You are browsing the archive for Anonymous.

Anonymous Plans Series of Leaks to Show Intelligence Community’s Vulnerability

4:27 pm in Uncategorized by Kevin Gosztola

Anonymous hacked into Booz Allen Hamilton, a US public consulting firm who primarily does work as a federal contractor for the US government on defense and homeland security matters. They infiltrated the company’s server, ran their own application and began to “plunder some booty.”

Ninety thousand military emails were and password hashes were allegedly hacked in a move that led Anonymous to declare in a press release, “Thanks to the gross incompetence at Booz Allen probably all military personnel of the US will now have to change their passwords.”

The “mangling” of Booz Allen was a part of “Military Meltdown Monday.” And they planned more releases in the coming days.

Unlike WikiLeaks, the success and impact of an Anonymous release of data or information does not depend upon the content of the data. One can download the data, but, for many of the releases, there may be little to be gained from it if you are looking for details on the inner operations of Booz Allen (or if you know next to nothing about hacking and unpacking encrypted data).

The content of this release is primarily military emails and passwords.

What makes the hack important is the hack itself—the mere fact that a hack took place. Anonymous has demonstrated to those who do business with Booz Allen Hamilton, like the US government, that it does not take proper precautions to protect its operations from cyber attacks. Anonymous has shown this contractor is vulnerable, which could essentially cost Booz Allen business.

Booz Allen was allegedly targeted because of its involvement in numerous electronic surveillance activities. Anonymous recalls how they uncovered a program after they hacked HBGary’s email server in February. The program uncovered showed several companies were involved in a military project “designed to manipulate social media.”

The main aims of the project were two fold: Firstly, to allow a lone operator to control multiple false virtual identities, or “sockpuppets”. This would allow them to infiltrate discussions groups, online polls, activist
forums, etc and attempt to influence discussions or paint a false representation of public opinion using the highly sophisticated sockpuppet software. The second aspect of the project was to destroy the concept of online anonymity, essentially attempting to match various personas and accounts to a single person through recognition shared of writing styles, timing of online posts, and other factors. This, again, would be used presumably against any perceived online opponent or activist.

[For more on the planned Sockpuppet Army, go here.]

One of the companies that they discovered were involved in this project, which they called Operation Metal Gear, was Booz Allen. They say they had been planning this hack for quite some time but somehow “Expect Us” didn’t preven them from an “epic security fail:”

…Anonymous has been investigating them for some time, and has uncovered all sorts of other shady practices by the company, including potentially illegal surveillance systems, corruption between company and government officials, warrantless wiretapping, and several other questionable surveillance projects.
All of this, of course, taking place behind closed doors, free from any public
knowledge or scrutiny.

“For the lazy,” Anonymous put together a release that contained information on the company they just embarrassed.

They noted the following individuals, who have held positions in federal government or now currently hold positions in the federal government and have worked for Booz Allen:

*John Michael “Mike” McConnell, Executive Vice President of Booz Allen and former Director of the National Security Agency (NSA) and former Director of National Intelligence.

* James R. Clapper, Jr., current Director of National Intelligence, former
Director of Defense Intelligence.

* Robert James Woolsey Jr, former Director of National Intelligence and head
of the Central Intelligence Agency (CIA).

* Melissa Hathaway, Current Acting Senior Director for Cyberspace for the
National Security and Homeland Security Councils

They highlighted a 2007 Democracy Now! interview with investigative journalist Tim Shorrock, who reproted on Booz Allen’s involvement as a sub-contractor in the Trailblazer and Pioneer Groundbreaker programs at the US National Security Agency (NSA).

Trailblazer is a data mining program that ended up costing about $4 billion and didn’t work well. It’s the program that the NSA wound up using, which NSA whistleblower Thomas Drake spoke out against because he knew there was a program called ThinThread that would likely be more efficient. Drake was afraid Trailblazer would be a waste of taxpayer money and that it called for illegal and unconstitutional surveillance. (Drake is one of the whistleblowers the Obama Administration has pursued in its war on whistleblowing.)

Shorrock described Groundbreaker:

Booz Allen was a chief advisor to another program, which was the NSA’s internal communications. This was a program called Groundbreaker. And all of these programs are analyzing, you know, the phone calls that they intercept, the government communications from abroad they intercept. And when they’re intercepting phone calls between US citizens and people abroad, the corporations are involved. They have people there working not only as just technical advisors, but also doing analysis. And so, if the NSA is listening in on our phone calls, you can bet that Booz Allen is participating in that.

Part of the “AntiSec” or anti-security movement that Anonymous is intent to inspire, this hack came days after hacking IRC Federal, which is an IT contractor that does work with US federal agencies like the FBI and NASA.

It is groups like Anonymous that have claimed headlines recently and put members of Congress and people in government on alert. Cybersecurity hearings have become a regular thing on Capitol Hill, as the government works to develop and enact a national cybersecurity policy to prevent the hacks like the ones Anonymous perpetrates.

