Posts

The HBGary Scandal: Using Counterterrorism Tactics on Citizen Activism

As I described on the Mike Malloy show on Friday and as Brad Friedman discusses in his post on being targeted by the Chamber of Commerce, the essence of the Chamber of Commerce/Bank of America/HBGary scandal is the use of intelligence techniques developed for use on terrorists deployed for use on citizens exercising their First Amendment rights.

ThinkProgress has a post making it clear that the Chamber of Commerce’s nondenial denials don’t hold up. In this post, I’ll begin to show the close ties between the tactics HBGary’s Aaron Barr proposed to use against Wikileaks and anti-Chamber activists and those already used in counterterrorism.

Barr Says He’s Done this with Terrorists

I will get into what we know of Barr’s past intelligence work in future posts, but for the moment I wanted to look just at his reference to analysis he did on FARC. Barr’s HBGary coder, who sounds like the smartest cookie of the bunch was balking at his analysis of Anonymous for several reasons–some of them ethical, some of them cautionary, and some of them technical. In the middle of an argument over whether what Barr was doing had any technical validity (the coder said it did not), Barr explained.

The math is already working out. Based on analysis I did on the FARC I was able to determine that Tanja (the dutch girl that converted to the FARC is likely managing a host of propoganda profiles for top leaders. I was able to associate key supporters technically to the FARC propoganda effort.

He’s referring to Tanja Anamary Nijmeijer, a Dutch woman who has been an active FARC member for a number of years. And while it’s not proof that Barr did his analysis on Nijmeijer for the government, she was indicted in the kidnapping of some American contractors last December and the primary overt act the indictment alleged her to have committed was in a propaganda function.

On or about July 25, 2003, JOSE IGNACIO GONZALEZ PERDOMO, LUIS ALBERTO JIMENEZ MARTINEZ, and TANJA ANAMARY NIJMEIJER, and other conspirators, participated in making a proof of life video of the three American hostages. On the video, the FARC announced that the “three North American prisoners” will only be released by the FARC once the Colombian government agrees to release all FARC guerrillas in Colombian jails in a “prisoner exchange” to take place “in a large demilitarized area.” The proof of life video was then disseminated to media outlets in the United States.

In any case, Barr is referring to an ongoing investigation conducted by the Miami and Counterterrorism Section of DOJ, with assistance from the DNI.

His “proof” that this stuff works is that it has worked in the past (he claims) in an investigation of Colombian (and Dutch) terrorists.

Read more

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.

HBGary Fees: “Dam It Feels Good to Be a Gangsta”

One of the more interesting documents on HBGary et al’s partnership with the Chamber of Commerce details the prices they wanted to charge. Now, other emails make it clear that the Chamber balked at what the team originally proposed would be $2 million of work–the Chamber didn’t pay these rates (indeed, they probably haven’t paid for any of this).

But I was particularly interested in what HBGary’s Aaron Barr proposed charging for the work of what they called a “Social Media SME.”

Social media sme ($250 per hour) – experienced in social media link analysis. Personna development. Content management. Social media exploitation techniques.

This is a social media consultant, someone we know from the team’s plans they intended to deploy on Facebook and Twitter in false personas ultimately aiming to destroy the credibility of anti-Chamber activists.

These are just reasonably skilled trolls.

And for that, they wanted to charge $2,000 a day.

To put it in even more stark perspective, consider one ultimate target of the campaign: the men and women SEIU organizes pushing back against the anti-worker policies of the Chamber. Many of these workers–the kind of people who keep your building clean or care for you when you’re sickmake as little $12/hour or less (though the wages for nurses and other skilled medical care providers are higher).

These corporate spook assholes–in addition to targeting Americans for political activism–also think they’re worth 20 times as much as the people who care for the sick.

As the Palantir employee working with Barr on these numbers put it, “Most of all that we are the best money can buy! Dam it feels good to be a gangsta…..”

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.

Palantir Tries to Preserve Their Government Contracts

In a post I’ll write some day, I will show how the WikiLeaks cables show that every time a partner government threatens to use the high tech intelligence toys we share with it–notably our telecommunication wiretapping–to spy on domestic opponents, the Obama Administration makes a very concerted effort to disavow such efforts (if not end the partnership).

Which is why I find it so interesting that the CEO of Palantir Technologies just apologized to Glenn Greenwald for (I guess) allowing HBGary to target him for an oppo research and attack on his credibility.

“As the Co-Founder and CEO of Palantir Technologies, I have directed the company to sever any and all contacts with HB Gary,” the statement starts.

Dr. Karp explains that Palantir Technologies provides a software analytic platform for the analysis of data. They do not provide – “nor do we have any plans to develop” – offensive cyber capabilities.

