The cybersecurity firm CrowdStrike rose to global prominence in mid-June 2016 when it publicly accused Russia of hacking the Democratic National Committee and stealing its data. The previously unknown company’s explosive allegation set off a seismic chain of events that engulfs U.S. national politics to this day. The Hillary Clinton campaign seized on CrowdStrike’s claim by accusing Russia of meddling in the election to help Donald Trump. U.S. intelligence officials would soon also endorse CrowdStrike’s allegation and pursue what amounted to a multi-year, all-consuming investigation of Russian interference and Trump’s potential complicity.
With the next presidential election now in its final weeks, the Democrats’ national leader, Nancy Pelosi, is seizing a different opportunity with the publicly traded firm. Recent financial disclosure filings show that the House speaker and her husband, Paul Pelosi, have invested up to $1 million in CrowdStrike Holdings. The Pelosis purchased the stock at a share price of $129.25 on Sept. 3. At the time of this article’s publication, the price has risen to $142.97.
Drew Hammill, spokesman for House Speaker Nancy Pelosi, said: “Speaker Pelosi is not involved in her husband’s investments and was not aware of the investment until the required filing was made. Mr. Pelosi is a private investor and has investments in a number of publicly-traded companies. The Speaker fully complies with House Rules and the relevant statutory requirements.”
The Pelosis’ sizeable investment in CrowdStrike could revive scrutiny of the company’s involvement in the Trump-Russia saga since the Democrats’ 2016 election loss.
After generating the hacking allegation against Russia in 2016, CrowdStrike played a critical role in the FBI’s ensuing investigation of the DNC data theft. CrowdStrike executives shared intelligence with the FBI on a consistent basis, making dozens of contacts in the investigation’s early months. According to Esquire, when U.S. intelligence officials first accused Russia of conducting malicious cyber activity in October 2016, a senior U.S. government official personally alerted CrowdStrike co-founder Dmitri Alperovitch and thanked him “for pushing the government along.” The final reports of both Special Counsel Robert Mueller and the Senate Intelligence Committee cite CrowdStrike’s forensics. The firm’s centrality to Russiagate has drawn the ire of President Trump. During the fateful July 2019 phone call that would later trigger impeachment proceedings, Trump asked Ukraine’s Volodymyr Zelensky to scrutinize CrowdStrike’s role in the DNC server breach, suggesting that the company may have been involved in hiding the real perpetrators.
Pelosi’s recent investment in CrowdStrike also adds a new partisan entanglement for a company with significant connections to Democratic Party and intelligence officials that drove Russiagate.
DNC law firm Perkins Coie hired CrowdStrike to investigate the breach in late April 2016. At the outset, Perkins Coie attorney Michael Sussmann personally informed CrowdStrike officials that Russia was suspected of breaching the server. By the time CrowdStrike went public with the Russian hacking allegation less than two months later, Perkins Coie had recently hired Fusion GPS, the opposition research firm that produced discredited Steele dossier alleging a longstanding conspiracy between Trump and Russia.
CrowdStrike President Shawn Henry, who led the team that remediated the DNC breach and blamed Russia for the hacking, previously served as assistant director at the FBI under Robert Mueller. Since June 2015, Henry has also worked as an analyst at MSNBC, the cable network that has promoted debunked Trump-Russia innuendo perhaps more than any other outlet. Alperovitch, the co-founder and former chief technology officer, is a former nonresident senior fellow at the Atlantic Council, the Washington organization that actively lobbies for a hawkish posture toward Russia.
Campaign disclosures also show that CrowdStrike contributed $100,000 to the Democratic Governors Association in 2016 and 2017.
The firm’s multiple conflicts of interest in the Russia investigation coincide with a series of embarrassing disclosures that call into question its technical reliability.
In early 2017, CrowdStrike was forced to retract its allegation that Russia had hacked Ukrainian military equipment with the same malware the firm claimed to have discovered inside the DNC server.
During the FBI’s investigation of the DNC breach, CrowdStrike never provided direct access to the pilfered servers, rebuffing multiple requests that came from officials all the way up to then-Director James Comey. The FBI had to rely on CrowdStrike’s own images of the servers, as well as reports that Justice Department officials later acknowledged were delivered in incomplete, redacted form. James Trainor, who served as assistant director of the FBI’s Cyber Division, complained to the Senate Intelligence Committee that the DNC’s cooperation with the FBI’s 2016 hack investigation was “slow and laborious in many respects” and that CrowdStrike’s information was “scrubbed” before it was handed over. Alperovitch, the former CTO, has claimed that CrowdStrike installed its Falcon software to protect the DNC server on May 5, 2016. Yet the Democratic Party emails were stolen from the server three weeks later, from May 25 to June 1.
