tip off

Anonymous versus the arms dealers of the cyber war

Some time back I suggested the online “group” Anonymous was worth keeping an eye on. This suggestion was subsequently vindicated by the remarkable HB Gary saga involving cyber security consultant Aaron Barr who, to use Stephen Colbert’s now-famous description, stuck his penis into a hornet’s nest when he declared he was going to “out” senior members of Anonymous.

The subsequent crack of his company’s entire network was facilitated by some remarkably elementary mistakes by Barr in his own cyber security — so elementary that some speculate the entire exercise was an elaborate  honey trap, particularly given Barr’s company had done work both on defending against honey traps and using them. If it was an elaborate plot, however, it’s exacted one helluva toll on the perpetrators — Barr, in an utterly unexpected development, has since parted ways with HB Gary Federal. But though Barr is gone, his emails live on after him, and continue to embroil a growing circle of companies.

For example, it was courtesy of Barr’s emails — many gigabytes of which are now strewn across the internet in conveniently searchable form — that we learnt that Morgan Stanley had been one of 200 companies targeted in the 2009 “Aurora” attacks mounted by Chinese crackers. The bank itself hadn’t seen fit to share that with customers or investors.

The emails most famously detail the attack campaigns prepared for the Bank of America and the US Chamber of Commerce against WikiLeaks and its supporters, and against Chamber of Commerce critics and unions, respectively. HB Gary Federal worked with two larger IT security firms, Palantir Technologies and Berico Technologies. Both companies rushed to distance themselves from HB Gary in the immediate aftermath of the revelation of the campaign. However, the strategy of pretending the campaigns were a lone frolic by Barr is breaking down. US writer and activist Barrett Brown has detailed how Palantir and Berico were deeply involved in the preparation of highly aggressive, and possibly illegal, attempts to target and silence supporters of WikiLeaks and critics of the Chamber of Commerce.

Congressional Democrats are now pressing for an investigation of all three firms plus the Washington law firm Hunton and Williams, which was closely involved in the planning of the operations as well.

The emails show HB Gary was also working on techniques to simultaneously establish large numbers of online personae, a virtual army designed to assist in data mining, swamping online discussions and attacking bloggers. Such techniques would be quite handy in the manufacturing of online consent for governments, corporations and NGOs. The emails show the US government was interested in the sock-puppet software.

If you’re wondering quite what the point of establishing a hoard of sock puppets is, remember that purported Liberal grassroots uprising over Malcolm Turnbull’s support for the CPRS, which involved the spamming of Liberal MPs’ offices with emails and phone calls.

There are also plenty of copies of malware now available courtesy of the emails, including the Stuxnet virus used againsth the Iranian nuclear weapons programs, although some of the OMG Anonymous has Stuxnet! reactions overlooked that copies of the code were already available via other means.

Even Barr’s spam emails have proven illuminating, introducing us to shadowy cyber security firms such as Shield Security (enjoy their compelling use of Flash here), which promised systems to intercept Skype calls and satellite interception of data, for governments only (and, apparently, HB Gary).

Along with the likes of Palantir and Berico, these are the arms dealers and military contractors of the internet war, hoping to reap huge profits as cyber security, espionage and the deployment of online attacks by government and non-governments actors alike moves to the centre of national and corporate security strategy. This is a whole new military-industrial complex in development, out of sight, online, beyond normal accountability.

The problem is, of course, the tools of cyber security are just as useful in pursuing domestic policy goals as national security goals, as the plan for critics of the US Chamber of Commerce illustrated, and the involvement of the US Department of Justice in referring Hunton and Williams to Bank of America to develop an anti-WikiLeaks strategy.

The HB Gary crack complemented the anti-corporate tone another Anonymous operation, #OpWisconsin, which joined a variety of operations aimed at Middle Eastern regimes, some energetic, others flagging. The Wisconsin operation seems to have been intended less to support public sector unions protesting against the Republican assault on basic workers’ rights in that state than the involvement of the far-right billionaire Koch brothers. And it was Anonymous, displaying yet another string to its bow, that revealed that Republican Governor Scott Walker had included in his budget bill a clause that would enable the sale without tender public utility assets in Wisconsin, at any price. That operation also targeted the website of a Koch-funded advocacy group and several Koch Industry sites.

The political nature of the operation brought into public gaze a divide between Anons interested in more overtly political activity (and other “whiteknight sh-t”) and those interested only in core free-speech issues (particularly around the activities of the copyright mafia) or, inevitably, just the lulz. The divide has been cast as “newfags” versus “oldfags”, a reversioning of a long-running meme from source community 4chan (warning, as always — 4chan is so Not Safe For Work it’s not funny). But the latest operation, though, is one likely to heal any rift, since it is a return to a long-running Anonymous target, the copyright mafia and its extensive censorship, little of which is reported in the mainstream media.

The reason all this bears watching is that this is only one manifestation of the growing hostility to large corporations evident in the US and the UK. This isn’t to be found only within what’s left of the American union movement occupying the Capitol in Madison. There is an anti-corporate strain within the grassroots of the Tea Party movement, one that places it at odds with the party hierarchy funded by the Koch brothers and the mainstream Republican. Its biggest target is the financial sector and the GFC bank bailouts, an issue that unites left and right in deep hostility to the seeming indulgence of corporate greed.

