2016). "Threat Group-4127 targets Google accounts". Secureworks. Retrieved 8 February 2018.
  54. ^ Miller, Christopher (2 November 2017). "'Fancy Bear Tried To Hack E-Mail Of Ukrainian Making Artillery-Guidance App'". RadioFreeEurope. Retrieved 8 February 2018.
  55. ^ Satter, Raphael (2 November 2017). "Russia hackers pursued Putin foes, not just US Democrats". Associated Press. Retrieved 2 April 2019.
  56. ^ Miller, Christopher (2 November 2017). "'Fancy Bear' Tried To Hack E-Mail Of Ukrainian Making Artillery-Guidance App". Radio Free Europe/Radio Liberty. Retrieved 2 April 2019.
  57. ^ "From Russia, with Panic | Yasha Levine". The Baffler. 6 March 2017. Retrieved 18 June 2019.
  58. ^ Work, Great Place to. "CrowdStrike, Inc". Great Place To Work United States. Retrieved 1 July 2019.
  59. ^ Daum, Kevin (15 December 2017). "Unlike IBM, This Company Figured Out How to Make Working From Home Happy and Productive for Everyone". Inc.com. Retrieved 1 July 2019.
  60. ^ Daum, Kevin (15 December 2017). "Unlike IBM, This Company Figured Out How to Make Working From Home Happy and Productive for Everyone". Inc.com. Retrieved 1 July 2019.

External linksEdit