Hacker, Hoaxer, Whistleblower, Spy

Home > Other > Hacker, Hoaxer, Whistleblower, Spy > Page 23
Hacker, Hoaxer, Whistleblower, Spy Page 23

by Gabriella Coleman


  : so, what’s it like sitting in on all this?

  : hi PKE

  : enjoying the view?

  : mostly

  : i am a bit sick right now so i am struggling with all views

  : as an outsider, what’s your opinion thus far?

  : of anonymous?

  : well, thats a broad brush

  : i meant of their relentless takedown of hbgary and co

  It was a bit of a struggle to keep up. I was in the midst of a nasty flu and was worried it was the forerunner of full-blown rabies. I had just had my last inoculation shot four days prior, after an unfortunate run-in with a bat a month earlier. Through the haze, the fever, and the sore throat, I offered:

  : i was surprised at how quick it happened

  : at first

  : and then the conversation on the channel has been quite in the spirit of the lulz

  : which was perhaps submerged weeks before during the other ops

  To which PKE, spared from both the flu and irrational postulates about the onset of rabies, replied with a more incisive commentary:

  : absolutely

  : i mean

  : great work was being accomplished

  : but there was a major deficit of lulz

  : yep and now it has been restocked

  : i think this is more of a surplus

  : haha true

  : i can’t think of a more ridiculous anonymous operation in recent memory

  : the conversation on the channel has been unreal

  : the twitter feed was outrageous

  : yep

  : true

  : man. i really never understood the appeal of the internet hate machine before this

  : boy, when you combine sociopaths with pissed off altruists, get the fuck out of the way

  In the end, left unsatisfied by what the mere mortals had to offer, the Anonymous tricksters opted to release the additional HBGary emails they had been holding onto for leverage. While most of the company emails were being seeded for release during the course of the chat conversation, the following week Anonymous also released Greg Hoglund’s 27,606 emails on AnonLeaks.24

  A Team of Anonymous Ninjas Exposing Team Themis

  For days following this epic showdown, the lulz pulsed through the IRC chat channels, electrifying and recharging the collective mood. The press could not get its fill of the hack. Journalists sought out Barrett Brown for commentary, which appeared from the New York Times to the BBC. On February 8, 2011, Brown jubilantly declared on #ophbgary:

  : NPR asked me who did HBGary

  : I told them “a team of Anonymous ninjas.”

  : NPR?

  : HAHA

  : yes!

  : LOL

  : lol nice

  : lmfao

  From the outside, it appeared as if Brown was a beloved Anonymous activist at the top of his game. But from the inside, with just a tiny bit of poking, it was easy to witness the grumblings about the role he adopted just a little too willingly. At the time, Anonymous was fond of penning collectively written documents. Most of them were about operations. One appeared later in the same month bearing the title “All About Barrett Brown. Add your comments guise.” This defacto performance review dissected his contributions—securing legal help, writing editorials, getting the press online—in relation to a moral evaluation of his public behavior. None of this was done behind his back. Indeed, before the critiques were issued he was solicited to write a statement, included here in its entirety, to appear near the top of the document:

  Yes. Anyone who doesn’t know what I’ve done for Anon hasn’t been involved in OpTunisia and OpEgpyt to any real extent, and anyone who wasn’t working on that campaign every fucking day can go fuck themselves. What’s fucked up is how many more people are in this document than are in any of Anon’s actual important documents. There’s my “statement,” sweethearts. Also note that the person who started all this did not get his paragraph put in the press release and is upset aboutr it.—Barrett Brown

  Understandably—given that he had just told everyone to go fuck themselves—most of the following seven pages of commentary hashing out his personality, motives, and contributions slanted toward the negative. The critiques, while dotted with occasional positive assessments, found consensus in opposition to his self-promotion:

  —This is important. It’s about the basic principles of Anonymous ideology, anonymity and the equality of all.—You seem to imply that you are special and important such that the principles mentioned below, anonymity and equality of all, do not apply to you.