In a cybersecurity hearing organized by Republican Rep. Darrell Issa last week, Democratic Rep. Elijah Cummings said he hoped law enforcement got all the tools necessary to go after hackers. Republican Rep. Blake Farenthold wondered how the US might go after “hobby hackers” because not a day goes by now that he doesn’t have to download some update to his McAfee software.

Greg Schaffer of the Homeland Security Department declared, “There is no security issue facing our nation more pressing than cybersecurity.”

“The reality is the United States is increasingly confronted by a dangerous cyber environment where threats are more targeted, they’re more sophisticated and more serious than they’ve ever been before,” he said, “Hackers probe critical infrastructure companies on a daily basis. The status quo is simply unacceptable.”

The attacks from Anonymous, however, do not seem intent to sabotage critical infrastructure of any company. Up to this point, the attacks are all political and designed to call attention the world wide apparatus of surveillance—the burgeoning national security state that has grown in the aftermath of 9/11.

The companies targeted are the companies most likely to go after Anonymous. They are the companies that threaten the ability of members of the group to remain anonymous.

Anonymous is the closest thing the US and possibly the world has to an anti-security movement that can make headlines and draw attention to the ways that companies are becoming increasingly powerful and more capable of intruding into people’s privacy and violating their civil liberties.

It may not seem like a traditional resistance group. What Anonymous is doing is providing the space and cover for an offline movement to actually challenge the surveillance state that citizens have learned to live under without being appalled or upset with it much at all.

At US Chamber of Commerce, US Government Strategy for “Identity Ecosystems” in Cyberspace Unveiled

12:54 pm in Uncategorized by Kevin Gosztola

The National Strategy for Trusted Identities in Cyberspace (NSTIC), which some believe could establish and require Internet users to have ID on the Internet, was unveiled today at the US Chamber of Commerce. NSTIC aims to establish “identity ecosystems,” what the National Institute for Standards in Technology describes as a “a user-centric online environment, a set of technologies, policies, and agreed upon standards that securely supports transactions ranging from anonymous to fully authenticated and from low to high value.”

Secretary of Commerce Gary Locke delivered the following remarks:

“I’m optimistic that NSTIC will jump-start a range of private-sector initiatives to enhance the security of online transactions. This strategy will leverage the power and imagination of entrepreneurs in the private sector to find uniquely American solutions. Other countries have chosen to rely on government-led initiatives to essentially create national ID cards. We don’t think that’s a good model, despite what you might have read on blogs frequented by the conspiracy theory set. To the contrary, we expect the private sector to lead the way in fulfilling the goals of NSTIC. Having a single issuer of identities creates unacceptable privacy and civil liberties issues. We also want to spur innovation, not limit it. And we want to set a floor for privacy protection that is higher than what we see today, without placing a ceiling on the potential of American innovators to make additional improvements over time. “

What might this mean for the Internet as citizens of the world know it today? As the US government, in cooperation with the private sector, works to preserve cyber infrastructure or networks that it considers to be “strategic national assets,” how might this protection of assets fundamentally alter key characteristics of the Internet, which many have grown to appreciate? In the age of WikiLeaks and Anonymous, in an era where the US government has been unable to prevent the Chinese government and military from stealing usernames and passwords for State Department computers, it seems that this strategic plan could transform the Internet into a realm that requires you to prove your identity with an approved and issued identification card every time you move in to a new website.

President George W. Bush, in the aftermath of the September 11th attacks, used the climate to fundamentally transform security. The “global war on terror” was launched and the Bush Administration led a conditioning and recalibration of the way citizens in the country thought of civil liberties. This made possible a warrantless wiretapping program, which the American Civil Liberties Union (ACLU) considers to be “part of a broad pattern of the executive branch using “national security” as an excuse for encroaching on the privacy and free speech rights of Americans without adequate oversight.”

The memory of a horrific tragedy allowed for the metamorphosis of society into a suspect society. Born were two wars in Afghanistan and Iraq. Other countries became zones for launching unmanned aircraft or drone strikes. And, citizens saw the US government detain and imprison indefinitely terror suspects in Guantanamo Bay, Baghram Air Force Base and other prisons denying them due process and in many cases subjecting them to harsh interrogations or torture.

All of these developments have, for the most part, become something US citizens have found a way to justify. In a society where citizens are told “if they see something, say something,” they believe the escalation of security, the detention, the strikes, and all the expansions of the deep state, which controls and operates the national security apparatuses in the US, is allowable. The civil liberties one has are not to be given up except in cases where one might be in danger and then, in that case, it is okay. So, in the past months, the Transportation Security Administration (TSA) expanded the scope of its security forcing travelers to go through body scanners that might pose a risk to travelers’ health because of radiation or be subject to a pat-down procedure that if witnessed in public by a police officer would likely lead to the arrest of the person doing the pat-down.

