In 1956, FBI Director, J. Edgar Hoover initiated a program, code-named COINTELPRO (counter intelligence program) ushering in what would become the mainstay for how intelligence communities dealt with domesitic affairs. The sole directive of this program was “to expose, disrupt, misdirect, discredit, or otherwise neutralize” the activities of various dissidents and their leaders.
COINTELPRO was, of course, nothing more than the little brother to its older sibling, PSYOPS (the sanitized word for Propaganda) which was primarily directed toward international affairs. It would later be renamed PSYWAR (psychological warfare). The late 1980s ushered in another type of war, coined CYBERWAR by early researchers. Some, who have been proclaiming for almost two decades that “Cyber War is Coming!”
Now that it seems to have… arguably… arrived, let’s take a look at what this may mean.
The common factor between cointelpro, psyops, psywar, and cyberwar involves using information to sway public opinion. While each of these may rely upon their own means, the end goal is to create a common enemy. There is nothing afterall, that galvanizes people to act more than a common enemy. And said enemy can bear many and diverse faces depending upon the climate of the times and the road a person has traveled. Be these faces drugs, terrorism, child pornography, corporations, and/or governments. In 2001, that face was Osama Bin Laden. Today, that face appears to be WikiLeaks (founded, in October of 2006), Julian Assange (a self-described activist), and to a lesser extent, Anonymous (referred to as Hacktivists by some). The backstory to the birth of Wikileaks plays an important role, as it sets the stage for what was to come.
From a June 2010 New Yorker article (emphasis added, mine),
Before launching the site, Assange needed to show potential contributors that it was viable. One of the WikiLeaks activists owned a server that was being used as a node for the Tor network. Millions of secret transmissions passed through it. The activist noticed that hackers from China were using the network to gather foreign governments’ information, and began to record this traffic. Only a small fraction has ever been posted on WikiLeaks, but the initial tranche served as the site’s foundation, and Assange was able to say, “We have received over one million documents from thirteen countries.”
So… what is Tor? From their site (emphasis added, mine):
Tor is free software and an open network that helps you defend against a form of network surveillance that threatens personal freedom and privacy, confidential business activities and relationships, and state security known as traffic analysis.
And, from the Tor (emphasis added, mine):
It is intended to protect users’ personal freedom, privacy, and ability to conduct confidential business, by keeping their internet activities from being monitored. The software is open-source and the network is free of charge to use.
And yet, WikiLeaks very existence involved the monitoring of Chinese dissidents’ communications that were passing through a Tor node. This, in itself raises numerous implications, the least involving the question of ethics, the greatest involving risks of exposure for any activist choosing to use Tor as their primary communication channel.
This article however, is not about the risks posed for activist choosing to rely upon Tor. Nor is about the quite obvious logical fallacy in the repeated “open source is safer” mantra that is regularly uttered within the halls of the open source. Nor is it, for that matter, about the fact that Tor is published by the Electronic Frontier Foundation, thus placing the foundation in two opposing camps. One, whose public face speaks of freedom of expression, the other, that involves, publishing software that can be used and has been used to monitor said “free expression.” These, while certainly important, and worthy of further scrutiny, are not the focus of this article. I’ll leave such pickings for those who are interested in exploring the finer points of whether or not Tor actually exposes people to risks from dangerous regimes.
Moving on.
Prior to WikiLeaks law enforcement primarily focused upon issues of identity theft and child pornography, while security firms focused upon malware and intrusion detection. The arrival of WikiLeaks changed that, and the above set the stage for what would become a marriage in the mind of many. That WikiLeaks was comprised of a network of hackers (aka Hacktivists). This union was sealed with the DDoS attack against Mastercard and Paypal on December 8, 2010. Even though only a handful of the people involved in various Anonymous activities are Hackers in the true sense of the word.
