Part 1 of several to come:
Lets begin a couple years back with the release of the hacked e-mails of defense contractor HBGary by Anonymous. Many readers will be familiar with these events as it was covered extensively on this site as well as many others. The Nation offers a refresher:
Two years ago, a batch of stolen e-mails revealed a plot by a set of three defense contractors (Palantir Technologies, Berico Technologies and HBGary Federal) to target activists, reporters, labor unions and political organizations. The plans— one concocted in concert with lawyers for the US Chamber of Commerce to sabotage left-leaning critics, like the Center for American Progress and the SEIU, and a separate proposal to “combat” WikiLeaks and its supporters, including Glenn Greenwald, on behalf of Bank of America— fell apart after reports of their existence were published online. But the episode serves as a reminder that the expanding spy industry could use its government-backed cyber-tools to harm ordinary Americans and political dissident groups.
“I think we need to highlight people like Glenn Greenwald. Glenn was critical in the Amazon to OVH [data center] transition and helped WikiLeaks provide access to information during the transition. It is this level of support we need to attack. These are established professionals that have a liberal bent, but ultimately most of them if pushed will choose professional preservation over cause, such is the mentality of most business professionals. Without the support of people like Glenn WikiLeaks would fold.”
HBGary was to be tasked with
creating an army of sock-puppets to spread propaganda or infiltrate groups:
HBGary was part of a consortia that submitted a proposal to develop a “persona management” system for the United States Air Force, that would allow one user to control multiple online identities for commenting in social media spaces, thus giving the appearance of grassroots support or opposition to certain policies.
After the HBGary fiasco, the sock-puppet contracts where awarded to a firm called
Ntrepid
Ntrepid Corporation, registered out of Los Angeles, bills itself as a privacy and identity protection firm in some job postings, and a national security contractor in others, but its official website was amazingly just one page deep and free of even a single word of description.
In spite of their thin online presence, Speaks said the firm was awarded $2,760,000 to carry out the “persona management” contract
Ntrepid also owns a product called Tartan. Those familiar with the Occupy crackdown may have heard of it:
In another document on Ntrepid letterhead, titled “Tartan Influence Model: Anarchist Groups,” Tartan is positioned as a software tool that can help combat domestic protestors who operate in “an amorphous network of anarchist and protest groups” and suggests that these groups are prone to violence. They name Occupy Wall Street and Occupy D.C. as part of the problem, and have “built Occupy networks through online communication with anarchists.” By identifying the threat of anarchistic, supposedly violent protestors, Tartan sells its services by saying their software “identifies the hidden relationships among organizers of seemingly unrelated movements… To mitigate the ability of anarchists to incite violence… Law enforcement must identify the complex network of relationships among anarchist leaders
HBGary later went on to be sold to ManTech International(itself a corruption hotbed with the Rick Renzi scandal in arizona). ManTech also owns MSM Security Services who do the background checks, etc for security clearances allowing people like Snowden to gain access to classified information. ManTech employees are now
facing charges :
A federal contractor pleaded guilty to lying about conducting background checks on government employees - a crime that prosecutors say is becoming increasingly common.
The U.S. government had indicted Ramon Davila in 2011 for 24 separate offenses related to his work at ManTech MSM Security Services; Systems Application & Technologies; and USIS, which was formerly known as U.S. Investigations Services.
This means that a contractor like ManTech was able to issue its own security clearances to itself.
We will get back to more of this later but lets talk about Palantir Technologies for a moment. Palantir is another silicon valley defense contractor that started literally across the street from Facebook. Funny enough two key players in Facebook are now heavily involved with Palantir. Billionaire investor Peter Thiel and Sean Parker.
Palantir says it sells "software that allows organizations to make sense of massive amounts of disparate data," for purposes including "combating terrorism," and offers to bring "Silicon Valley to your doorstep." It's enjoyed early investments from the CIA, which might have something to do with its current napkin-valuation of around $5 billion, and now employs former top spooks like Michael Leiter. Palantir also happens to sell software called "Prism," which shares its namesake with an NSA spy program that also aims to bring Silicon Valley to snoop doorsteps around the Beltway. Palantir's Prism, according to a handy user manual published on TPM, "is a software component that lets you quickly integrate external databases"—exactly the kind of action that the NSA allegedly makes use of to suck up your Facebook browsing, Gmail inbox, and Google searches in realtime.