In addition, the statement says that Palantir does not build software that is designed to allow private sector entities to obtain non-public information, engage in so-called cyber attacks, or take other offensive measures.

“I have made clear in no uncertain terms that Palantir Technologies will not be involved in such activities. Moreover, we as a company, and I as an individual, always have been deeply involved in supporting progressive values and causes. We plan to continue these efforts in the future,” Dr. Karp added.

“The right to free speech and the right to privacy are critical to a flourishing democracy. From its inception, Palantir Technologies has supported these ideals and demonstrated a commitment to building software that protects privacy and civil liberties. Furthermore, personally and on behalf of the entire company, I want to publicly apologize to progressive organizations in general, and Mr. Greenwald in particular, for any involvement that we may have had in these matters.”

Somehow,Dr. Karp forgot to apologize to Brad Friedman, another journalist WBGary–in projects bid in partnership with Palantir–has targeted.

As a reminder, Palantir Technologies is one of the two other security firms that HBGary partnered with to try to get spying business with Bank of America and the Chamber of Commerce.

But perhaps more relevant is Palantir’s primary focus: working with the national security apparatus. They’ve done at least $6,378,332 in business with entities like SOCOM and FBI in the last several years. And while they say they have no plans to adopt “offensive cyber capabilities,” that’s not to say they’re not helping the government analyze data on our presumed enemies.

I would imagine Palantir has pretty good reason to know that the government will not do business with a contractor using the same technologies to target Glenn Greenwald (and maybe Brad Friedman).

At least not publicly. Remember–DOJ recommended Hunton & Williams (which put Palantir and HBGary together for the bid) to Bank of America.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.

From the ChamberPot: A Carefully Worded Nondenial Denial

The Chamber of Commerce has responded to ThinkProgress’ reporting of the Chamber’s discussions with Hunton & Williams about an intelligence campaign against USChamberWatch and other anti-Chamber efforts. It purports to deny any connection with Hunton & Williams and HBGary.

More Baseless Attacks on the Chamber

by Tom Collamore

We’re incredulous that anyone would attempt to associate such activities with the Chamber as we’ve seen today from the Center for American Progress. The security firm referenced by ThinkProgress was not hired by the Chamber or by anyone else on the Chamber’s behalf. We have never seen the document in question nor has it ever been discussed with us.

While ThinkProgress and the Center for American Progress continue to orchestrate a baseless smear campaign against the Chamber, we will continue to remain focused on promoting policies that create jobs.

But it does no such thing.

First, note what they are denying:

  1. The “security firm” referenced by TP was not hired by the Chamber or by anyone else on the Chamber’s behalf
  2. “We have never seen “the document in question”

By “security firm,” it presumably means HBGary, the one of the three security firms involved that got hacked.

Note, first of all, that they’re not denying hiring Hunton & Williams, the law firm/lobbyist which they hired last year to sue the Yes Men. They’re not even denying that they retain Hunton & Williams right now.

What they’re denying is that they–or, implicitly, Hunton & Williams, on their behalf–hired HBGary.

But as I suggested in my last post on this, they are not paying HBGary (or Hunton & Williams) for the work they’re doing right now; they’re all working on spec, to get the business (business which I’m guessing they’re not going to get).

Read more

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.

The Disinformation Campaign Bank of America Considered

Wikileaks has posted the presentation three security companies–Palantir, HBGary Federal, and Berico Technologies–made to Bank of America, proposing to help it respond to Wikileaks.

In addition to the degree to which the proposal emphasizes the national security ties and military background of the employees of the company (particularly Berico), the presentation fleshes out what the companies proposed. Under potential proactive tactics, it lists:

  • Feed the fuel between the feuding groups. Disinformation. Create messages around actions to sabotage or discredit the opposing organization. Submit fake documents and then call out the error.
  • Create concern over the security of the infrastructure. Create exposure stories. If the process is believed to not be secure they are done.
  • Cyber attacks against the infrastructure to get data on document submitters. This would kill the project. Since the servers are now in Sweden and France putting a team together to get access is more straightforward.
  • Media campaign to push the radical and reckless nature of wikileaks activities. Sustained pressure. Does nothing for the fanatics, but creates concern and doubt amongst moderates.
  • Search for leaks. Use social media to profile and identify risky behavior of employees.

Of particularly interest, they describe HBGary Federal’s abilities to conduct INFOOPS, including “influence operations” and “social media exploitation.”

In other words, in addition to proposing to conduct cyber attacks on Wikileaks’ European-based infrastructure (complete with a picture of WL’s bomb shelter-housed servers), the proposal appears to recommend that these companies be paid to troll social media, like Twitter, to not only “identify risky behavior of employees” but also, presumably, “push the radical and reckless nature of wikileaks activities.” You know–the kind of trolling we often see targeted at Glenn (and in recent days targeted against David House, who was also listed in this presentation).

