Company:CrowdStrike

From HandWiki
Revision as of 19:10, 9 February 2024 by DanMescoff (talk | contribs) (simplify)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Short description: American cybersecurity technology company
CrowdStrike Holdings, Inc.
TypePublic company
IndustryInformation security
Founded2011; 13 years ago (2011)
Founders
  • George Kurtz
  • Dmitri Alperovitch
  • Gregg Marston
HeadquartersAustin, Texas , U.S.
Key people
George Kurtz (CEO)
Products
RevenueIncrease US$2.241 billion (2023)
Decrease US$−190 million (2023)
Increase US$−183 million (2023)
Total assetsIncrease US$5.027 billion (2023)
Total equityIncrease US$1.464 billion (2023)
Number of employees
7,273 (2023)
Websitehttps://www.crowdstrike.com
Footnotes / references
Financials (As of January 2023).[2]

CrowdStrike Holdings, Inc. is an American cybersecurity technology company based in Austin, Texas . It provides cloud workload and endpoint security, threat intelligence, and cyberattack response services.[3][4] The company has been involved in investigations of several high-profile cyberattacks, including the 2014 Sony Pictures hack, the 2015–16 cyber attacks on the Democratic National Committee (DNC), and the 2016 email leak involving the DNC.[5][6]

History

CrowdStrike was co-founded by George Kurtz (CEO), Dmitri Alperovitch (former CTO), and Gregg Marston (CFO, retired) in 2011.[7][8][9][10] In 2012, Shawn Henry, a former Federal Bureau of Investigation (FBI) official, was hired to lead the subsidiary CrowdStrike Services, Inc., which focused on proactive and incident response services.[11][12] In June 2013, the company launched its first product, CrowdStrike Falcon, which provided endpoint protection, threat intelligence and attribution.[13][14]

In May 2014, CrowdStrike's reports assisted the United States Department of Justice in charging five Chinese military hackers for economic cyber espionage against United States corporations.[15] CrowdStrike also uncovered the activities of Energetic Bear, a group connected to the Russian Federation that conducted intelligence operations against global targets, primarily in the energy sector.[16]

After the Sony Pictures hack, CrowdStrike uncovered evidence implicating the government of North Korea and demonstrated how the attack was carried out.[17] In 2014, CrowdStrike played a major role in identifying members of Putter Panda, the state-sponsored Chinese group of hackers also known as PLA Unit 61486.[18][19]

In May 2015, the company released information about VENOM, a critical flaw in an open-source hypervisor called Quick Emulator (QEMU), that allowed attackers to access sensitive personal information.[20][21] In October 2015, CrowdStrike announced that it had identified Chinese hackers attacking technology and pharmaceutical companies around the time that US President Barack Obama and China's Paramount leader Xi Jinping publicly agreed not to conduct economic espionage against each other. The alleged hacking would have been in violation of that agreement.[22]

CrowdStrike released research in 2017 showing that 66 percent of the attacks the company responded to that year were fileless or malware-free. The company also compiled data on the average time needed to detect an attack and the percentage of attacks detected by organizations.[23]

In February 2018, CrowdStrike reported that, in November and December 2017, it had observed a credential harvesting operation in the international sporting sector, with possible links to the cyberattack on the opening ceremonies of the Winter Olympics in Pyeongchang.[24] That same month, CrowdStrike released research showing that 39 percent of all attacks observed by the company were malware-free intrusions. The company also named which industries attackers most frequently targeted.[25] That March, the company released a version of Falcon for mobile devices and launched the CrowdStrike store.[26]

In January 2019, CrowdStrike published research reporting that Ryuk ransomware had accumulated more than $3.7 million in cryptocurrency payments since it first appeared in August.[27][28]

According to CrowdStrike's 2018 Global Threat Report, Russia has the fastest cybercriminals in the world.[29][30] The company also claimed that, of 81 named state-sponsored actors it tracked in 2018, at least 28 conducted active operations throughout the year, with China being responsible for more than 25 percent of sophisticated attacks.[31]

In September 2020, CrowdStrike acquired zero trust and conditional access technology provider Preempt Security for $96 million.[32]

In March 2021, CrowdStrike acquired Danish log management platform Humio for $400 million.[33] Official CrowdStrike releases noted that the acquisition is to further their XDR capability.

