The American Bear


How Barrett Brown shone light on the murky world of security contractors | Arun Gupta

[Barrett] Brown made a splash in February 2011 by helping to uncover “Team Themis”, a project by intelligence contractors retained by Bank of America to demolish the hacker society known as Anonymous and silence sympathetic journalists like Glenn Greenwald (now with the Guardian, though then with Salon). The campaign reportedly involved a menagerie of contractors: Booz Allen Hamilton, a billion-dollar intelligence industry player and Snowden’s former employer; Palantir, a PayPal-inspired and -funded outfit that sells “data-mining and analysis software that maps out human social networks for counterintelligence purposes”; and HBGary Federal, an aspirant consultancy in the intelligence sector.

The Team Themis story began in late 2010, when Julian Assange warned WikiLeaks would release documents outlining an “ecosystem of corruption [that] could take down a bank or two.” Anticipating that it might be in Assange’s sights, Bank of America went into damage-control mode and, as the New York Times reported, assembled “a team of 15 to 20 top Bank of America officials … scouring thousands of documents in the event that they become public.” To oversee the review, Bank of American brought in Booz Allen Hamilton.

Days later, Bank of America retained the well-connected law firm of Hunton & Williams, which was reportedly recommended by the Department of Justice. Hunton & Williams promptly emailed HBGary Federal, Palantir and Berico; they, in turn, “proposed various schemes to attack” WikiLeaks and Greenwald. In fact, Hunton & Williams had first contacted the three tech firms in October 2010, at the behest of the Chamber of Commerce to find out if it was being attacked by labor union-backed campaigners.

The final cast member, Aaron Barr, then CEO of HBGary Federal, started creating personal dossiers on Hunton & Williams employees to display his prowess as a social media ninja – his way of convincing the law firm that he could train them in the perils of social media. Barr was anxious to generate income for his struggling subsidiary.

According to the Team Themis proposal, its partners suggested creating false documents and fake personas to damage progressive organizations such as “ThinkProgress, the labor coalition called Change to Win, the SEIU, US Chamber Watch, and”. According to reporting by Wired, the three companies hoped to bill the Chamber of Commerce for $2m a month. But while (as leaked emails showed) the parties in the plan went back and forth over how to apportion the spoils, nothing was forthcoming.

Then Hunton & Williams submitted the Bank of America proposal, and HBGary Federal, Palantir and Berico swung into action. On 2 December, just three days after Assange’s warning, Aaron Barr crafted the plan to launch “cyber attacks” on WikiLeaks.

The tech companies’ emails – which Anonymous hacked and Barrett Brown helped publicize – listed planned tactics:

“Feed[ing] the fuel between the feuding groups. Disinformation. Create messages around actions to sabotage or discredit the opposing organization. Submit fake documents and then call out the error.”

They also proposed “cyber attacks”, using social media “to profile and identify risky behavior of employees”, and “get people to understand that if they support the organization we will come after them”, implying threats. There was also email chatter about attacking journalists with “a liberal bent”, specifically naming Greenwald. Some aspects of the Team Themis proposal were reminiscent of a leaked 2008 Pentagon counterintelligence plan against WikiLeaks.

In early January, email messages from HBGary Federal show plans for a meeting with Booz Allen Hamilton, apparently regarding Barr’s plans against WikiLeaks and Anonymous. At this point, no one was buying Barr’s scheme – even as he bragged to the Financial Times, on 4 February 2012, that he had used Facebook, Twitter and other social media to identify the “leaders” of Anonymous.

Barr believed that had piqued the interest of the “FBI, the Director of National Intelligence, and the US military”. In fact, it had merely made him a marked man: two days later, as Wired reported, Anonymous ”took down [HBGary Federal’s] website, stole his emails, deleted the company’s backup data, trashed Barr’s Twitter account and remotely wiped his iPad.” For his part, Brown created Project PM, “a crowd-sourced wiki focused on government intelligence contractors” to delve through the tens of thousands of emails taken from HBGary Federal’s servers.

