This was first connected it last year when it was reported (timeline & resulting actions clearly not a coincidence). However, at the time, it was *not* known that the access was granted (apparently as managed by Crowdstrike). Now ... if/as that is/was known to the IC - and ICIG discovered the e-mail forwarding and tied it back to Crowdstrike - how can the same entity be used to provide the purported ICA in January 2017? Unbelievable & totally outrageous!
Q