  ---------------------------------------------------------------------------

  *Your dedication isn’t under discussion. You most certainly are one of Anons most important friends. I just want to say that I don’t want to see you as ‘leader of Anonymous’ nor spokesperson. I know that would be of no benefit to Anonymous.+1 wholeheartedly +1 undoubtedly +1 *@Barrett: Anonymous will support you, as long as you do not form a personal army and you abstain from leaderfagging. +1+1+1

  The small team of hackers working behind the curtain were also far from pleased by all the journalistic attention Brown was receiving from the HBGary operation. Roughly a month later, Gawker’s Adrian Chen and John Cook published an article, “Inside Anonymous’s Secret War Room,” detailing the aftermath of the HBGary hack. Brown had spoken to the journalists at length:

  Barrett Brown, who is generally regarded by Anonymous members as a spokesman for the group, said he has known about the “security breach” for some time: “We’re aware of the security breach as other logs from ‘HQ’ have been posted before (and I should note that HQ is not really HQ anyway—you will note that the actual coordination of performed hacks will not appear in those logs).”25

  Upon reading the article, many of the hackers, already annoyed at Brown, became infuriated, lashing out at him on #anonleaks, the channel dedicated to discussing the HBGary leaks.

  : it’s ironic that you claim that you’re good at playing the media yet you fail at making them get their basic facts right

  Brown, along with Gregg Housh (c0s), who also frequently spoke with the media, blamed the journalists for identifying a spokesperson, even when instructed otherwise.

  : I had two people call today, and both said at the end of the interviews

  : “can we call your official spokesperson”

  : here, listen to Housh

  : i have to fight hard each time to get the idiots to not do it

  : and some who agree not to

  : and completely understand

  : put it in right, then have editor fags “fix” it

  : and it says spokesperson, or something else stupid

  : there you go

  : argue with Housh

  : it fucking sucks dealing with these assholes

  : no

  : i dont argue heh

  : then go and get the editor fags to fix it

  With that settled, they moved to other upsetting topics, notably how Brown claimed insider knowledge about #HQ, the HBGary breach, and the hacking, when he had not witnessed the operation, much less contributed to it. Even worse, he was simply wrong about #HQ; it was where the HBGary hack was coordinated:

  <`k>: tbh there’s no need for you to even be talking to media in the first place you’ve done nothing yet you have an explanation for everything

  : k, I’ve done some things, sweetheart

  : it also pisses me off how you make a statement to gawker regarding #hq

  : suggestion: being a journo is, to an extent, about getting your message out there, exposure of your work. Abou
t getting your name known.

  : can we stop talking about this?

  : when it doesn’t concern you in the least

  : they fucking asked me

  […]

  : then don’t open your mouth and tell them that it doesn’t concern you if it doesn’t concern you

  : no, fuck you zomg

  <`k>: it’s easy to say “no” to reporters

  : I don’t take orders

  : if you don’t know what you’re talking about

  As was the case with Snapple before him, Brown got momentarily kicked off the channel, in this case by `k. This was followed by final remarks, including a few about the quality of the spectacle—as if the arguments doubled as an impromptu version of a high school debating match:

  : hate to be one sided but `k and tflow did a much better job than barret on this occasion

  : I would have kicked him

  : but I don’t like kicking people

  : from chats

  <`k>: im just sick of these faggots whoreing attention in the media when they claim they have no part in things yet think they know everything

  Just as Brown became embattled due to his promotional activities in relation to the hacks, HBGary itself faced another set of tough challenges and necessary decisions.

