FBI’s Hacker-Informants

The Guardian uses an eye-popping stat from a hacker journalist–that a quarter of all hackers are FBI moles–to cement a a story about the FBI infiltrating hacker groups.

The underground world of computer hackers has been so thoroughly infiltrated in the US by the FBI and secret service that it is now riddled with paranoia and mistrust, with an estimated one in four hackers secretly informing on their peers, a Guardian investigation has established.

Cyber policing units have had such success in forcing online criminals to co-operate with their investigations through the threat of long prison sentences that they have managed to create an army of informants deep inside the hacking community.

[snip]

So ubiquitous has the FBI informant network become that Eric Corley, who publishes the hacker quarterly, 2600, has estimated that 25% of hackers in the US may have been recruited by the federal authorities to be their eyes and ears. “Owing to the harsh penalties involved and the relative inexperience with the law that many hackers have, they are rather susceptible to intimidation,” Corley told the Guardian.

The number is eye-popping. But there are two details about the story I want to note. First, it suggests that the FBI is recruiting its hacker-informants after catching them hacking. Oddly, though they consider Adrian Lamo among the hackers-moles they describe (indeed, the only one they name), they don’t question whether he just turned Bradley Manning in, or whether he was a more formal informant. Moreover, they don’t note that drug abuse, not hacking, would have been the potential crime Lamo committed in the weeks preceding his turning Manning in.

Also, note what kind of recruiting the story doesn’t address? DOD recruiting. Are all these hackers going straight from FBI to work in DOD’s cyberwars? Or is DOD recruiting a different set of hackers?

image_print
  1. earlofhuntingdon says:

    Just another form of outsourcing. When hackers break the law, is it still breaking the law if they do it because the FBI asked them to and the DoJ doesn’t prosecute them?

  2. MadDog says:

    Given the FBI’s penchant for using stings to trap nail their targets, one wonders whether the same holds true with regard to their hacker snitches?

    And how many hacks began in the sting-happy minds of the FBI?

    As to both the FBI and the DOD, does this remind anyone of slave labor?

  3. MadDog says:

    OT – In response to the tweet listed on EW’s twitter of:

    “Does that mean @HowardKurtz is out of a job?”

    The obvious answer is Howie was left standing with his dick in his hand. *g*

    • earlofhuntingdon says:

      Should have had someone else hide what he needed behind the raised toilet bowl in that tile-floored restaurant’s loo.

  4. SirLurksAlot says:

    it’s all those do-goody-good white hats stacking the numbers, if you ask me… the grey hats ain’gwonna work for the feds. not their style.

    still ~ 25% is statistically significant.

    like dylan said…it ain’t me, babe.

  5. spanishinquisition says:

    The FBI is setting up civilian franchises:

    InfraGard is a non-profit organization that connects the business community with law enforcement. It has about 42,000 members, including FBI agents, according to its website, and has an FBI special agent coordinator at each the bureau’s field offices who recruits interested civilians nearby to form local InfraGard chapters.

    http://www.pcmag.com/article2/0,2817,2386411,00.asp

  6. jo6pac says:

    So let me guess, they are the ones breaking into govt./dod vendors files so they can get more $$$$$ for the games being played. Yep, Main Street loses again.

  7. Adam503 says:

    The same with pretty much all progressive activist groups. I think it possible the entire group blackbloc is composed of nothing but police and police infomants. There may not be any “real” blackbloc protester at all.

  8. Kelly Canfield says:

    Are all these hackers going straight from FBI to work in DOD’s cyberwars? Or is DOD recruiting a different set of hackers?

    Depends on the kind of hacking you want, and how you might want to wall them off from each other.

    For instance, keep phone/Android expertise hackers on the FBI side of the wall, but provide those kind of tethering/router-VoIP-based/widget hacker apps to DoD. A kind of “farm system” that doesn’t let the FBI grade hacker play in DoD world.

    I just say that because your drug-offense, moneyscam-offense hackers are going to show up in FBI farm grade, where you probably want to keep them separate from the world-class system/security hackers DoD is interested in; and also keeps the absolute cream of the crop to DoD. Just a guess.

    • MadDog says:

      Same folks; different perspective.

      The informer is the one who snitches on us to the government.

      The informant is employed by the government to snitch on us.

  9. PierceNichols says:

    First, I’m pretty sure Eric is talking shit to get his name in the paper. I don’t think his claim is even remotely credible.

    Second, hackers are far from a cohesive group, in any sense. Someone who would beat Adrian Lamo with a bat on general principle might just as soon drop a dime on a carder in a heartbeat. Most of the hackers I know (a hell of a lot) belong to that group.

    Third, I think Lamo turned in Bradly Manning b/c he’s a publicity whoring POS. He was nobody, and now he’s widely reviled.

    Fourth, the DoD hires white-hat hackers, not ex-criminals. The criminals don’t have the skills, for one thing. They sign up for that work for exactly the same kind of reasons that anyone else signs up to work for the DoD. This is the pool the folks who wrote Stuxnet came from. Many of these folks hate Adrian Lamo and the national security state as much as you do… but are committed to using their skills to defend the country against actual threats.

    • MadDog says:

      I’ve spent over 30 years in the computer biz, and I’m sorry to say, but your take on the human race sounds…(how shall I put it the least inoffensively)…guileless.

      I’ve known thousand of techies over the years and they are no different than any other group of people. By that I mean there are hardcore criminals living among us, working side by side with us, and that’s just the way our species is.

      The idea that the DOD hires only white-hat hackers is plainly absurd. I’m a military veteran and I can tell you that while there are plenty of good folks in the military, there are also murderers (I’ve personally stood watch with one), rapists, serial liars and a multitude of other miscreants.

      While it’s heartwarming to think of our species as wonderful angels, the facts of life are far different.

      • PierceNichols says:

        You missed the core of my point — black hat hackers generally grab low-hanging fruit. Most people are dumb about security, and therefore little in the way of skills are required in order to make a hell of a lot of money black hatting. They therefore lack the skills the DoD requires.

        The DoD, as demonstrated by Stuxnet, is hiring the best there are for their offensive hacking outfit. Stuxnet by itself is an impressively subtle and finely-tuned piece of attackware. Letting it be discovered was an inspired touch, because it made it far more powerful.

        As a stand-alone attack, Stuxnet caused significant harm to the Iranian nuclear weapons program. As a well-known and plausibly deniable attack that is widely believed to be the work of the US DoD, it causes significant and ongoing harm to the operational capabilities of every US opponent who uses computers and networks. After all, if the US can pwn air-gapped computers of the Iranian nuclear program at will, they can damn well pwn you too. Therefore, opponents of the US will tend to increase their computer and network security above and beyond where they’d set it on their own, which imposes a heavy and continuous tax on their operations… without the US lifting a finger.

  10. bobschacht says:

    I’m posting before reading all the comments, but here goes:

    Are all these hackers going straight from FBI to work in DOD’s cyberwars?

    The infiltration is all about the cyberwar. The real targets are Wikileads, Julian Assange, and Anonymous– and probably others like them.

    China? Meeh, who cares about them. But the FBI won’t rest until they get Assange’s balls in a vise. And I’ll bet Anonymous is suddenly very careful. Who can they trust these days?

    Bob in AZ