Washington, United States—CrowdStrike, the cybersecurity company behind a massive global IT outage, is a leader in its sector, known for building software defenses for the cloud computing age and exposing Russian and North Korean threats.
Based in Austin, Texas, the company was founded in 2011 by George Kurtz, Dmitri Alperovitch, and Gregg Marston.
Both Kurtz and Alperovitch had extensive backgrounds in cybersecurity, working at companies like McAfee.
Two years after its founding, CrowdStrike launched its signature product, the Falcon platform.
Top player
Crucially, the company embraced a “cloud-first” model to reduce big computing needs on customers and provide more effective protection.
Rather than just focusing on malware and antivirus products, the founders wanted to shift attention to identifying and stopping the attackers themselves and their techniques.
“CrowdStrike is one of the best known cybersecurity companies around,” said Michael Daniel, who worked as the White House cybersecurity coordinator during Barack Obama’s administration.
“It provides typically what we think of as sort of endpoint protection, meaning that it’s actually got software running on a server, or on a particular device, like a laptop or a desktop and it’s scanning for potential malware connections to bad domain names,” he said.
“It’s looking for behavior that might be unusual, that sort of thing,” said Daniel who now runs the Cyber Threat Alliance.
The company’s share price was down by about 9 percent in morning trading on Wall Street.
CrowdStrike became a publicly traded company in 2019 and the company’s total revenue in the last quarter was $921 million with projections of bringing in about $4 billion in the current fiscal year.
The company’s main competitor is Palo Alto Networks as well as SentinelOne, which are standalone cybersecurity firms.
Cloud computing giants Microsoft, Amazon and Google also provide their own cybersecurity software and are rivals.
North Korea hack
But CrowdStrike is also a cyber intelligence company and made headlines when it was involved in investigating several high-profile cyberattacks.
Most famously, in 2014, CrowdStrike discovered evidence linking North Korean actors to the hack of servers at Sony Pictures.
The hackers stole large amounts of data and threatened terrorist acts against movie theaters to prevent the release of “The Interview,” a comedy about North Korea’s leader.
The studio initially canceled the movie’s theatrical release, but reversed its decision after criticism.
Sony estimated the direct costs of the hack to be around $35 million for investigating and remediating the breach.
CrowdStrike also helped investigate the 2015-2016 cyber attacks on the Democratic National Committee (DNC) in the United States and their connection to Russian intelligence services.
In December 2016, CrowdStrike released a report stating that a Russian government-affiliated group called Fancy Bear had hacked a Ukrainian artillery app, potentially causing significant losses to Ukrainian artillery units.
However, this assessment was later disputed by some organizations and CrowdStrike rolled back some of the claims.
Criticism of Microsoft
In recent months, CrowdStrike has criticized Microsoft for its lapses on cyber security as the Windows maker admitted to vulnerabilities and hackings by outside actors.
Among other criticisms, CrowdStrike slammed Microsoft for still doing business in China.
“You’re telling the public they can’t use Huawei, and they can’t let kids watch dance videos on TikTok because China is going to collect intelligence,” Shawn Henry, chief security officer at CrowdStrike said last year.
“Yet the most ubiquitous software, which is used throughout the government and throughout every single corporation in this country and around the world, has engineers in China working on their software,” Henry told Forbes.