  The Aftermath

  A day after chatting with Anonymous and a week before the premier North American security conference hosted by RSA Security Inc. was slated to begin, Greg Hoglund bemoaned his situation to a reporter: “They are causing me a great deal of pain right now … What they’re doing right now is not hacktivism, it’s terrorism. They’ve really crossed a line here.”26 The terrorism charge was new—never before appearing, either publicly or in emails, from Hogland or Barr. The reversal of terms was likely a carefully crafted PR tactic designed to paint these hackers as “terrorists” and thus as a grave danger to society; it was perhaps a calculated bid to convert the embarrassing reality of the gruesome hack—a potential (probable) disaster—into an advantage. Hoglund also made the decision to pull out of the RSA conference.

  Though HBGary clearly hit a rough patch, the company came out the other side of this turmoil unscathed, or perhaps even stronger—aided by its rebranding of Anonymous as a “terrorist” element to which it was victim. A year later, HBGary was acquired by a defense contractor called ManTech International. Hoglund cooperated closely with law enforcement in its investigations of Anonymous, as duly noted in an FBI press release:

  The broad case against six hackers, including [Hector Xavier] Monsegur, [aka “Sabu”], is the product of an extensive investigation … The attack on HBGary was carefully investigated by the FBI in Sacramento and the case was transferred to New York for Monsegur’s plea. Importantly, the Sacramento investigation greatly benefited from the assistance of HBGary itself.27

  Aaron Barr and HBGary Federal fared less well. As CEO, Barr could not be fired, but he elected to step down by the end of February 2011, and the company subsequently folded. During an interview with Forbes’ Parmy Olson, he reflected on the events: “Do I regret [making those claims] now? Sure … I’m getting personal threats from people, and I have two kids. I have two four-year-old kids. Nothing is worth that.”28

  The two other members of Team Themis, Berico and Palantir, which had schemed with HBGary Federal to discredit WikiLeaks, washed their hands of blood like Lady Macbeth, immediately severing all ties with HBGary Federal and disavowing full knowledge of the plan. But as Nate Anderson of Ars Technica put it: “both of the Team Themis leads at these companies knew exactly what was being proposed (such knowledge may not have run to the top). They saw Barr’s e-mails, and they used his work. His ideas on attacking WikiLeaks made it almost verbatim into a Palantir slide about ‘proactive tactics.’”29

  In the aftermath, troubled by their new-found awareness of such proposed tactics, a group of Democratic congress members sought to investigate Team Themis. During an interview, the lead congressman for the committee, Hank Johnson, expressed why he supported the inquiry: American tax dollars were being used to fund tools and programs to spy on Americans and quell First Amendment rights.30 Other congressmen, notably Representative Lamar Smith, quietly dismantled and blocked this investigation. Regrettably, the mainstream press never followed up to write about the inquiry’s demise.

  The growing dissatisfaction with Barrett Brown inside Anonymous did not slow him down. He remained active within Anonymous for a few more months. The intimate portal into a private security firm like HBGary Federal galvanized him and facilitated the establishment of his web-based think tank ProjectPM (PPM), “a crowd-sourced wiki focused on government intelligence contractors.” It was clear to him that HBGary Federal was not an anomaly amongst defense contractors. In an op-ed published in 2013, Brown expressed his aims for PPM: “we must look not just toward the three letter agencies that have routinely betrayed us in the past, but also to the untold number of private intelligence contracting firms that have sprung up lately in order to betray us in a more efficient and market-oriented manner.”31

  The ballooning size of this market-driven industry has been thoughtfully assessed by Tim Shorrock, one of the few investigative journalists to extensively research the topic. Information is scarce, as he explains, but there are a few telling details to suggest the enormity of these operations:

  Outsourcing has become so pervasive that the Director of National Intelligence decided to study the phenomenon last year. But when the report was finally completed in April 2007, the results were apparently so stunning that the DNI vetoed the idea of putting out a report and instead told reporters that disclosure of the figures would damage national security.32