In November 2021, CrowdStrike acquired SecureCircle for $61 million, a SaaS-based cybersecurity service that extends Zero Trust security to data on, from and to the endpoint.[34]

In December 2021, CrowdStrike moved its headquarters location from Sunnyvale, California to Austin, Texas.[35]

In March 2023, CrowdStrike released the ninth annual edition of the cybersecurity leader's seminal report citing surge in global identity thefts.[36]

Funding

In July 2015, Google invested in the company's Series C funding round, which was followed by Series D and Series E, raising a total of $480 million as of May 2019.[37][38][39] In 2017, the company reached a valuation of more than $1 billion with an estimated annual revenue of $100 million.[40] In June 2018, the company said it was valued at more than $3 billion.[38] Investors include Telstra, March Capital Partners, Rackspace, Accel Partners and Warburg Pincus.[41][42]

In June 2019, the company made an initial public offering (IPO) on the NASDAQ.[43][44]

Russian hacking investigations

CrowdStrike helped investigate the Democratic National Committee cyberattacks and a connection to Russian intelligence services. On March 20, 2017, James Comey testified before congress stating, "CrowdStrike, Mandiant, and ThreatConnect review[ed] the evidence of the hack and conclude[d] with high certainty that it was the work of APT 28 and APT 29 who are known to be Russian intelligence services."[45]

In December 2016, CrowdStrike released a report stating that Russian government-affiliated group Fancy Bear had hacked a Ukrainian artillery app.[46] They concluded that Russia had used the hack to cause large losses to Ukrainian artillery units. The app (called ArtOS) is installed on tablet PCs and used for fire-control.[47] CrowdStrike also found a hacked variation of POPR-D30 being distributed on Ukrainian military forums that utilized an X-Agent implant.[48]

The International Institute for Strategic Studies rejected CrowdStrike's assessment that claimed hacking caused losses to Ukrainian artillery units, saying that their data on Ukrainian D30 howitzer losses was misused in CrowdStrike's report. The Ukrainian Ministry of Defense also rejected the CrowdStrike report, stating that actual artillery losses were much smaller than what was reported by CrowdStrike and were not associated with Russian hacking.[49]

Cybersecurity firm SecureWorks discovered a list of email addresses targeted by Fancy Bear in phishing attacks.[50] The list included the email address of Yaroslav Sherstyuk, the developer of ArtOS.[51] Additional Associated Press research supports CrowdStrike's conclusions about Fancy Bear.[52] Radio Free Europe notes that the AP report "lends some credence to the original CrowdStrike report, showing that the app had, in fact, been targeted."[53]

In the Trump–Ukraine scandal, a transcript of a conversation between Donald Trump, the former president of the United States, and Volodymyr Zelensky, the president of Ukraine, had Trump asking Zelensky to look into a conspiracy theory propagated by the Russian security services regarding CrowdStrike.[vague][54]

Recognition

  • 2021 AWS Global Public Sector Partner Award for best cybersecurity solution[55]
  • 2021 Canada AWS Partner Award as the ISV Partner of the Year[56]
  • 2021 Ranked #1 for Modern Endpoint Security 2020 Market Shares in IDC's Worldwide Corporate Endpoint Security Market Shares, 2020 Report[57]

Motorsport

No. 04 CrowdStrike/ DXDT Racing Mercedes-AMG GT3 Evo driven by Colin Braun and George Kurtz at the Road America.
No. 44 Mercedes-AMG Petronas F1 Team Mercedes W13 F1 car driven by Lewis Hamilton at the Imola Circuit.

Since March 2021 CrowdStrike has been the official sponsor of the Formula One safety car, the Mercedes-AMG GT R.[58] In 2022, it was announced that Crowdstrike would become the title sponsor of the 24 Hours of Spa endurance race from 2023 onwards.[59]

See also

  • Timeline of Russian interference in the 2016 United States elections
  • Timeline of investigations into Trump and Russia (January–June 2017)