Palantir’s rise to prominence, now reportedly valued at $8 billion, came from initial investment from In-Q-Tel, the venture capital arm of the CIA, and close consultation with officials from the intelligence-gathering community, including disgraced retired admiral John Poindexter and Bryan Cunningham, a former adviser to Condoleezza Rice.
After the HBGary events Palantir issued an 'apology':
Palantir CEO Karp ended all ties to HBGary and issued a statement apologizing to “progressive organizations… and Greenwald … for any involvement that we may have had in these matters." Palantir placed an employee on leave pending a review by a third-party law firm. The employee was later reinstated
Laying the blame on a 27 year old engineer:
“The idea that a 27-year-old wouldn’t have the ability to make a decision about our proposal is very foreign to how we work. It would go further up the chain if it was a proposal, but it wasn’t.”
Indeed, the 330-person company is largely comprised of 27-year-old “forward deployed engineers” who are given a lot of free rein to make decisions. But in an industry like cyber-security, young engineers may not have the experience to make the best judgment calls. Even Karp concedes, “There was an oversight breakdown on the proposal phase of our work and we regret that.”
Makes you wonder what other oversight breakdowns have taken place. Regardless, Palantir escaped scrutiny and continues to be praised by those in charge:
Vice President Joe Biden and Office of Management and Budget Director Peter Orszag held a press conference at the White House announcing the success of fighting fraud in the stimulus by the Recovery Accountability and Transparency Board (RATB). Biden credited the success to the software, Palantir, being deployed by the federal government.[13] He announced that the capability will be deployed at other government agencies, starting with Medicare and Medicaid
.
After the HBGary hack journalist and satirist Barrett Brown began going through the document dump and writing about all that he found. Not much further down the road Anonymous spinoff AntiSec hacked security firm Strafor Global Intelligence and Barrett Brown immediately jumped on the story combing through the documents:
It’s obvious by looking at the most recent posts on Barrett Brown’s blog that while he is highly interested in Stratfor, it wasn’t the credit card information that motivated him. When those five million emails leaked, a product called TrapWire, which was created by a company called Abraxas, was revealed to the public at large. And it caused a media shitstorm. In 2005, the founder of Abraxas and former head of the CIA’s European division, Richard Helms, described TrapWire as software that is installed inside of surveillance camera systems that is, “more accurate than facial recognition” with the ability to “draw patterns, and do threat assessments of areas that may be under observation from terrorists.” As Russia Today reported, one of the leaked emails, allegedly written by Stratfor’s VP of Intelligence, Fred Burton, stated that TrapWire was at “high-value targets” in “the UK, Canada, Vegas, Los Angeles, NYC.”
Barrett Brown was doing some very serious investigating into a company called Cubic from San Diego, that was alleged to own TrapWire as a subsidiary of their firm. This is an allegation that they officially denied. However, these tax filings from 2010 that Barrett uncovered clearly state that Cubic had in fact merged with Abraxas Corporation. If you click through and take a look, you can see that Richard Helms’s name is right there on the top of the first page.
On those same tax-returns... a company called Ntrepid.
Brown also became especially interested in the firm Endgame Systems who was not happy about the HBGary leak:
“Please let HBGary know we don’t ever want to see our name in a press release"
One of its products, available for a $2.5 million annual subscription, gave customers access to “zero-day exploits”—security vulnerabilities unknown to software companies—for computer systems all over the world. Business Week published a story on Endgame in 2011, reporting that “Endgame executives will bring up maps of airports, parliament buildings, and corporate offices. The executives then create a list of the computers running inside the facilities, including what software the computers run, and a menu of attacks that could work against those particular systems.” For Brown, this raised the question of whether Endgame was selling these exploits to foreign actors and whether they would be used against computer systems in the United States.
These zero-day exploits where the exact thing planned to be used against Unions, Glenn Greenwald and whomever else may have sparked their ire. This also of course ties in directly with what Snowden was saying about hack attacks on universities and other civilian targets.
Defense News has more on Endgame and their program 'Bonesaw':
Endgame’s Bonesaw is marketed to U.S. intelligence agencies and large companies. It doesn’t hide its offensive capabilities as a tool for launching cyber weapons.
Marketing documents say “the Bonesaw platform provides a complete environment for intelligence analysts and mission planners to take a holistic approach to target discovery, reducing the time to create actionable intelligence and operational plans from days to minutes.”
“Bonesaw is the ability to map, basically every device connected to the Internet and what hardware and software it is,” says a company official who requested anonymity.
