Skip to main content

   Defense contactor Booz Allen Hamilton, a shadowy but key player in the schemes revealed by the HBGary break in last February, today got the same treatment from #AntiSec, a successor to the Lulz Security.

   I have not had a chance to study the 130 meg torrent they have released, but I’m sure this is going to be another treasure trove for U.S. citizens interested in security and privacy.

 Here is coverage on today’s incident from Forbes and Gizmodo.

  And here’s the official statement from the #AntiSec crew.

Hello Thar!

Today we want to turn our attention to Booz Allen Hamilton, whose core business  is contractual work completed on behalf of the US federal government, foremost on defense and homeland security matters, and limited engagements of foreign governments specific to U.S. military assistance programs.

So in this line of work you'd expect them to sail the seven proxseas with a state- of-the-art battleship, right? Well you may be as surprised as we were when we found their vessel being a puny wooden barge.

We infiltrated a server on their network that basically had no security measures in place. We were able to run our own application, which turned out to be a shell and began plundering some booty. Most shiny is probably a list of roughly 90,000 military emails and password hashes (md5, non-salted of course!).We also added the complete sqldump, compressed ~50mb, for a good measure.

We also were able to access their svn, grabbing 4gb of source code. But this was deemed insignificant and a waste of valuable space, so we merely grabbed it, and wiped it from their system.

Additionally we found some related datas on different servers we got access to after finding credentials in the Booz Allen System. We added anything which could be interesting.

And last but not least we found maps and keys for various other treasure chests buried on the islands of government agencies, federal contractors and shady whitehat companies. This material surely will keep our blackhat friends busy for a while.

A shoutout to all friendly vessels: Always remember, let it flow!

   The torrent is faster than a new game release – I got all 130 meg in a matter of about three minutes. I haven’t had a chance to even think about examining it yet, but a brief scan shows this is going to take more skill to interpret than the voluminous material from HBGary. I see a SQL server data dump, one file looks to be a bunch of users on a server, apparently shot after all the data was lifted and everything scrubbed but the usernames themselves. They appear to be proving to Booz Allen Hamilton that they’re not kidding and this may be a teaser for a larger dump later once they know what they’ve got.

  I haven’t seen where they’re showing 90,000 userids and passwords yet, but I don’t imagine they’re kidding and content like that is worrying – this goes into the wild like it has, and then it’s a free for all as every black hat and nation state actor out there tries to use the opportunity this disclosure provides.

Originally posted to Stranded Wind on Mon Jul 11, 2011 at 03:03 PM PDT.

Also republished by Anonymous Dkos.

Your Email has been sent.
You must add at least one tag to this diary before publishing it.

Add keywords that describe this diary. Separate multiple keywords with commas.
Tagging tips - Search For Tags - Browse For Tags


More Tagging tips:

A tag is a way to search for this diary. If someone is searching for "Barack Obama," is this a diary they'd be trying to find?

Use a person's full name, without any title. Senator Obama may become President Obama, and Michelle Obama might run for office.

If your diary covers an election or elected official, use election tags, which are generally the state abbreviation followed by the office. CA-01 is the first district House seat. CA-Sen covers both senate races. NY-GOV covers the New York governor's race.

Tags do not compound: that is, "education reform" is a completely different tag from "education". A tag like "reform" alone is probably not meaningful.

Consider if one or more of these tags fits your diary: Civil Rights, Community, Congress, Culture, Economy, Education, Elections, Energy, Environment, Health Care, International, Labor, Law, Media, Meta, National Security, Science, Transportation, or White House. If your diary is specific to a state, consider adding the state (California, Texas, etc). Keep in mind, though, that there are many wonderful and important diaries that don't fit in any of these tags. Don't worry if yours doesn't.

You can add a private note to this diary when hotlisting it:
Are you sure you want to remove this diary from your hotlist?
Are you sure you want to remove your recommendation? You can only recommend a diary once, so you will not be able to re-recommend it afterwards.
Rescue this diary, and add a note:
Are you sure you want to remove this diary from Rescue?
Choose where to republish this diary. The diary will be added to the queue for that group. Publish it from the queue to make it appear.

You must be a member of a group to use this feature.

Add a quick update to your diary without changing the diary itself:
Are you sure you want to remove this diary?
(The diary will be removed from the site and returned to your drafts for further editing.)
(The diary will be removed.)
Are you sure you want to save these changes to the published diary?

Comment Preferences

    •  The Anonymous press release (0+ / 0-)

      that accompanied the databases pokes fun at the company. Unlike HBGary Federal and IRC Federal—both small organizations struggling for revenue—Booz Allen Hamilton is a major defense contractor. It's the 16th largest recipient of federal contractor spending, generating more than $3.7 billion of revenue from the government in 2010. Given this stature, the hackers say that they expected it to be well-defended, but discovered that at least some systems were poorly-secured.
      Enclosed is the invoice for our audit of your security systems, as well as the
      auditor's conclusion.

      4 hours of man power: $40.00
      Network auditing: $35.00
      Web-app auditing: $35.00
      Network infiltration: $0.00
      Password and SQL dumping*: $200.00
      Decryption of data
      *: $0.00
      Media and press
      *: $0.00

      Total bill: $310.00

      Price is based on the amount of effort required.
      **Price is based on the amount of badly secured data to be dumped, which in
      this case was a substantial figure.
      No security in place, no effort for intrusion needed.
      **Trolling is our specialty, we provide this service free of charge.