Yet the most damaging revelation calling into question CrowdStrike’s Russian hacking allegations came with an admission early in the Russia probe that was only made public this year. Unsealed testimony from the House Intelligence Committee shows that Henry admitted under oath behind closed doors in December 2017 that the firm “did not have concrete evidence” that Russian hackers actually stole any emails or other data from the DNC servers. “There’s circumstantial evidence, but no evidence that they were actually exfiltrated,” Henry said. “There are times when we can see data exfiltrated, and we can say conclusively. But in this case it appears it was set up to be exfiltrated, but we just don’t have the evidence that says it actually left.”
The Henry testimony was among a trove of damning transcripts released by House Intelligence Committee Chairman Adam Schiff only after pressure from the then-acting Director of the Office of the Director of National Intelligence, Richard Grenell.
As RealClearInvestigations reported last month, Henry’s House testimony also conflicts with his testimony before the Senate Intelligence Committee two months prior, in October 2017. According to the Senate report, Henry claimed that CrowdStrike was “able to see some exfiltration and the types of files that had been touched,” but not the files’ content. Yet two months later, Henry told the House that “we didn’t see the data leave, but we believe it left, based on what we saw.”
Notably, Henry’s acknowledgment to the House that CrowdStrike did not have evidence of exfiltration came only after he was interrupted and prodded by his attorneys to correct an initial answer. Right before that intervention from CrowdStrike counsel, Henry had falsely asserted that he knew when Russian hackers had exfiltrated the stolen information:
Adam Schiff: Do you know the date in which the Russians exfiltrated the data from the DNC?
Shawn Henry: I do. I have to just think about it. I don’t know. I mean, it’s in our report that I think the Committee has.
Schiff: And, to the best of your recollection, when would that have been?
Henry: Counsel just reminded me that, as it relates to the DNC, we have indicators that data was exfiltrated. We do not have concrete evidence that data was exfiltrated from the DNC, but we have indicators that it was exfiltrated.
Henry then improbably argued that, in the absence of evidence showing the emails leaving the DNC server, Russian hackers could have taken individual screenshots of each of the 44,053 emails and 17,761 attachments that were ultimately put out by WikiLeaks.
Keeping Henry’s admission under wraps for nearly four years was highly consequential. The allegation of Russian hacking was elevated to a dire national security issue, and anyone who dared to question it – including President Trump – was accused of doing the Kremlin’s bidding. The hacking allegation also helped plunge U.S.-Russia relations to new lows. Under persistent bipartisan pressure over allegations of Russian meddling, Trump has approved a series of punitive measures and aggressive policies toward Moscow, shunning his own campaign vow to seek cooperation.
Meanwhile, during the several years that CrowdStrike’s own uncertainty about its hacking allegation was kept from the public, the firm has enjoyed a stratospheric rise on Wall Street. In 2017, one year after lodging its Russia hacking allegations, CrowdStrike had a valuation of $1 billion. Three years later, after going public in 2019, the firm’s valuation was set at $6.7 billion, and soon hit $11.4 billion. Just over a year later, its market cap was $31.37 billion. CrowdStrike has more than doubled its revenue on average every year, going from $52.75 million in 2017 to $481.41 million in 2020.
CrowdStrike and Fusion GPS, which spread Trump-Russia collusion allegations via the Steele dossier, are not the only private companies to play a critical and lucrative role in the Trump-Russia saga.
The firm New Knowledge, staffed by several former Democratic Party operatives and intelligence officials, authored a disputed report for the Senate Intelligence Committee that accused a Russian troll farm of a sophisticated social media interference campaign that duped millions of vulnerable Americans. Ironically, the company itself took part in a social media disinformation operation in the 2017 Alabama Senate race to help elect the ultimate victor, Democratic candidate Doug Jones. Just as the Democratic Party’s impeachment proceedings were in full swing a year ago, another cybersecurity firm with Democratic Party ties, Area One, accused the Russian spy agency GRU of hacking into the Ukrainian company Burisma with the aim of uncovering dirt on Joe Biden. Graphika, a firm with extensive ties to the Atlantic Council and the Pentagon, has recently put out reports accusing Russians of impersonating left-wing and right-wing websites to fool hyper-partisan American audiences.
Having generated the seminal Russian hacking allegation, CrowdStrike sits at the top of what has become a booming cottage industry of firms and organizations to help shape the multi-year barrage of Russia fear-mongering and innuendo. And with her new investment in CrowdStrike, Nancy Pelosi — the highest-ranking elected official of a party that has promoted Russiagate above all else — is already profiting from its success.