A critical element in the story concerns the fact that, according to one of the leaked emails, the companies were hoping that “if they can show that WikiLeaks is hosting data in certain countries it will make prosecution easier.” The hacked emails also revealed, Forbes reported, that Barr was hoping to sell the information on Anonymous members to the FBI. The fact that Barr was stoking interest among security agencies with a dossier of supposed Anonymous members containing incorrect names meant that innocent people might have been jailed if he had succeeded in his scheme.

Barr resigned and HBGary Federal was subsequently shuttered. But the story doesn’t end there. In July 2011, the Anonymous-linked “AntiSec” raided Booz Allen Hamilton and made off with 90,000 emails. One allegation that emerged from the cache was that BAH had been working with HBGary Federal “to develop software that would allow for the creation of multiple fake social media profiles to infiltrate discussion groups and manipulate opinion on the sites and discredit people, as well as to match personas online with offline identities.”

Within days of the Team Themis scandal, Palantir issued a statement announcing that it was cutting ties with HBGary Federal and issued an apology to Greenwald. Its reputation was at stake: in 2011, it scored $250m in sales and its customers included the CIA, FBI, US Special Operations Command, army, marines, air force, LAPD and NYPD. Tim Shorrock, an intelligence industry analyst, believes that with an immigration bill working its way through Congress that will provide billions of dollars for border enforcement, Palantir is also well-positioned to win new clients like ICE and the DEA. Along with Booz Allen Hamilton, Palantir is reportedly being paid by the government to mine social media for “terrorists”.

They are just a few of the nearly 2,000 private companies involved in the US counterterrorism, homeland security and intelligence apparatus. Even as HBGary Federal has disappeared, the privatized surveillance state continues to expand. The privatized intelligence budget alone is estimated at $56bn.

Given the revelations about domestic surveillance, Brown could speak volumes about the nexus between corporations and the state – except that he’s been cooling his heels in a jail outside Dallas, Texas, for 290 days, awaiting two separate trials that could put him on ice for more than 100 years. The US government has slapped Brown with 17 counts that include identity theft, stealing thousands of credit card numbers, concealing evidence, and “internet threats”.

Ahmed Ghappour, attorney for Brown, calls the charges “prosecutorial overreach”, and maintains most are related to legitimate journalistic practices, such as cutting-and-pasting a link and refusing to give the FBI access to his sources on a laptop, “a modern-day notebook”. In contrast to the FBI’s aggressive pursuit of Brown, no probe of the Team Themis project was launched – despite a call from 17 US House representatives to investigate a possible conspiracy to violate federal laws, including forgery, mail and wire fraud, and fraud and related activity in connection with computers.

Ghappour asks:

“What length will the government go to prosecute journalists reporting on intelligence contractors? Brown was one of the first to report on the plan to take down Glenn Greenwald.

“It was clear Booz Allen Hamilton [whistleblower Edward Snowden’s former employer] was consulting with the NSA, at least supporting their mass-surveillance program, and this was one of the leads Barrett was chasing at the time of the arrest.”


The Return of Aaron Barr: Victim of Embarrassing Hacking Now Cybersecurity Chief at Large Federal Contractor


In February, Aaron Barr, CEO of cybersecurity consulting firm HBGary Federal, unwittingly picked a fight with the pro-Wikileaks band of hackers when he boasted in an online article that his company had successfully infiltrated Anonymous by trolling online social media and had gathered personal data on its members. In retaliation, Anonymous hacked into the email accounts of HBGary (the parent company of HBGary Federal) and posted thousands of their emails online. They also hacked Barr’s iPad, iPhone, and his online accounts. Discovered among the cache of emails was a proposed project on which HBGary Federal was to team up with two other cybersecurity contracting firms, Berico Technologies, and Palantir Technologies, to conduct a campaign to “sabotage or discredit” Wikileaks, Wikileaks supporters (including prominent blogger Glenn Greenwald), and other perceived “threats” to two potential clients, Bank of America and the U.S. Chamber of Commerce.

Barr disappeared after the Anonymous controversy, but now he is back. Check out the POGO blog to find out who he is working for now.

Image of Team Themis letterhead via The Pirate Bay.

