The cyber-security company Crowdstrike has claimed that "Russia" hacked artillery units of the Ukrainian army, but the claim is completely baseless and false. The Crowdstrike report, released in December, asserted that the hack into a Ukrainian artillery app, resulted in heavy losses of howitzers in Ukraine’s war against the Donbass.
The company led by a one Dimitry Alperovich, a Senior Fellow of the NATO-aligned think tank the Atlantic Council, found “evidence” of involvement by Russian intelligence services.
In interviews, Alperovitch had linked Ukraine and Democratic campaign hacks, which Crowdstrike declared had involved the same Russian hacking group, Fancy Bear, and versions of X-Agent malware the group was known to use.
Crowdstrike investigators had claimed that the artillery units of the Ukrainian army had had “excessive combat losses” of up to 80 percent in their fight with Donbass separatists.
The company asserted that Russian intelligence “hacked” an application used by the Ukrainians to aim their guns. The hack, it was claimed, enabled well targeted counter-fire that then destroyed the Ukrainian artillery.
“The fact that they would be tracking and helping the Russian military kill Ukrainian army personnel in eastern Ukraine and also intervening in the US election is quite chilling,” Alperovitch told The Washington Post on December 22.
The same day, Alperovitch told the PBS NewsHour: “And when you think about, well, who would be interested in targeting Ukraine artillerymen in eastern Ukraine?” suggesting again that Russians were responsible.
“It’s pretty high confidence that Fancy Bear had to be in touch with the Russian military,” Dmitri Alperovich told Forbes. “This is exactly what the mission is of the GRU.”
Crowdstrike had based its numbers for “excessive losses” of Ukrainian artillery units on statistics collected by the International Institute for Strategic Studies (IISS). The IISS now says that its statistic do not provide what Crowdstrike claimed. There were no “excessive losses” of Ukrainian artillery.
The IISS told Voice of America that Crowdstrike had erroneously used IISS data as proof of such an intrusion. IISS has disavowed any connection to the Crowdstrike report.
“The Crowdstrike report uses our data, but the inferences and analysis drawn from that data belong solely to the report’s authors,” the IISS said. “The inference they make that reductions in Ukrainian D-30 artillery holdings between 2013 and 2016 were primarily the result of combat losses is not a conclusion that we have ever suggested ourselves, nor one we believe to be accurate,” the IISS said.
It seems that the whole “Ukrainian artillery hack” claims by Crowdstrike was simply made up. There was no “hack” and the claimed damage from the “hack” did not occur at all. Crowdstrike had evidently invented a “crime” and “Russian hacking” where none had happened.
Yaroslav Sherstyuk, maker of the Ukrainian military app in question, called the company’s report “delusional” in a Facebook post. Crowdstrike also never contacted him before or after its report was published, he told VOA.
The company’s credibility is now at stake, because the firm was the first to link last year’s hacks of Democratic Party computers to “Russian hackers”. There were and are also no Russian troops fighting in Donbass regardless of what Alperovitch asserts. According to Esquire.com, Alperovitch had vetted speeches for Hillary Clinton about cyber security issues in the past.
Alperovitch, a Russian expatriate working at the Atlantic Council policy research center in Washington, co-founded the company in 2011. The firm boasts two former FBI agents: Shawn Henry, who oversaw global cyber investigations at the agency, and Steven Chabinsky, who was the agency’s top cyber lawyer and had served on an Obama administration’s cybersecurity commission.