It’s very similar in the UK. The deep anger many Britons feel toward their financial sector also remains unabated, and still plagues the Cameron government, forcing David Cameron and George Osborne to pretend to play bad cop on bankers’ bonuses.

This is a mood only likely to be worsened by the UK’s lacklustre growth — its economy contracted over the new year and the Conservative’s massive budget cuts haven’t even bit hard yet — and the possibility of an oil shock driven by the current uprisings across the Middle East — inducing, as Richard Farmer pointed out yesterday, the bizarre sight of oil markets being soothed by the promises of Hugo Chavez to intervene in the Libyan crisis (his proposal to do so, presumably aimed at propping up his good friend Colonel Gaddafi, has been rejected by Libya’s freedom fighters). Worsening economic conditions and the example of the Middle East might mean there’ll be less sullen resentment and more protesting, as we’ve already seen in Madison and from British students.

The HB Gary emails, however, reveal a corporate America with an extensive arsenal of cyber weapons at its disposal, and a willingness to deploy them against those wanting to bring greater accountability to the corporate sector and the influence it wields.

7
  • 1
    Harvey Tarvydas
    Posted Friday, 4 March 2011 at 2:36 pm | Permalink

    Dr Harvey M Tarvydas

    BK you bring me to shoot my load of love and affection in your direction with the excitement stimulated by your ripper article.

    My personal experience, disbelieved by almost all whom I care about much less used to seriously abuse me by a mix of advantage seeking strangers and media, involves awful deceitful behaviour that goes all the way to serious criminality in order to disgrace me professionally by the power heads of my beloved medical profession conspiratorially arranged with their dancing partners the heads of powerful government departments.
    I know the heartache dispatched by career ruining mortar fire and the grief of hard earned innocent talent betrayed by the revered turned lying accusers as well as the fabulous thrill of evidence against them falling into my lap as guilt ridding confessions from the so cleverly used and abused bit players of their crimes.

    So your article stimulates uncontrollably as I contemplate ‘mediwiki’, Lithuanian for ‘Medileaks’ – how they kill you (patients) and don’t mind a bit.

  • 2
    Pete
    Posted Friday, 4 March 2011 at 7:51 pm | Permalink

    Another top article from you, Mr Keane. Thanks.

  • 3
    mattsui
    Posted Friday, 4 March 2011 at 9:09 pm | Permalink

    Thank, Crikey and BK.
    I clicked through to Shield Security’s (very impressive) homepage, only to realise -too late!- that, assuming their espionage is a good as you say, they now know my ip address and approximate geographical location.
    Paranioa much??

  • 4
    Pete
    Posted Friday, 4 March 2011 at 9:17 pm | Permalink

    @Mattsui:
    And given it’s Flash, you probably have some LSO Cookie now buried in your browser/flash player that’ll take non-standard tools to clean.

  • 5
    zebbidie
    Posted Friday, 4 March 2011 at 10:55 pm | Permalink

    I don’t think it was Anonymous that revealed the no-bid clause. Ed, the political scientist at Gin & Tacos discovered this on 21st February by…reading the bill. No journalist in the entirety of the American media had thought to do so.

    Sigh…

  • 6
    AR
    Posted Friday, 4 March 2011 at 11:04 pm | Permalink

    Daily Kos as well as George Monbiot in the Grauniad have also pointed out that trolling and spamming is well financed & organised - inter alia rather than have a link upset the Modbot
    - companies now use “persona management software”, which multiplies the efforts of the astroturfers working for them, creating the impression that there’s major support for what a corporation or government is trying to do.

    - this software creates all the online furniture a real person would possess: a name, email accounts, web pages and social media. In other words, it automatically generates what look like authentic profiles, making it hard to tell the difference between a virtual robot and a real commentator.

    - fake accounts can be kept updated by automatically re-posting or linking to content generated elsewhere, reinforcing the impression that the account holders are real and active.

    - human astroturfers can then be assigned these “pre-aged” accounts to create a back story, suggesting that they’ve been busy linking and re-tweeting for months. No one would suspect that they came onto the scene for the first time a moment ago, for the sole purpose of attacking an article on climate science or arguing against new controls on salt in junk food.

    - with some clever use of social media, astroturfers can, in the security firm’s words, “make it appear as if a persona was actually at a conference and introduce himself/herself to key individuals as part of the exercise … There are a variety of social media tricks we can use to add a level of realness to all fictitious personas”

  • 7
    Liamj
    Posted Friday, 4 March 2011 at 11:54 pm | Permalink

    Good wrap Mr Keane, and yes, Anonymous are definately worth watching. I just hope they give us a breather, time to absorb what we’ve just learnt about sockpuppeting for example. Up to 50 ‘personalities’ per operator is apparently possible, how many do you think the coal industry has in this country? How about on this website? Are they administered via the usual astroturf front groups, or as standalone startups offering ‘bespoke’ operations? A misinformed and manipulated democracy needs to know!

Womens Agenda

loading...

Smart Company

loading...

StartupSmart

loading...

Property Observer

loading...