References

  1. Lyons Hardcastle, Jessica. "CrowdStrike Falcon Hunts Security Threats, Cloud Misconfigs". https://www.sdxcentral.com/articles/news/crowdstrike-falcon-hunts-security-threats-cloud-misconfigs/2020/10/. 
  2. "US SEC: Form 10-K Crowdstrike Holdings, Inc.". U.S. Securities and Exchange Commission. 9 March 2023. https://www.sec.gov/ix?doc=/Archives/edgar/data/1535527/000153552723000008/crwd-20230131.htm. 
  3. Duggan, Wayne (17 March 2021). "Why CrowdStrike Is A Top Growth Stock Pick". Benzinga (Yahoo! Finance). https://finance.yahoo.com/news/why-crowdstrike-top-growth-stock-203957674.html. 
  4. "CrowdStrike's security software targets bad guys, not their malware". TechRepublic. 9 October 2015. http://www.techrepublic.com/article/crowdstrikes-security-software-targets-bad-guys-not-their-malware/. 
  5. "CrowdStrike demonstrates how attackers wiped the data from the machines at Sony". International Data Group. 2015. http://www.csoonline.com/article/2880095/cyber-attacks-espionage/crowdstrike-demonstrates-how-attackers-wiped-the-data-from-the-machines-at-sony.html. 
  6. "Clinton campaign — and some cyber experts — say Russia is behind email release". The Washington Post. July 24, 2016. https://www.washingtonpost.com/politics/clinton-campaign--and-some-cyber-experts--say-russia-is-behind-email-release/2016/07/24/5b5428e6-51a8-11e6-bbf5-957ad17b4385_story.html. 
  7. "In conversation with George Kurtz, CEO of CrowdStrike" (in en). https://fortune.com/2015/07/29/crowdstrike-cybersecurity-george-kurtz/. 
  8. "Bloomberg - Dmitri Alperovitch". https://www.bloomberg.com/profile/person/17185150?sref=eMecddu3. 
  9. "Standing up at the gates of hell: CrowdStrike CEO George Kurtz". Fortune. 29 July 2015. http://fortune.com/2015/07/29/crowdstrike-cybersecurity-george-kurtz/. 
  10. Albert-Deitch, Cameron (2019-05-15). "CrowdStrike, the $3.4 Billion Startup That Fought Russian Spies in 2016, Just Filed for an IPO". https://www.inc.com/cameron-albert-deitch/crowdstrike-cybersecurity-unicorn-ipo.html. 
  11. Ragan, Steve (23 April 2012). "Former FBI Exec to Head CrowdStrike Services". SecurityWeek. https://www.securityweek.com/former-fbi-exec-head-crowdstrike-services. 
  12. Messmer, Ellen (18 April 2012). "Top FBI cyber cop joins startup CrowdStrike to fight enterprise intrusions". Network World. http://www.networkworld.com/article/2187808/malware-cybercrime/top-fbi-cyber-cop-joins-startup-crowdstrike-to-fight-enterprise-intrusions.html. 
  13. Messmer, Ellen (2013-06-18). "Start-up tackles advanced persistent threats on Microsoft, Apple computers" (in en). https://www.networkworld.com/article/2168251/start-up-tackles-advanced-persistent-threats-on-microsoft--apple-computers.html. 
  14. "U.S. firm CrowdStrike claims success in deterring Chinese hackers". Reuters. 2015-04-13. https://www.reuters.com/assets/print?aid=USKBN0N41PT20150413. 
  15. Gorman, Devlin Barrett and Siobhan (2014-05-20). "U.S. Charges Five in Chinese Army With Hacking" (in en-US). Wall Street Journal. ISSN 0099-9660. https://www.wsj.com/articles/u-s-justice-department-to-charge-chinese-army-workers-hacked-u-s-firms-1400499708. 
  16. "The old foe, new attack and unsolved mystery in the recent U.S. energy sector hacking campaign" (in en). 2017-07-12. https://www.cyberscoop.com/us-nuclear-hack-russia-energetic-bear-fireeye-phishing-watering-hole/. 
  17. "What's in a typo? More evidence tying North Korea to the Sony hack". http://www.pcworld.com/article/2885592/whats-in-a-typo-more-evidence-tying-north-korea-to-the-sony-hack.html. 
  18. Perlroth, Nicole (2014-06-09). "2nd China Army Unit Implicated in Online Spying". The New York Times. ISSN 0362-4331. https://www.nytimes.com/2014/06/10/technology/private-report-further-details-chinese-cyberattacks.html?pagewanted=print. 
  19. "Second China unit accued of cyber crime". Financial Times. June 10, 2014. http://www.ft.com/intl/cms/s/0/3a1652ce-f027-11e3-9b4c-00144feabdc0.html. 
  20. "'Venom' vulnerability: Serious computer bug shatters cloud security". 2015-05-13. http://fortune.com/2015/05/13/venom-vulnerability/. 