In addition, the presentation proposes to create a concern over the security of the infrastructure. Interestingly, when additional newspapers in Europe got copies of the State cables (including Aftenposten), some people speculated that the files had come from a hack of Wikileaks servers. (Note how the slide above notes the disgruntled WL volunteers.)

That doesn’t mean we’re seeing this campaign in process. After all, Glenn has a ton of enemies on Twitter. And if the intent behind leaking additional copies of the cables was to suggest WL’s infrastructure had been hacked, that perception has largely dissipated as more and more newspapers get copies.

One final note: according to Tech Herald, the law firm pitching these firms, Hunton and Williams, was itself recommended to BoA by DOJ. As the presentation makes clear, these are significant government contractors. (Remember, we’re getting these documents because Anonymous hacked HBGary Federal, which was offering what it had collected to DOJ.) To what extent is what we’re seeing just an extension of what our own government is trying to combat Wikileaks?

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.

Security Firms Pitching Bank of America on WikiLeaks Response Proposed Targeting Glenn Greenwald

On Saturday, private security firm HBGary Federal bragged to the FT that it had discovered who key members of the hacking group Anonymous are. In response, Anonymous hacked HB Gary Federal and got 44,000 of their emails and made them publicly available.

You believe that you can sell the information you’ve found to the FBI? False. Now, why is this one false? We’ve seen your internal documents, all of them, and do you know what we did? We laughed. Most of the information you’ve “extracted” is publicly available via our IRC networks. The personal details of Anonymous “members” you think you’ve acquired are, quite simply, nonsense.

So why can’t you sell this information to the FBI like you intended? Because we’re going to give it to them for free. Your gloriously fallacious work can be a wonder for all to scour, as will all of your private emails (more than 44,000 beauties for the public to enjoy). Now as you’re probably aware, Anonymous is quite serious when it comes to things like this, and usually we can elaborate gratuitously on our reasoning behind operations, but we will give you a simple explanation, because you seem like primitive people:

You have blindly charged into the Anonymous hive, a hive from which you’ve tried to steal honey. Did you think the bees would not defend it? Well here we are. You’ve angered the hive, and now you are being stung.

As TechHerald reports, among those documents was a presentation, “The Wikileaks Threat,” put together by three data intelligence firms for Bank of America in December. As part of it, they put together what they claimed was a list of important contributors to WikiLeaks. They suggested that Glenn Greenwald’s support was key to WikiLeaks’ ongoing survival.

The proposal starts with an overview of WikiLeaks, including some history and employee statistics. From there it moves into a profile of Julian Assange and an organizational chart. The chart lists several people, including volunteers and actual staff.

One of those listed as a volunteer, Salon.com columnist, Glenn Greenwald, was singled out by the proposal. Greenwald, previously a constitutional law and civil rights litigator in New York, has been a vocal supporter of Bradley Manning, who is alleged to have given diplomatic cables and other government information to WikiLeaks. He has yet to be charged in the matter.

Greenwald became a household name in December when he reported on the “inhumane conditions” of Bradley Manning’s confinement at the Marine brig in Quantico, Virginia. Since that report, Greenwald has reported on WikiLeaks and Manning several times.

“Glenn was critical in the Amazon to OVH transition,” the proposal says, referencing the hosting switch WikiLeaks was forced to make after political pressure caused Amazon to drop their domain.

As TechHerald notes, an earlier version of the slide said support from people like Glenn needed to be “attacked.”

Now aside from the predictable, but nevertheless rather shocking detail, that these security firms believed the best way to take WikiLeaks out was to push Glenn to stop supporting them, what the fuck are they thinking by claiming that Glenn weighs “professional preservation” against “cause”? Could they be more wrong, painting Glenn as a squeamish careerist whose loud support for WikiLeaks (which dates back far longer than these security firms seem to understand) is secondary to “professional preservation”? Do they know Glenn is a journalist? Do they know he left the stuffy world of law? Have they thought about why he might have done that? Are they familiar at all with who Glenn is? Do they really believe Glenn became a household name–to the extent that he did–just in December?

I hope Bank of America did buy the work of these firms. Aside from the knowledge that the money would be–to the extent that we keep bailing out Bank of America–taxpayer money, I’d be thrilled to think of BoA pissing away its money like that. The plan these firms are pushing is absolutely ignorant rubbish. They apparently know almost nothing about what they’re pitching, and have no ability to do very basic research.

Which is precisely the approach I’d love to see BoA use to combat whatever WikiLeaks has coming its way.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.