Menu lock

United States

Apr 5, 2013

Reveal the truth about cybersecurity, face the wrath of the US

The US government continues to go after computer activists who seek to reveal the truth about the shadowy cybersecurity industry. The latest target is web-hosting company Cloudflare.

The US government has dramatically lifted the stakes in its crackdown on journalism, subpoenaing a US company in an effort to obtain information about the research and writing of articles that exposed its links with the cybersecurity industry.

In a remarkable fishing expedition, the US Department of Justice has used its prosecution of author and activist Barrett Brown to issue a subpoena to web-hosting company Cloudflare for information relating to the Echelon wiki site.

That site was used by Project PM, an international collaborative research project dedicated to piecing together a clearer picture of the US cybersecurity industry, its extensive links with the US government and secret activities such as the HBGaryFederal-Palantir-Berico plot to destroy WikiLeaks. The subpoena demands, inter alia, “account access history including any and all authentication, file transfer, web server logs or other transaction logs containing source IP addresses relating to the subscriber’s use of Cloudflare services”.

Crikey published a piece by Brown on one of the major Project PM discoveries, a US mass surveillance program targeting Arab social media users called Romas/COIN, in 2011.

Another of Project PM’s targets was a US company called Endgame, a provider of cybersecurity services to many US government agencies, including the Pentagon. Endgame’s services should be enough to make even the most Luddite citizen paranoid. As Business Week — the only mainstream media outlet to investigate the company — revealed in a 2011 article:

“… Endgame executives will bring up maps of airports, parliament buildings, and corporate offices. The executives then create a list of the computers running inside the facilities, including what software the computers run, and a menu of attacks that could work against those particular systems. Endgame weaponry comes customized by region — the Middle East, Russia, Latin America, and China — with manuals, testing software, and ‘demo instructions’. There are even target packs for democratic countries in Europe and other US. allies. Maui (product names tend toward alluring warm-weather locales) is a package of 25 zero-day exploits that runs clients $2.5 million a year. The Cayman botnet-analytics package gets you access to a database of internet addresses, organization names, and worm types for hundreds of millions of infected computers, and costs $1.5 million. A government or other entity could launch sophisticated attacks against just about any adversary anywhere in the world for a grand total of $6 million …”

“Zero-day exploits” attack previously unrevealed flaws in software before developers can patch them.

“Project PM set about revealing the sordid truth about this shadowy industry. Those who participated are now being targeted …”

Some of the information compiled by Project PM was obtained from the famous HB Gary Federal hack, in which would-be US cybersecurity player Aaron Barr and his company had their emails leaked. The emails provided an insight into the rarely-glimpsed world of high-level US cybersecurity, espionage and surveillance. The emails were also used by outlets such as the New York Times to explore links between cybersecurity firms and the US government.

Now, the US government is using its prosecution of Brown, including for the heinous crime of sharing a link, to go after those involved with Project PM, which may have been up to 20 people around the world who used leaked materials and other publicly available information to generate a clearer picture of a secretive industry. The tenuous connection between the charges levelled at Brown and his Project PM activities relates to the hack of emails of self-promoting “alternative CIA” Stratfor, which forms a limited basis for some Project PM materials.

Many of the Project PM contributors are outside the US, including the current webmaster of the site. Among those who contributed research was Melbourne information and transparency activist Asher Wolf. This is the second time Wolf has been dragged into US prosecutions, after Massachusetts prosecutors tried to subpoena a Twitter hashtag relating to the Occupy movement last year.

“The U.S. Department of Justice is out of control,” Wolf told Crikey. “It is deeply troubling that people who engage in journalism, academic research, or who have an interest in following emerging political movements via social media platforms are finding themselves potentially included in U.S. legal dragnets.  These sort of subpoenas are not only vindictive, but also aim to scare people away from poking around in the guts of allegations of nation-wide corruption and malfeasance amongst infosec contractors.

“The fact that a bit of Saturday night online research into infosec contractors – or simply following an issue on Twitter – has now meant I’ve twice faced potential dragnet inclusion in U.S. subpoenas is bloody outrageous. The U.S. should be ashamed of themselves. They’re acting like thugs.”

The fishing expedition continues the disturbing record of both the Obama administration and state-level US prosecutors in persecuting whistleblowers, undermining the First Amendment by arguing releasing information to the media is “aiding the enemy” and aggressively pursuing online activists in an attempt to make an example of them.

But Project PM, and particularly information about Endgame, was important because it demonstrated that, contrary to the narrative pushed by Western governments (including our own) that they are hapless victims of Chinese espionage, cyberterrorists and online activists, Western governments devote considerable resources to their own espionage and cyberattack efforts, frequently via unaccountable, secretive private firms.

Moreover, cybersecurity remains an issue the mainstream media, with rare exceptions, not merely fails to cover accurately but sends out its journalists to serve as enthusiastic spruikers. Journalists hype threats and impacts to strengthen the case for more government and corporate spending to be directed toward the companies that operate in this space, which are increasingly controlled by big US and European defence contractors.