Security firms love hackers. They are, after all, their bread and butter. They also like to pit themselves against the hacker community. And, in many cases, they will even hire from within the hacker community. Not so, in the case of HBGary Federal, whose CEO, Aaron Barr, was an ex-navy cryptologist. This tiny, little-known, startup rose quickly to fame with the “revelation” that Barr had “penetrated Anonymous.” Not only would their short-lived fame fizzle but the company will not likely recover from what was to follow. Within hours of the Financial Times article claiming that Barr had ID’d the group’s “Hierarchy and Leaders,” the company’s computers were “breached” and a data dump of executive emails and their rootkit mysql database were placed on a well-known and popular p2p file share. Initial reports attempted to paint Mr. Barr and his company as a victim. As did the parent company’s president, Penny Leavy, wherein she stated:
“Today’s sophisticated cybercriminals require a sophisticated approach to network security.”
When it was learned that not only had company servers been breached but corporate emails were being distributed, Leavy attempted to manage blowback by engaging participants of the anon IRC chat. She begged them not to release the parent company’s founder and CEO, Greg Hoglund’s, emails, while claiming Barr was simply researching them and had no intentions of releasing their identities, or rather, the identities he was claiming to have found through a combination of social network scraping and best-guess correlation. Yet his email of February 5, 2011, wherein he copies Leavy states otherwise.
Shortly thereafter, Mr Hoglund jumped into the frey, in support of Leavy. And yet, this email indicates he was as much on the media bandwagon as Barr. So, while these people were claiming innocence on the channel, just hours before, they were preening and preparing to “wow” the public with their cyber prowess: “They had Unmasked Anonymous!” Amidst Leavy and Hoglund’s deception, chatters were putting forth their own threats, “Get rid of Barr or we’ll release Greg’s emails!” they seemed to chime in unison.
When considering Leavy’s pleas, it is only natural to wonder what sort of damaging information could be contained within Hoglund’s emails. Afterall, within a day of the original dump, quite damaging information was already coming out. For example, it was revealed that HBGary Federal, Palantir Technologies, and Berico Technologies had formed an alliance, code-named “Team Themis” whose primary purpose would be to:
Develop a corporate information reconnaissance service to aid legal investigations through the open source collection of information on target groups and individuals that appear organized to extort specific concessions through online slander campaigns.
That is, some of the “dirty tricks” were revealed, and seemingly right out of the government’s manual for dealing with dissidents: “to expose, disrupt, misdirect, discredit, or otherwise neutralize.”
WikiLeaks was naturally one of their targets. Another “Team Themis” target were Unions and individuals protesting the U.S. Chamber of Commerce.
When perusing the various “Team Themis” presentations, they come across as over-grown kids trying to pretend they’re James Bond. That is, their cloak and dagger terminology belies a tendency toward over-exaggeration in a somewhat melodramatic exhale that arguably borders on the ridiculous. Then again, this isn’t the first time Government contractors have engaged in practices that boggle the mind. Importantly, are you interested in looking into the mind of a cyberpath? Read the doc dumps. In those files, you will witness everything from blatant racism to ethically bereft proposals to appalling arrogance. HBGary Federal employee, Mark Traynor was right on when he stated (emphasis added, mine):
He’s on a bad path. He’s talking about his analytics and that he can prove things statistically but he hasn’t proven anything mathematically nor has he had any of his data vetted for accuracy, yet he keeps briefing people and giving interviews. It’s irresponsible to make claims/accusations based off of a guess from his best gut feeling when he has even told me that he believes his gut, but more often than not it’s been proven wrong. I feel his arrogance is catching up to him again and that has never ended well…for any of us.
The proverbial fan hitting blowback occurred the following day. And by the end of the week, both Palantir Technologies and Berico Technologies had severed ties with HBGary Federal in a very public way.
As for Anonymous? Are they Leavy’s “sophisticated cybercriminals?” Extremely doubtful. Are they cyberpaths? Some are, no doubt. Just as some are in any place where people gather. Are they the organized group that companies such as HBGary, who stands to make money off such a hypothesis, would have you believe? Again doubtful.
