Author's Opinion

The views in this column are those of the author and do not necessarily reflect the views of iTWire.

Have your say and comment below.

Thursday, 25 May 2017 06:04

Security firms marching to the political beat


Cyber security firms appear to be tailoring their research to help one side of politics or the other in the US in pursuit of their respective enemies of the day, judging by the recent attempt by two prominent firms to lay the blame for the WannaCry ransomware attack on North Korea.

Coincidentally (?), Pyongyang has been in the sights of the US administration for a while, with President Donald Trump even floating the idea of a nuclear strike on the country during a telephone call last month with Philippine President Rodrigo Duterte.

Both Symantec and Kaspersky Lab have floated the theory that a group named Lazarus, which is linked to North Korea, may be behind WannaCry. At least one prominent US newspaper has repeated these claims, without asking any questions.

As iTWire has reported, quoting an analyst from the not-for-profit Institute for Critical Infrastructure Technology, there is little evidence for coming to such a conclusion.

Kaspersky's claim was based on a finding by Google researcher Neel Mehta that similarities exist between an early WannaCry code sample from February and one from an advanced persistent threat spread by a group named Lazarus in 2015.

It must be borne in mind that Kaspersky is under pressure in the US, will allegations of Russian ties being levelled against the company and the danger of its software being disallowed for use in US government a likely possibility. In such a climate, if it did provide some "proof" against an enemy (in this case, Pyongyang) of the US, it certainly wouldn't hurt.

Google's connections to the former US administration were legion, with the head of its parent body, Eric Schmidt even drawing up a campaign plan for Democrat presidential candidate Hillary Clinton.

The company has also gained a foothold in the Trump regime, with a former executive, Joshua Wright, being put in charge of transition efforts at the Federal Trade Commission.

Hence there is reason for Google to advance ideas that are favourable to the Trump team. Lest one forget, there were plenty of people who aided the push to invade Iraq in 2003 by the George W. Bush administration, not least among them being the New York Times' staffer Judith Miller.

This time, it looks like the cyber security firms are leading the push to blackball the bête noire of the moment.

This is not the first time that companies in this sector have sought to push theories that would find favour with one side of politics on Capitol Hill.

In April, the company SecureWorks sent over a media release, claiming it had uncovered a link between a hacking group called Iron Twilight (aka APT28, Pawn Storm, Sofacy, Tsar Team, Strontium, and Fancy Bear) and the Russian government. The claim went further to say that the group was linked to the hacking of the Democrat National Committee's email servers, among other hacks.

When asked for evidence, SecureWorks engaged up to a point; but when asked why the security company CrowdStrike, which was handling security for the Democrats, had cleaned up the alleged hacked server on its own instead of calling in the FBI, there was silence.

More recently, Trend Micro, another big security company, sent over its theories as to why Pawn Storm (another name for the group claimed to have Russian links by SecureWorks) was involved in hacking the DNC. The findings, while initially tentative, seemed to morph into certainty without any rational basis.

But again, when asked about the role of CrowdStrike, the people at Trend Micro went silent. A month has gone by since they were asked a few questions about their claims.

My email to Trend Micro ended this way: "You see my argument is that you can't add up 'possibly', 'allegedly','supposedly' and 'probably' and come up with 'definitely'."

When CrowdStrike was contacted — after the company sent in some unsolicited comments about the WannaCry outbreak — it kept silent after being asked for comment about the DNC events.

No matter how this plays out, it is interesting to see how these firms position themselves.

Subscribe to Newsletter here


Recently iTWire remodelled and relaunched how we approach "Sponsored Content" and this is now referred to as "Promotional News and Content”.

This repositioning of our promotional stories has come about due to customer focus groups and their feedback from PR firms, bloggers and advertising firms.

Your Promotional story will be prominently displayed on the Home Page.

We will also provide you with a second post that will be displayed on every page on the right hand side for at least 6 weeks and also it will appear for 4 weeks in the newsletter every day that goes to 75,000 readers twice daily.



It's all about Webinars.

These days our customers Advertising & Marketing campaigns are mainly focussed on Webinars.

If you wish to promote a Webinar we recommend at least a 2 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site and prominent Newsletter promotion and Promotional News & Editorial.

For covid-19 assistance we have extended terms, a Webinar Business Booster Pack and other supportive programs.

We look forward to discussing your campaign goals with you. Please click the button below.


Sam Varghese

website statistics

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.





Guest Opinion

Guest Interviews

Guest Research & Case Studies

Channel News