90,000 Military Emails Leaked After Anonymous Attack

On Monday morning “hacktivist” group Anonymous promised that it would be releasing results of an attack it made on the intelligence community compromised of government agencies around the world like the CIA or Mi6 in the United Kingdom and the companies that support them.

The first wave of results have just been released, (Pirate Bay link) which Anonymous is calling #MilitaryMeltdownMonday. Anonymous targeted consulting firm Booz Allen Hamilton that often works the with U.S. Department of Defense and National Security Administration and gained access to 90,000 military emails, four gigabytes of source code (which was erased from the Booz Allen Hamilton servers) along with login credentials and other sources of information that Anonymous can hack along the intelligence community’s digital infrastructure. What did Anonymous find in Boox Allen Hamilton’s servers and how damaging could be it be to American homeland security?

Keeping with the previous themes of ships (Lulz Security called itself the Lulz Boat), Anonymous calls Booz Allen Hamilton a wooden barge with no security at all. Here is how Anonymous described the attack on Booz Allen Hamiliton:

“We infiltrated a server on their network that basically had no security measures in place,” Anonymous wrote. “We were able to run our own application, which turned out to be a shell and began plundering some booty. Most shiny is probably a list of roughly 90,000 military emails and password hashes (md5, non-salted of course!). We also added the complete sqldump, compressed ~50mb, for a good measure.”

Read the rest of the story here.

For a trove of articles about the original HBGary hack, check here.

In terms of what Anonymous found in the Booz Allen Hamilton servers, there are certainly items that will get people fired. One of the bigger items is Booz Allen Hamilton’s association with security company HBGary. Booz Allen Hamilton and HBGary Federal proposed software for a sophisticated program (dubbed Metal Gear by Anonymous) that would allow security teams to control “sock puppet” online identities in social media spheres that would attempt to steer conversation about certain topics. One way or another because of this program, Anonymous claims that all U.S. military personnel will now have to change their passwords. 90,000 Military Emails Leaked After Anonymous Attack (via metamorphoseandbodhi)

(via metamorphoseandbodhi)

Lessons from Anonymous on cyberwar - Opinion - Al Jazeera English

Clearly offensive cyber operations far predate the 2009 founding of USCYBERCOM.

The email conversations make clear what many have known, that offensive cyber operations against individuals and nation states have been going on for a long, long time.

Experts who claim otherwise are misinformed at best, or actively spreading misinformation at worst. When it comes to cyberwar, the matter is best handled by William Gibson’s famous quote: “The future is already here - it’s just not very evenly distributed.”

Haroon Meer

Palantir Lied?

For those of you following the HBGary/Anonymous/WikiLeaks/etc.. story, an email from the leaked trove would seem to controvert Palantir’s earlier line.

Palantir never has and never will condone the sort of activities that HBGaryrecommended” and “Palantir did not participate in the development of the recommendations that Palantir and others find offensive


From the Email:

Apologies for taking this long to get back to you. Eli and I had to run this way up the chain (as you can imagine). The short of it is that we got approval from Dr. Karp and the Board to go ahead with the modified 40/30/30 breakdown proposed. These were not fun conversations, but we are committed to this team and we can optimize the cost structure in the long term(let’s demonstrate success and then take over this market :)).

We will have to amend a few things in the T&Csprovided to account for this. Sean, can you please amend the T&Cs sent to Berico to reflect 100k for Phase I and 800k for Phase II. Additionally, for Phase II, please reduce the number of cores to 196. I believe we are also working out the language for exclusivity on Corporate Campaign work.

We think that the issues you raised below are valid. Know that while we understand Berico/HBGary will be shouldering the analysis work, we expect that Palantir will still be providing needed infrastructure and support services to make this happen. I imagine we will ALL know more about what this breakdown will look like once work begins. I have a feeling that either way it will seem like money falling from the sky for those of us used to working in the govt sector.

As always, please let me know if you would like to discuss anything.

I can’t wait to see where this goes.

Corporate Hacker Tries to Take Down WikiLeaks - Glenn Greenwald

Glenn Greenwald praises WikiLeaks for shining a light on what government and corporations do in secret. (03:54)