      Auditor's closing remarks: Pwned. U mad, bro?

      We are Anonymous.
      We are Legion.
      We are Antisec.
      We do not forgive.
      We do not forget.
      Expect us.

      "When the powerless are shut out of the media, we will make the media irrelevant" ~Anonymous~

      by Lisa Lockwood on Tue Jul 12, 2011 at 11:25:40 AM PDT

      [ Parent ]

  •  Thanks again for tackling a story... (5+ / 0-)

    That so many of us would otherwise not notice.

    So any word yet on what these 90,000 accounts might lead to next? And is WikiLeaks involved (yet)?

    •  yes and no (9+ / 0-)

       Apparently they're already talking about additional compromises based on this release, and Wikileaks doesn't do stuff like this - it's AntiSec - the successor to @LulzSec, who publicly announced they were rejoining Anonymous after a 50 day break in spree.

    •  If this is announced, the tangential exploits are (2+ / 0-)

      already done, and there's probably way more that's been done than publicly admitted.  

      Black hats act with speed, stealth and need just a bit of time to plant distracting leads away from their trail.  Of course B.A.H. should not trust their servers anymore (nor workstations), moreover, nor should anyone trust their computers who had any sort of trusted electronic links to them, even if just a USB thumb drive or having used a wireless or wired connection related to their premises.  

      If B.A.H. hadn't invested in a truly capable system administrator and security officer in the past, their shareholders and board should be questioning the management.  Our government should be out front in questioning whether they deserve any further contracts, and review whether any open contracts are being properly fulfilled, or if there were problems with past contracts  

      As a result of B.A.H. failure to secure their systems, there may be a number of new exploits, perhaps going into classified systems.  Our security agencies have provided public guidelines for how to secure computers, and I'm sure a contractor could ask for additional guidance.  It's pathetic and dangerous that government contractors neglect to follow these, especially after the public example already made of HBGary.

      Now, if there hadn't been attempts by such contractors to attack 'liberals' and discredit those with whom vested interests have political disagreements and agenda of destruction, I'd be more than concerned.  It is distressing that the evidence released may show a pattern where contractors like HBGary are involved in dirty tricks and subterfuge against political targets to serve conservative interests and agenda.  As it is I'm still quite concerned, since any open exploits could be used by foreign interests.  I hope our own government agencies have been far more vigilant since HBGary.

      I'm also wondering how long it might be until there's a 'response', perhaps a 'false flag' op by conservative related group that pretends to be a black hat hacker group against some US facility or a key contractor or a promising political candidate or perhaps controversial administration official.  Embarrassing these contractors will make someone demand 'heads'...although, that may be challenging, since I wouldn't put it past black hat types to anticipate such actions.  

      When life gives you wingnuts, make wingnut butter!

      by antirove on Mon Jul 11, 2011 at 09:00:40 PM PDT

      [ Parent ]

  •  Yes, it's AntiSec (7+ / 0-)

    which is basically the same group as LulzSec.  Considering we are paying these clowns tens of millions of dollars for their "expertise" in security, it appears they need to be fired.

    ~War is Peace~Freedom is Slavery~Ignorance is Strength~ George Orwell "1984"

    by Kristina40 on Mon Jul 11, 2011 at 03:25:36 PM PDT

  •  I read this earlier (4+ / 0-)

    and saw the same reference to the military but the article said military contractors.

    Have you read enough yet to know which? Or is it a mix of both?

    "The human eye is a wonderful device. With a little effort, it can fail to see even the most glaring injustice." Richard K. Morgan

    by sceptical observer on Mon Jul 11, 2011 at 03:29:59 PM PDT

  •  Booz Allen Hamilton (11+ / 0-)
    For the Lazy we have assembled some facts about Booz Allen. First let's take a
    quick look of who these guys are. Some key personnel:

    * John Michael "Mike" McConnell, Executive Vice President of Booz Allen and
    former Director of the National Security Agency (NSA) and former Director of
    National Intelligence.

    * James R. Clapper, Jr., current Director of National Intelligence, former
    Director of Defense Intelligence.

    * Robert James Woolsey Jr, former Director of National Intelligence and head
    of the Central Intelligence Agency (CIA).

    * Melissa Hathaway, Current Acting Senior Director for Cyberspace for the
    National Security and Homeland Security Councils

    While on the subject of HBGary I would just like to remind everyone that one of their projects was settings up internet sockpuppets with real 'identities' and 'backgrounds' to sell to the US Military for 'influencing opinion and current events'. Don't think they do not sell the same software to right-wingers.

    War crimes will be prosecuted. War criminals will be punished. And it will be no defense to say, "I was just following orders." G.W Bush

    by LieparDestin on Mon Jul 11, 2011 at 03:30:16 PM PDT

  •  Booz Allen is one of those that Dwight Eisenhower (3+ / 0-)

    warned us about. They are probably the most powerful entity in DC (and of course now internationally). This is HUGE, HUGE, HUGE! They are everything from the most powerful law firm to the most powerful lobbyist and everything in between. I am happy to say this is a big EMBARRASSMENT for them. It will be interesting to see how the media handles this. They represent major media outlets. There is a radio station in DC .. Federal News Radio... all they do is cover Gov't contracting and almost totally sponsored by Booz Allen so far they haven't sid a word.

Subscribe or Donate to support Daily Kos.

Click here for the mobile view of the site