Now, the connecting of systems in more and more ways, the increased complexity that has come as a result of innovation and the reality that, without cyber-connectivity, the economy of the United States could grind to a halt and its national security could be breached has pushed the US government in the past years to work in concert with the private sector to begin to bring order to a networked public sphere that many value because it does not require you to authenticate your identity and does not require you to be inspected before moving along to your destination.
Read the rest of this entry →

Security Contractor HBGary Tries to Protect US from Anonymous, WikiLeaks

3:03 pm in Uncategorized by Kevin Gosztola

We Are Anonymous by OperationPaperStorm

HBGary Federal, provider of classified cybersecurity services to the Department of Defense, Intelligence Community and other US government agencies, has opted over the past months to go to war with the group of WikiLeaks supporters known as Anonymous. The Tech Herald reported today on HBGary Federal and two other data intelligence firms “strategic plan” for an attack against WikiLeaks.

The company is considered to be “a leading provider of best-in-class threat intelligence solutions for government agencies and Fortune 500 organizations.” It provides “enhanced threat intelligence” so “the federal government can better protect our national cyber infrastructure.”

Almost a year ago, the company received an extension to their contract with the US Department of Homeland Security to “conduct a series of hands-on memory forensics and malware analysis training events with local, state, and federal law enforcement officials around the country.” A company contracted by the government to help out with cybersecurity initiatives for the United States is spending company time and resources and possibly even taxpayer money going after individuals who support WikiLeaks and spend lots of time in a chat room talking about what they can do to defend freedom of expression. The CEO of this cybersecurity service company is targeting a group that poses no threat to the government infrastructures it is supposed to be protecting from real cyber criminals.

Along with Palantir Technologies and Berico Technologies, which both have worked to help the government in some capacity, HBGary developed a proposal called “The WikiLeaks Threat.” They requested that the law firm Hunton and Williams meet with Bank of America. The law firm held a meeting on December 3, and they began to plan against WikiLeaks. According to Tech Herald, Hunton and Williams would “act as outside council on retainer,” Palantir would “take care of network and insider threat investigations” and Berico Technologies and HBGary would “analyze WikiLeaks” to find if “WikiLeaks was hosting data in certain countries and make prosecution easier.” CEO Aaron Barr also led an infiltration into Anonymous, hoping to unearth identification information that could unveil who these people are that are operating in support of WikiLeaks.

HBGary and Palantir are partners. Palantir Technologies has been sought by the CIA, DHS and FBI to help government analysts “integrate unstructured open source information with data from various agency databases to analyze them for outstanding correlations and connections in an attempt to mitigate the burden of rummaging around through the immense amount of information available to them.” Either Palantir Technologies found the time to stop serving government and work with Hunton and Williams to help Bank of America stop WikiLeaks from releasing documents that might impact Bank of America operations, or, possibly the US government had given tacit approval to Palantir to participate in this operation.

Berico Technologies worked with the National Security Agency (NSA) to invent technology that “made finding roadside-bomb makers easier and helped stanch the number of casualties from improvised explosive.” They also decided to participate in this initiative or, again, possibly someone in the US government suggested private corporations begin to go after WikiLeaks.

The three security service companies proposed the following tactics for going after WikiLeaks: “Create concern over the security of the infrastructure. Create exposure stories. If the process is believed to not be secure they are done. Cyber attacks against the infrastructure to get data on document submitters. This would kill the project. Since the servers are now in Sweden and France putting a team together to get access is more straightforward.” Part of their plan involves turning Salon’s Glenn Greenwald against WikiLeaks.

HBGary counts as an advisor Andy Purdy, who was a member of the White House staff team that helped to draft the U.S. National Strategy to Secure Cyberspace in 2003. He joined the Department of Homeland Security and served on “the tiger team that helped to form the National Cyber Security Division (NCSD) and the U.S. Computer Emergency Readiness Team (US-CERT).” He worked for three and a half years and spent the last two heading the NCSD and US-CERT as a “Cyber Czar.” With HBGary he is involved in an Anonymous style hacktivist attack.

For fiscal year 2011, the federal budget for homeland security will provide “$364 million to the Department of Homeland Security to support the operations of the National Cyber Security Division which protects Federal systems as well as continuing efforts under the Comprehensive National Cybersecurity Initiative to protect our information networks from the threat of attacks or disruptions.” Should companies engaged in this kind of conduct be allowed to take government money to fund their company’s operations, which are supposed to protect government cyber infrastructure?

HBGary’s infiltration led to the company “getting pwned.” Anonymous figured out what was going on and seized HBGary’s domain, temporarily posting this image—a letter with an opening line that reads “claims of ‘infiltrating’ Anonymous amuse us, and so do your attempts at using Anonymous as a means to garner press attention for yourself.”

Even though Anonymous is known to have hacked into companies like PayPal and Visa, does HBGary or any other cybersecurity service have any business mounting operations to infiltrate or target anyone linked to Anonymous? Unless HBGary is working for the FBI, it does not seem as though they should be allowed to engage in such activity.

The president of HBGary, Penny Leavy, says, “Today’s sophisticated cybercriminals require a sophisticated approach to network security.” That may be true. But, one might ask Leavy, “Do today’s sophisticated cyber activists require amateur cyber snoops?”

*Post originally appeared at WLCentral.org