What a week for George Kurtz, global chief executive of top cybercrime fighter CrowdStrike, to swoop into Australia. CrowdStrike is the company named by Donald Trump in “that” phone call with Ukrainian President Volodymyr Zelensky.

Quite suddenly the IPO darling, listed on the Nasdaq in June, was itself fingered in a fantastic conspiracy peddled by the Trump camp: Democrat forces had used sinister Ukrainian connections to concoct the story of Russian interference against Hillary Clinton in the 2016 US election. We now know this conspiracy includes the improbable involvement of former foreign minister Alexander Downer. “Alexander’s always been a big lefty,” Scott Morrison quipped at the annual Lowy Institute dinner on Thursday night.

Last week was also the week that ANU released its review into the damaging raid on personal data of students and staff, leaving more questions than answers, and the week where hackers shut down computers in at least seven regional hospitals, delaying surgery.

The actual reason for the Kurtz visit was to see ASX top 100 clients, armed with CrowdStrike’s latest global threat report. But first, as no doubt he would have done for each client, he unpacks the Trump call that made CrowdStrike a political football.

“We did some work for the DNC (Democratic National Council) and we were able to identify an intrusion which we provided all results to, as an example, the FBI.” Which pointed to Russian interference? “It did, yes. And all of that has been validated by the US intelligence community and in fact there are even indictments that came down from that.”

In this toxic climate of impeachment, CrowdStrike has been on the receiving end of some sensational smears, even from the US President himself: CrowdStrike had a rich Ukrainian owner; a mysterious hidden server existed in the Ukraine.

“Well, I think we’ve de­bunked those: there’s no Ukrainian owner, we’re a public company, you can see who the owners are. The founders are not Ukrainian. I’ve been in the security industry 26 years. We stand by the work we did and more importantly we are non-partisan. We do work for the Democrats and we do work for the Republicans.”

There are crucial elections in the US and Taiwan next year and probably in Britain. Kurtz dead bats any questions about new political party commissions from the 730 customers that the business is adding each quarter. “2016 gave us a blueprint for awareness that these things can happen,” he says of the US election. “It is incumbent on all sides of the aisle to make sure that we protect our systems from tampering or interference.”

Beyond elections, the latest warning from CrowdStrike’s Falcon OverWatch Report is a disturbing jump in e-crime, essentially commercial theft. Too often this occurs through leaks of government technical know-how to criminals. “They can weaponise something that maybe a government spent billions on creating but once it’s leaked out, you can have any crime actor that actually is able to weaponise and deliver it.”

The aviation industry is heavily targeted by nation state adversaries because of the IP, customer details and movement of people. One case in the OverWatch report — which, based on recent French press agency coverage, could well be Airbus — showed there was cyber intrusion across 2018 and 2019. Kurtz, again stepping neatly around any identity reveal, says the common theme is that existing technologies are not working. “If you look at firewalls, you’ve got antivirus people buying these for protection to prevent breaches, yet they’re still having breaches. Unfortunately what we’ve seen is that a simple phish, where somebody clicks on that, even if there is no malware that is actually being delivered, if you give your user name and password out, that could be easily used for the adversary to come back into that organisation, get on to a single PC and then pivot from that PC to take over other parts of the network.” In the recent intrusion at the ANU in Canberra, the unfortunate first victim merely previewed an email.

It is in this very unsatisfactory environment that George Kurtz is calling CrowdStrike a game-changer. The problem, he argues, is with the failure of the signature antivirus-based technologies. The solution is cloud-based endpoint protection across the business.

“You actually have to know what happened in the past that is bad. If something new happens, you’re blind. What we built our company on is artificial intelligence, to be able to predict whether something is good or bad without even having seen it in the past. Without getting those annoying signature updates that slow down your computer, our system can look at something without ever seeing it and based on all the things it has learned in the past, it can say this is good or bad.”

CrowdStrike uses specialist threat hunter teams to track down miscreants. “You have to be really curious to be a threat hunter. We have guys and girls from around the world that have spent a lot of time fighting the adversary. The threat hunters look across our entire Falcon platform for anomalies, using AI and analytics to be able to identify these attacks in process. They have saved the bacon of many companies.” It begs the question, however: given the money at stake in these e-cyber attacks, how do you stop threat hunters being lured across to the lucrative dark side? “It’s all about the mission,” says Kurtz. “We have a lot of folks that have come out of the government, Five Eyes is an example, and their mission is protecting people against breaches. They love big data, they love scale, and we are able to see these attacks cross 176 countries, so it is pretty interesting.”

Kurtz has pioneered network security for years. He started in accounting at Price Waterhouse, but as the internet took off, he moved across to consulting. His book became the No 1 internet security read in the world.

Later the network security company he founded was sold to McAfee, where he became chief technology officer. It was at this point that he turned his mind to the weakness of on-premise and signature-based solutions.

“I said we should create an end-point company that looks more like Salesforce, and that’s how we got CrowdStrike started. We handle about two trillion events into our cloud per day that we use all data to continually train our machine learning algorithms to predict whether something is good or bad without overseeing it. The more data you consume, the smarter it gets, that’s the network effect.”

The Kurtz pitch to institutions, public and private, bewildered by how much to spend on cyber defence, is appealing. CrowdStrike, he says, is the only company with leading technology at both the Gartner and Forrester research houses. He is unsurprised by the latest ransomware attack on hospitals in Victoria — health, worldwide, often has low expertise and typically uses traditional signature-based antivirus protection. “These ransomware attacks go through because they slightly tweak the malware to make it look different. Signatures do not pick that up and now you have an encrypted mess on your hands.”

Prevention is always better than cure in cyberland, but the use of the cloud could also address one the fiendish problems faced by the ANU: the intruders managed to cover their tracks, cleaning up behind them. “We create a digital video recording device which allows us to monitor everything that happens on the endpoint and store that in the cloud, so even if the bad guys want to erase their tracks, we have a complete record of it in the cloud.”

Like all cybersecurity experts, Kurtz bemoans the public apathy around the most basic password maintenance and he warns of a new wave of identity theft yet to reach Australia. “In the US, we see a lot of mortgage fraud now where someone will actually change the ownership of the house into someone else’s name. You imagine your property is all of a sudden not in your name. It is a big mess. You can undo it but there are so many negative cycles that you have to deal with, you do not want that.”

More related stories

Technology

‘Alarming trends’: Why this carmaker dumped EVs

Ineos Automotive – the carmaker which says it gave a home to 4WD ‘refugees’ – reveals why it has parked EVs and how it plans to win customers with big diesel and petrol engines.

Read more

Financial Services

No surrender: Wilson-Bolton war in its final stages

The long-running conflict between Geoff Wilson and Nick Bolton must be amongst the most expensive and all-consuming in Australian financial services in recent decades.

Read more