  21. Goodin, Dan (2015-05-13). "Extremely serious virtual machine bug threatens cloud providers everywhere" (in en-us). https://arstechnica.com/information-technology/2015/05/extremely-serious-virtual-machine-bug-threatens-cloud-providers-everywhere/. 
  22. Yadron, Danny (19 October 2015). "Report Warns of Chinese Hacking" (in en-US). Wall Street Journal. https://www.wsj.com/articles/report-warns-of-chinese-hacking-1445227440. 
  23. Gallagher, Sean (2017-12-06). ""Malware-free" attacks mount in big breaches, CrowdStrike finds" (in en-us). https://arstechnica.com/information-technology/2017/12/malware-free-attacks-mount-in-big-breaches-crowdstrike-finds/. 
  24. "Russian actors mentioned as possibly launching cyberattack on 2018 Winter Olympic Games" (in en-US). 2018-02-12. https://www.scmagazine.com/home/security-news/russian-actors-mentioned-as-possibly-launching-cyberattack-on-2018-winter-olympic-games/. 
  25. "Cyber criminals catching up with nation state attacks" (in en). https://www.computerweekly.com/news/252435701/Cyber-criminals-catching-up-with-nation-state-attacks. 
  26. "CrowdStrike announces endpoint detection for mobile devices" (in en). https://channellife.com.au/story/crowdstrike-announces-endpoint-detection-for-mobile-devices. 
  27. "Ryuk ransomware poses growing threat to enterprises" (in en). https://searchsecurity.techtarget.com/news/252455919/Ryuk-ransomware-poses-growing-threat-to-enterprises. 
  28. "Ryuk ransomware shows Russian criminal group is going big or going home" (in en). 2019-01-10. https://www.cyberscoop.com/ryuk-ransomware-shows-russian-criminal-group-is-going-big-or-going-home/. 
  29. "Russian hackers 8 times faster than Chinese, Iranians, North Koreans" (in en). 19 February 2019. https://www.nbcnews.com/news/world/russian-hackers-8-times-faster-chinese-iranians-north-koreans-says-n972926. 
  30. Greenberg, Andy (2019-02-19). "Russian Hackers Go From Foothold to Full-On Breach in 19 Minutes". Wired. ISSN 1059-1028. https://www.wired.com/story/russian-hackers-speed-intrusion-breach/. Retrieved 2019-07-01. 
  31. "Persistent Attackers Rarely Use Bespoke Malware" (in en). 27 February 2019. https://www.darkreading.com/threat-intelligence/persistent-attackers-rarely-use-bespoke-malware/d/d-id/1333994. 
  32. Gagliordi, Natalie. "CrowdStrike to acquire Preempt Security for $96 million" (in en). https://www.zdnet.com/article/crowdstrike-to-acquire-preempt-security-for-96-million/. 
  33. Zacks Equity Research (8 March 2021). "CrowdStrike to acquire Preempt Security for $96 million" (in en). https://finance.yahoo.com/news/crowdstrike-crwd-scoops-humio-fortify-135301923.html. 
  34. Transcribing, Motley Fool (2021-12-02). "CrowdStrike Holdings, Inc. (CRWD) Q3 2022 Earnings Call Transcript" (in en). https://www.fool.com/earnings/call-transcripts/2021/12/02/crowdstrike-holdings-inc-crwd-q3-2022-earnings-cal/. 
  35. "CrowdStrike Changes Principal Office to Austin, Texas" (in en). 2021-12-28. https://www.crowdstrike.com/blog/crowdstrike-changes-principal-executive-office-to-austin-texas/. 
  36. "CrowdStrike reports surge in identity thefts". 2023-03-01. https://thearabianpost.com/crowdstrike-reports-surge-in-identity-thefts/. 
  37. Kuranda, Sarah (2017-05-17). "Crowdstrike Lands $100M Funding Round, Looks To Expand Globally And Invest In Partners". https://www.crn.com/news/security/300085371/crowdstrike-lands-100m-funding-round-looks-to-expand-globally-and-invest-in-partners.htm. 
  38. 38.0 38.1 "Cybersecurity startup CrowdStrike raises $200 million at $3 billion valuation" (in en-US). 2018-06-19. https://venturebeat.com/2018/06/19/cybersecurity-startup-crowdstrike-raises-200-million-at-3-billion-valuation/. 
  39. "CrowdStrike may top these 6 biggest-ever U.S. security IPOs next month". https://www.bizjournals.com/sanjose/news/2019/05/31/crowdstrike-ipo-biggest-cybersecurity-companies.html. 
  40. Hackett, Robert. (May 17, 2017). "Hack Investigator CrowdStrike Reaches $1 Billion Valuation". Fortune website Retrieved 9 June 2017.