It of course does not end with Bonesaw:
Endgame’s next product is more advanced than Bonesaw. The application, called Velocity, is to provide access to this mapped-out Internet in real time as hardware is added and deleted, making cyber targeting more immediate, and increasingly laying bare the Internet.
Browns journalism and activism brough the ire of the federal government, and they came down hard. Extremely hard. Brown is facing:
facing up to 100 years in jail for three separate indictments. Two of the indictments—the threatening of an FBI officer in a YouTube video and the concealing of evidence—do not seem worthy of such a harsh sentence, considering a man in Houston recieved only 42 months for threatening to blow up an FBI building, and a former dentist got 18 months for threatening to kill an FBI agent. The third, however, pertains to Barrett Brown's pasting of a link in an Anonymous IRC chat room to a document full of credit card numbers and their authentication codes that was stolen from the security company Stratfor, in the midst of a hack that released over five million internal emails. Those emails were published to Wikileaks
This came through a convoluted series of events and intense pressure:
The FBI acquired a warrant for Brown’s laptop, gaining the authority to seize any information related to HBGary, Endgame Systems, Anonymous and, most ominously, “email, email contacts, ‘chat’, instant messaging logs, photographs, and correspondence.” In other words, the FBI wanted his sources.
When the FBI went to serve Brown, he was at his mother’s house. Agents returned with a warrant to search his mother’s house, retrieving his laptop. To turn up the heat on Brown, the FBI initiated charges against his mother for obstruction of justice for concealing his laptop computer in her house. (Facing criminal charges, on March 22, 2013, his mother, Karen McCutchin, pled guilty to one count of obstructing the execution of a search warrant. She faces up to twelve months in jail. Brown maintains that she did not know the laptop was in her home.)
By his own admission, the FBI’s targeting of his mother made Brown snap. In September 2012, he uploaded an incoherent YouTube video, in which he explained that he had been in treatment for an addiction to heroin, taking the medication Suboxone, but had gone off his meds and now was in withdrawal. He threatened the FBI agent that was harassing his mother, by name, warning:
“I know what’s legal, I know what’s been done to me.… And if it’s legal when it’s done to me, it’s going to be legal when it’s done to FBI Agent Robert Smith—who is a criminal.”
“That’s why [FBI special agent] Robert Smith’s life is over. And when I say his life is over, I’m not saying I’m going to kill him, but I am going to ruin his life and look into his fucking kids…. How do you like them apples?”
We have seen this kind of intense pressure on Aaron Swartz, 'the anthrax killer' (yeah right), and so many other government 'enemies'. The 'threat' clearly was not smart, but also clearly said it was not a death threat. However immediately the story was no longer about government surveillance and potential crimes but about 'crazy ol' Brown'.
All told, Brown is looking at century of jail time: 105 years in federal prison if served sequentially. He has been denied bail.
Brown has been sitting in jail ever since and the story was dropped until Snowden came along. And
Michael Hastings.
About 15 hours before dying in a fiery car crash at about 4:30 a.m. in L.A. on June 17, journalist Michael Hastings sent an email to several colleagues that said the FBI was investigating him and he was "onto a big story."
Hey [words blurred out] — the Feds are interviewing my "close friends and associates." Perhaps if the authorities arrive "BuzzFeed GQ", er HQ, may be wise to immediately request legal counsel before any conversations or interviews about our news-gathering practices or related journalism issues.
Also: I'm onto a big story, and need to go off the [radar] for a bit.
All the best, and hope to see you all soon.
Buzzfeed editor Ben Smith has said that Hastings was working on a story on Barrett Brown.
This of course opens up all kinds of CT that I won't get into but at the same time wouldnt blame anyone else for diving right in.
So what does it all mean? Peter Ludlow at The Nation has some thoughts:
While the media and much of the world have been understandably outraged by the revelation of the NSA’s spying programs, Barrett Brown’s work was pointing to a much deeper problem. It isn’t the sort of problem that can be fixed by trying to tweak a few laws or by removing a few prosecutors. The problem is not with bad laws or bad prosecutors. What the case of Barrett Brown has exposed is that we confronting a different problem altogether. It is a systemic problem. It is the failure of the rule of law.
12:05 PM PT: Thanks to Lisa Lockwood for the link to Browns Project PM which details these firms/projects much more extensively.
Also this detail from the HBGary Hack is also relevant to Snowden:
At one point during the discussions about how to use their technologies to attack activists, Barr had met with Booz Allen Hamilton senior vice president Bill Wansley