In fact, having spent decades in various tech and hacker communities as well as following the chatter in this group’s IRC channel, the tech types seems to be pretty much what they have always been. An amorphous and leaderless group of individuals, who, for reasons known only to each individual, have chosen to engage in largely illegal activities. Whether said activities involve executing a DDoS on a company in the name of “free speech” or so-called “Social engineering” in response to a disk sizing contest ala, “look at me. I’m so 1337!” or simply for the “lulz.”
Importantly however is the drama factor. This is the one constant that draws people in. That engages them. There is afterall nothing like a metaphorical “kill” to get a feeding frenzy going. In the case of WikiLeaks, it was the cables. In this case, it is the HBGary data dump. Which, at this point, is far from over, per AnonymousIRC’s tweet that the group plans to release Greg Hoglund’s 27K emails shortly.
And of course, there is the cause.
Though, by the time you’ve reached this stage, the game, the verbal parries and lunges, as opposed to the actual cause tends to be as much, if not the more compelling draw.
When considering the players, both the security people involved as well as those who breached the company’s servers reveal themselves for who they are. Both are willing to engage in extremely unethical practices. Both appear to be driven by self-importance and promises of fame. And neither appear to consider, or for that matter, care about, the larger unintended consequences of their actions. They are, in reality, two sides of the same coin.
So what exactly are these unintended consequences? This is not about Grand Jury investigations or tarnished reputations. After all, both are assumed and calculated risks. Regardless of how far off individual calculations may or not be. Nor can we invoke those caught in the blowback. It is pretty standard to assume there will be some collateral damage.
The unintended consequences could involve Mr Barr’s rather myopic view that playing connect the social dots will result in valid and reliable data. Data that can withstand the scrutiny of the federal rules of evidence in a court of law. Otherwise put, while he was prepared to go public with names, anon beat him to the punch, and neither parties considered that some innocents could get caught up in this media maelstrom at best, or find themselves the recipients of cyber stalking at worst. Though, hopefully the media, and the public, for that matter, will be satisfied to feed at the HBGary trough, as opposed to gnawing on the metaphorical bones of Joe Public.
Still, it is arguable that any misidentification would be nothing more than a variation of the aforementioned collateral damage. Predictable, due to the question of accuracy. As it is arguable that contact information of various Government personnel is now in the wilds. Also predictable due to the nature of their work.
No, the unintended consequences is much larger than any of the aforementioned combined: the revelation of classified material as a result of mining the data dump. Otherwise put, considering that HBGary worked on projects that required security clearance, there is a fairly strong likelihood that at least some classified material is contained therein. And perhaps, in light of Leavy’s strenuous protestations, even moreso in Hoglund’s massive 27K emails. The question of course remains, would the revelation of such material hurt our country, or would it open our eyes?
This is the true moral dilemma of the situation. One that not one of the participants appear to have considered before recklessly engaging in their disk sizing contest. One that may purchase a few moments of fame, while having far reaching unintended consequences that are yet to be known.
In the mean time, various US government bodies have been gearing up for the onset of cyberwar. Contract after contract, and job listing after job listing, are looking for “cyber warfare” personnel. Though, from the job postings listed, their cyberwar does not appear to involve maurading hackers or Joe Public activists, ala “Anonymous.” Rather, their focus has been on securing our nation’s infrastructure against enemy attack. Where the enemy involves military hackers from unfriendly countries.
Then again, the military industrial complex may see this doc dump as a blessing in disguise. After all, it is much easier to convince a fearful public to hand over hard-earned tax dollars in order to protect them against… oh, say… Stuxnet. The Cold War, redux, I suppose. Though, instead of the “Red Scare” we get the “All your bases are belong to us” scare. And sadly, they will be no more prepared to fight that particular war than Aaron Barr and HBGary Federal were prepared to battle Anonymous.