  41. "Security Company CrowdStrike Scores $100M Led By Google Capital" (in en-US). 13 July 2015. http://social.techcrunch.com/2015/07/13/security-company-crowdstrike-scores-100m-led-by-google-capital/. 
  42. "CrowdStrike raises $100 million for cybersecurity". https://www.bizjournals.com/losangeles/news/2017/05/17/crowdstrike-raises-100-million-for-cybersecurity.html. 
  43. Murphy, Hannah (12 June 2019). "Cyber security group CrowdStrike's shares jump nearly 90% after IPO". https://www.ft.com/content/27730018-8ca8-11e9-a24d-b42f641eca37. 
  44. Feiner, Lauren (2019-06-12). "CrowdStrike pops more than 70% in debut, now worth over $11 billion" (in en). https://www.cnbc.com/2019/06/12/crowdstrike-ipo-stock-starts-trading-on-the-nasdaq.html. 
  45. "Full transcript: FBI Director James Comey testifies on Russian interference in 2016 election". https://www.washingtonpost.com/news/post-politics/wp/2017/03/20/full-transcript-fbi-director-james-comey-testifies-on-russian-interference-in-2016-election/. 
  46. "Russian hackers linked to DNC attack also targeted Ukrainian military, says report". 2016-12-23. https://www.theverge.com/2016/12/23/14068992/russian-hack-dnc-ukraine-military-malware-crowdstrike. 
  47. Noosphere engineering school (October 31, 2015). "New brainchild of engineering school was tested by the armed forces". http://noosphereengineering.com/en/news/new-brainchild-of-engineering-school-was-tested-by-the-armed-forces. 
  48. Boldi (January 3, 2017). "Technical details on the Fancy Bear Android malware (poprd30.apk)". http://blog.crysys.hu/2017/01/technical-details-on-the-fancy-bear-android-malware-poprd30-apk. 
  49. Kuzmenko, Oleksiy (March 23, 2017). "Think Tank: Cyber Firm at Center of Russian Hacking Charges Misread Data". Voice of America. https://www.voanews.com/a/crowdstrike-comey-russia-hack-dnc-clinton-trump/3776067.html. 
  50. Secureworks counter threat unit threat intelligence (June 26, 2016). "Threat Group-4127 targets Google accounts". https://www.secureworks.com/research/threat-group-4127-targets-google-accounts. 
  51. Miller, Christopher (November 2, 2017). "Fancy Bear Tried To Hack E-Mail Of Ukrainian Making Artillery-Guidance App". RadioFreeEurope. https://www.rferl.org/a/ukraine-russia-fancy-bear-hacking-artillery-guidance-app/28831564.html. 
  52. Satter, Raphael (2 November 2017). "Russia hackers pursued Putin foes, not just US Democrats". Associated Press. https://www.apnews.com/3bca5267d4544508bb523fa0db462cb2. 
  53. Miller, Christopher (2 November 2017). "'Fancy Bear' Tried To Hack E-Mail Of Ukrainian Making Artillery-Guidance App". Radio Free Europe/Radio Liberty. https://www.rferl.org/a/ukraine-russia-fancy-bear-hacking-artillery-guidance-app/28831564.html. 
  54. Hudson, John (2019-11-26). "Pompeo says Trump's debunked Ukraine conspiracy theory is worth looking into" (in en). Washington Post. https://www.washingtonpost.com/national-security/pompeo-says-trumps-debunked-ukraine-conspiracy-theory-is-worth-looking-into/2019/11/26/66394e98-106e-11ea-9cd7-a1becbc82f5e_story.html. 
  55. "CrowdStrike Wins 2021 Amazon Web Services Global Public Sector Partner and Canada AWS Partner Awards". Yahoo!. 30 June 2021. https://www.yahoo.com/now/crowdstrike-wins-2021-amazon-services-120000230.html. 
  56. "CrowdStrike Wins 2021 Amazon Web Services Global Public Sector Partner and Canada AWS Partner Awards". Yahoo!. 30 June 2021. https://www.yahoo.com/now/crowdstrike-wins-2021-amazon-services-120000230.html. 
  57. "CrowdStrike Ranked #1 for Modern Endpoint Security 2020 Market Shares". Yahoo!. 24 June 2021. https://www.businesswire.com/news/home/20210624005139/en/CrowdStrike-Ranked-1-for-Modern-Endpoint-Security-2020-Market-Shares. 
  58. Saunders, Charles (2021-03-08). "CrowdStrike Protects, On and Off the Track | CrowdStrike" (in en). https://www.crowdstrike.com/blog/crowdstrike-protects-on-and-off-track/. 
  59. "CrowdStrike becomes new title sponsor of 24 Hours of Spa, starting 2023 | CrowdStrike 24 hours of Spa" (in en-GB). 2022-07-29. https://www.crowdstrike24hoursofspa.com/news/2379/crowdstrike-becomes-new-title-sponsor-of-24-hours-of-spa-starting-2023. 

External links