  It is estimated from current figures that 70 percent of America’s $80 billion intelligence budget goes toward private contractors.33 While the HBGary and HBGary Federal emails provided no hard numbers about the size of the overall industry, they did offer qualitative measures that point to the massive scale of the government intelligence contracting world. Brown, aided by volunteers who did the bulk of the research and writing, and all the technical work, hosted a central repository to catalog the brave new world of corporations that specialize in intelligence gathering, espionage, and infiltration for corporate and government clients. Where the leaked documents truly broke ground was in providing insight into the types of tactics employed by private firms in the era of digital and networked technologies; the firms were evidently willing to propose and engage in reckless acts. After all, Barr was on the path to providing actionable intelligence, for instance, doxing some Anons who had done nothing illegal—even offering nicknames and locations to a reporter. His firm had also laid out detailed plans to sabotage the career of a journalist. Since this type of work is now also spread across hundreds of different private firms, it is unlikely there will ever be a single massive document dump equivalent to the one which busted open COINTELPRO detailing the corporate face of spying; instead, the public will have to rely on the piecemeal datasets it receives through leaks and hacks such as the HBGary one.

  Inspired by the success of the HBGary hack, other Anons would soon seek to direct similar techniques to other security and intelligence firms. But first, the hackers who had decimated HBGary Federal would break away from AnonOps and embark on a fifty-day tour as an experimental performance troupe by the name of LulzSec. It would receive rave reviews from Internet denizens. But corporations watched the play, with its seemingly endless string of encores, in horror.

  CHAPTER 8

  LulzSec

  LulzSec—a crew of renegade Anonymous hackers who broke away from Anonymous and doubled as traveling minstrels—appeared a few months after the infamous HBGary Federal hack. Crewed by the same individuals who had vindictively hacked Aaron Barr, LulzSec’s startling fifty-day catalytic run began in early May 2011 and abruptly ended on June 25, soon after one of their own, Sabu, was apprehende
d and flipped in less than twenty-four hours by the FBI. Among their targets were Sony Music Entertainment Japan, Sony Picture Entertainment, Sony BMG (Netherlands and Belgium), PBS, the Arizona Department of Public Safety, the US Senate, the UK Serious Organised Crime Agency, Bethesda Softworks, AOL, and AT&T. Despite the avalanche of activity—and numerous intrusions—LulzSec, when compared to Anonymous, was more manageable and contained, at least from an organizational perspective. Its members hacked with impunity, finally making good on the 2007 Fox News claim that Anonymous was comprised of “hackers on steroids.”

  LulzSec members played their role knowing full well they were performing for a diverse audience. Even the haughtiest of security hackers who had earlier snubbed Anonymous cheered on LulzSec. Some old-school black hats lived vicariously through LulzSec, in awe of its swagger, its fuck-you-anything-goes attitude, and its bottomless appetite for exposing the pathetic state of Internet security. Journalists could not get enough of their antics, nor could they really keep up. With so many intrusions, exfiltrations, and data dumps, LulzSec blew out the usual three-day news cycle. For much of its reign, LulzSec taunted journalists with the lure of information and then gave them the silent treatment—with one notable exception: Parmy Olson of forbes.com. These hackers (almost) exclusively fed her info about their dealings and, to retain her privileges, she was discreet about the arrangement.1

  Although they gave Parmy Olson enough information to write her stories, LulzSec’s main gateways to the world were their website, their Twitter account, and the website pastebin.com, where all their dumps were mirrored and their proclamations released. Pastebin is typically used by programmers to post small snippets of text, source code, or configuration information. It generates a unique URL that can then be pasted elsewhere, like IRC, for others to view. Instead of pasting multi-line text into IRC channels—something that will get you kicked out of a channel for “flooding”—you can simply provide the link. Typically, these generated links are unmemorable random characters and expire after some time. Pastebin is only one among a multitude of such sites, so why LulzSec chose this medium is a bit of a mystery. Regardless, it freed LulzSec from the need to host infrastructure for their missives. Their Twitter account amassed followers in bulk, sometimes twenty thousand per week. Penned by their resident trickster, Topiary crafted delightful updates, often maintaining a maritime character.

 

‹ Prev