Unlike professional journalists engaged in hysterics, Project PM set about revealing the sordid truth about this shadowy industry. Those who participated are now being targeted by the most powerful government on earth.

We recommend

From around the web

Powered by Taboola

18 comments

Leave a comment

18 thoughts on “Reveal the truth about cybersecurity, face the wrath of the US

  1. Buddy

    A timely reminder that freedom of the press and the attacks against journalist and whistleblowers can be easily wiped away when we as citizens become anesthetised.
    ‘Obama is not the Messiah hes a very naughty boy’

  2. tinman_au

    Good read, thanks Bernard

  3. Theo Areu

    ” The fishing expedition continues the disturbing record of both the Obama administration and state-level US prosecutors in persecuting whistleblowers ”

    Yes, a great piece indeed Bernard.

    I can never understand why Obama is almost worshipped by the western MSM and a variety of political institutions including the Greens here in Oz.

    When ever he talks I run outside and look to see if it’s snowing…WAKE UP!..remember Afghanistan, the American health system, rushed Home Land security legislation and remember the Alimo. He is not your friend, just another of the myriad of wolves in sheeps’s clothing set in place to pave the way for Globalization.

  4. joanjett

    Well I can tell you as a Greens member that I don’t worship Obomber and would have preferred to see Ron Paul get in rather than that Goldman Sachs stooge. This is very concerning indeed. I am a twitter follower of organisations like Demand Progress, the EFF and Advaaz. I have contributed to Wikileaks even though they have been blockaded and also to Bradley Manning’s defense fund. I often wonder whether I am leaving myself open to, well, who knows? I have retweeted heaps of links, that’s what twitter is for. I don’t have a lot of followers and rarely use hashtags. Cyprus is concerning, I think we all ought to be very worried indeed.
    Everyone should beat the blockade and contribute to Wikileaks. It may end up being vital:
    https://beattheblockade.org/

  5. Ross Kelly

    We might wonder if the word democracy can still apply to countries which have massive, unaccountable ‘secret states’ operating figuratively – and, no doubt, also literally – at a subterranean level? One hopes upon hope that some of the people involved will see past the seductive intrigue to contemplate that they are daily at risk of spreading the darkness in the name of keeping the light.

  6. Person Ordinary

    I hope that people reading this courageous piece really do slow down enough to appreciate the full magnitude of what is going on. It is easy to drift on autopilot when reading words like cybersecurity, thinking it is all about software and competition for funding and bureaucrats building empires. This is an end game for the world. This is the struggle for truth to overcome malevolent power. This is an increasingly explicit attempt to stop the internet evolving.

    It is futile, and that is what makes it so dangerous. Those trying to protect the secrecy that surrounds the true holders of power over humanity have no choice but to do whatever it takes. Those fighting for truth, in the knowledge that the old system is leading us to absolute destruction, will never see surrender as an option.

  7. GF50

    Well done Bernard, fair and fearless.
    From Obama’s first bid to win the Democrat candidacy for Pesident IMO he was limp lettuce. Obama talks the talk well enough to fool most of the people some of the time, but has NEVER walked the walk.
    His appointment of the Wall St Teflon Wizards to be his “financial” advisers and plunged the US of A. into recession was icing on the cake.
    He talks the talk well enough to fool most of the people some of the time, but has NEVER walked the walk, his character assessment of people is either non-existant or they show the his basic values.
    Petraeus. promoted from full knowledge of USA war crimes in Iraq to Afghanistan to CIA and the man couldn’t keep his fly zipped!! Great war criminal but a thinker NOT.
    Intelligence of any description cannot be used in conjunction with US of A, nor can Democracy, humanity, decency, liberty or free speech.
    I think that what Bernard has documented in this article, would be enough to put him on the USA list of undesirable alien, not for admission to the USA.
    Security, run for whom by who and in whose best interests! the big bogy man of “Police States”, totally anti-democratic and as Bernard, has stated used to intimidate and deny any dissenting voice.

  8. Person Ordinary

    With no intention to offend anyone, to expect Obama, or any US President, to have the power to change what is really going on is to miss the main game. The big players here use World Wars, ideologies, “terrorist” attacks, media empires and international institutions like pieces on a chess board. It is good to be angry, and ok to be ignorant, but counter-productive to misplace blame.

  9. Hamis Hill

    The Time of Desecration.

  10. GF50

    Hamis Hill, I agree with your post, but maintain that Obama is, at the least an “enabler” with very little “good judgement” and a lack of spine! and he is the current occupant of the “White House”
    As it is my criticism of the ALP Federal Government, they are not doing enough if anything to protect the Democratic rights of ALL Australians and the Australian Constitution. I do believe they are trying under very averse conditions! The Government cannot get a fair and fearless hearing and airing while LNP/MSM/ABC has vested interests in control of that message!