To offer cyber protection, we need to understand cyber intrusion (i.e. hacking). And US journalist Barrett Brown was researching the companies that practise both. Until, that is, he was sent to jail.
On 6 March 2012, Brown’s home was raided by the FBI and his laptop seized. He was eventually sentenced to 63 months in jail. On 29 November 2016, Brown was released on parole. And to celebrate, WikiLeaks published a searchable database of 60,000 emails from HBGary (one of the cyber-intelligence contractors Brown had investigated).
For the next two years, Brown will only be able to use a computer that’s authorised and regularly examined by the Probation Service.
But what exactly are the authorities so afraid of?
Revelations about a shadow CIA?
After defence lawyers had argued that the most controversial charge (the re-posting of a hyperlink) would violate Brown’s First Amendment rights, the prosecution agreed to drop it, as well as some lesser charges. The hyperlink in question went to a website that contained hacked material from private intelligence firm Stratfor (later published by WikiLeaks). The material proved how Stratfor was engaged in global intelligence-gathering. Including, controversially, the monitoring of political activists on behalf of big businesses.
The material also showed how Stratfor CEO Fred Burton had revealed that a secret Grand Jury had issued a sealed indictment for WikiLeaks founder Julian Assange: “Not for Pub — We have a sealed indictment on Assange. Pls protect.” In addition, Burton said: “Assange is going to make a nice bride in prison. Screw the terrorist. He’ll be eating cat food forever…” And there was much more.
In February 2011, hacktivists raided the computer systems of HBGary and HBGary Federal (the latter provides services and tools to the US Government), releasing 70,000 emails.
Via his ProjectPM wiki (a website allowing for collaborative changes), Brown investigated the activities of these companies. He soon came upon a project called Team Themis. HBGary Federal – part of HBGary (later rebranded as CounterTack) – had set this up in partnership with two other companies – Palantir and Berico. Their objective was to identify and target threats, including WikiLeaks, as indicated in this presentation [pdf, page 14].
Brown examined other projects, some of which he’d identified via researchers at Telecomix’s Blue Cabinet wiki. These included the following:
– Persona management. This is about the creation of online identities for propaganda, disinformation, or surveillance purposes. Ntrepid – a subsidiary of Cubic Corporation (a global leader in defense, transportation systems, and radio frequency identification (RFID) solutions) – provided such a service via a $2.76m contract to Centcom (part of America’s National Security Agency). Other specialists in persona management included the US Air Force [pdf] and Abraxas, an intelligence contractor purchased by Cubic.
– Anonymizer. This is an encrypted email service, used by thousands of political activists around the world. Until, that is, the exposure of its owner, Abraxas (many of Anonymizer’s users would have been unaware their activities could be compromised).
– Tartan. This is a threat-modelling facility which identifies and targets poltical activists and their networks. Its owner is Ntrepid. Bloggers @not_me, Asher Wolf, and DarkerNet (website closed) were the first to discover it.
And then came Trapwire
Trapwire is a global surveillance system developed by Abraxas Applications (a subsidiary of Abraxas Corporation). It has links to the National Suspicious Activity Reporting Initiative (NSI), a programme designed to help aggregate reports of suspicious, as well as political activity around the US.
The Texas Department of Public Safety, which operates the Texas Fusion Center and whose assistant director of intelligence was Stratfor’s Fred Burton, had purchased TrapWire to police the border with Mexico. Congressional testimony indicated that the Washington DC Police Department was also part of a TrapWire trial.
As details of Trapwire emerged (raising suspicions that its facilities had links to mass transportation systems in the US, Australia and the UK), Anonymous staged a campaign [archive] to destroy as many of its cameras as possible.
Back to the future
In addition to all this, there is a growing number of intelligence companies that offer cyber protection and related services.
For example, Protection Group International (PGI) is a UK-based company that boasts Mi:fusion, which allows clients to “harvest a vast majority of open source feeds, including web content, social media and news sources”. One of PGI’s executive members is a former deputy director of British intelligence agency GCHQ.
There’s also Endgame Systems – a company listed on Barrett Brown’s arrest warrant. One Endgame product is Bonesaw, a threat detection service that enables customers to remotely take over any computer to see what’s inside.
Meanwhile, the cyberspace war between government agencies (and their commercial partners [pdf]) and the general populace continues. As with any war, there are casualties. And Barrett Brown was one of them. But his research will no doubt continue.
The question is: Where exactly is the line between (legalised) hacking and protection?
– Donate to Barrett Brown’s $890,250 fines and restitution costs to Stratfor.
– In March 2012, authorities arrested activist Jeremy Hammond and charged him with the Stratfor hack. His conviction for ‘computer misuse crimes’ came in November 2013. The sentence was 10 years in jail. You can donate to Jeremy Hammond’s campaign here.
– Support the work of the Courage Foundation.
– Read more about Barrett Brown’s investigative work at ProjectPM.
– Finally, search the HBGary emails (published by WikiLeaks on 29 November 2016).
Featured image via Flickr Creative Commons