Author's Opinion

The views in this column are those of the author and do not necessarily reflect the views of iTWire.

Have your say and comment below.

Thursday, 25 May 2017 06:04

Security firms marching to the political beat


Cyber security firms appear to be tailoring their research to help one side of politics or the other in the US in pursuit of their respective enemies of the day, judging by the recent attempt by two prominent firms to lay the blame for the WannaCry ransomware attack on North Korea.

Coincidentally (?), Pyongyang has been in the sights of the US administration for a while, with President Donald Trump even floating the idea of a nuclear strike on the country during a telephone call last month with Philippine President Rodrigo Duterte.

Both Symantec and Kaspersky Lab have floated the theory that a group named Lazarus, which is linked to North Korea, may be behind WannaCry. At least one prominent US newspaper has repeated these claims, without asking any questions.

As iTWire has reported, quoting an analyst from the not-for-profit Institute for Critical Infrastructure Technology, there is little evidence for coming to such a conclusion.

Kaspersky's claim was based on a finding by Google researcher Neel Mehta that similarities exist between an early WannaCry code sample from February and one from an advanced persistent threat spread by a group named Lazarus in 2015.

It must be borne in mind that Kaspersky is under pressure in the US, will allegations of Russian ties being levelled against the company and the danger of its software being disallowed for use in US government a likely possibility. In such a climate, if it did provide some "proof" against an enemy (in this case, Pyongyang) of the US, it certainly wouldn't hurt.

Google's connections to the former US administration were legion, with the head of its parent body, Eric Schmidt even drawing up a campaign plan for Democrat presidential candidate Hillary Clinton.

The company has also gained a foothold in the Trump regime, with a former executive, Joshua Wright, being put in charge of transition efforts at the Federal Trade Commission.

Hence there is reason for Google to advance ideas that are favourable to the Trump team. Lest one forget, there were plenty of people who aided the push to invade Iraq in 2003 by the George W. Bush administration, not least among them being the New York Times' staffer Judith Miller.

This time, it looks like the cyber security firms are leading the push to blackball the bête noire of the moment.

This is not the first time that companies in this sector have sought to push theories that would find favour with one side of politics on Capitol Hill.

In April, the company SecureWorks sent over a media release, claiming it had uncovered a link between a hacking group called Iron Twilight (aka APT28, Pawn Storm, Sofacy, Tsar Team, Strontium, and Fancy Bear) and the Russian government. The claim went further to say that the group was linked to the hacking of the Democrat National Committee's email servers, among other hacks.

When asked for evidence, SecureWorks engaged up to a point; but when asked why the security company CrowdStrike, which was handling security for the Democrats, had cleaned up the alleged hacked server on its own instead of calling in the FBI, there was silence.

More recently, Trend Micro, another big security company, sent over its theories as to why Pawn Storm (another name for the group claimed to have Russian links by SecureWorks) was involved in hacking the DNC. The findings, while initially tentative, seemed to morph into certainty without any rational basis.

But again, when asked about the role of CrowdStrike, the people at Trend Micro went silent. A month has gone by since they were asked a few questions about their claims.

My email to Trend Micro ended this way: "You see my argument is that you can't add up 'possibly', 'allegedly','supposedly' and 'probably' and come up with 'definitely'."

When CrowdStrike was contacted — after the company sent in some unsolicited comments about the WannaCry outbreak — it kept silent after being asked for comment about the DNC events.

No matter how this plays out, it is interesting to see how these firms position themselves.

Subscribe to ITWIRE UPDATE Newsletter here


The much awaited iTWire Shop is now open to our readers.

Visit the iTWire Shop, a leading destination for stylish accessories, gear & gadgets, lifestyle products and everyday portable office essentials, drones, zoom lenses for smartphones, software and online training.

PLUS Big Brands include: Apple, Lenovo, LG, Samsung, Sennheiser and many more.

Products available for any country.

We hope you enjoy and find value in the much anticipated iTWire Shop.



iTWire TV offers a unique value to the Tech Sector by providing a range of video interviews, news, views and reviews, and also provides the opportunity for vendors to promote your company and your marketing messages.

We work with you to develop the message and conduct the interview or product review in a safe and collaborative way. Unlike other Tech YouTube channels, we create a story around your message and post that on the homepage of ITWire, linking to your message.

In addition, your interview post message can be displayed in up to 7 different post displays on our the site to drive traffic and readers to your video content and downloads. This can be a significant Lead Generation opportunity for your business.

We also provide 3 videos in one recording/sitting if you require so that you have a series of videos to promote to your customers. Your sales team can add your emails to sales collateral and to the footer of their sales and marketing emails.

See the latest in Tech News, Views, Interviews, Reviews, Product Promos and Events. Plus funny videos from our readers and customers.


Sam Varghese

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.

Share News tips for the iTWire Journalists? Your tip will be anonymous




Guest Opinion

Guest Interviews

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News