With the NSA PRISM scandal and Edward Snowden’s precarious status as a whistleblower and accused enemy of the state, it’s easy to overlook some characters in the ongoing cyber-war drama. Barrett Brown, an investigative journalist, is one of those characters. Brown,
slapped with a 105 year sentence in federal prison awaiting trial and facing a possible 105 year federal prison sentence for his involvement with the hacker collective known as Anonymous and for possession of sensitive materials, particularly that of private intelligence firms HBGary, Stratfor GI, and Endgame Systems, was arrested nearly three years ago by the FBI. Interestingly enough, the sentence that Brown is serving could serve, essentially for doing his job as an investigative journalist, is grossly exaggerated compared to the sentence given to Jeremy Hammond. Hammond, a hacker that worked on the Stratfor infiltration, was arrested and is now serving ten years. The severity of Brown’s sentence is likely influenced by his promotion of “sensitive material” on his personal website, ProjectPM, and his attack against FBI agent Robert Smith, in which he stated:
So that’s why Robert Smith’s life is over. And when I say his life is over, I don’t say I’m going to kill him. But I am going to ruin his life and look into his f***ing kids because (HB Gary CEO) Aaron Barrdid the same thing and he didn’t get raided for it.
Among the documents acquired in the infiltration, Brown took note of emails involving corporate espionage, defamation via disinformation, and development of custom malware, among other highly suspect activity. One email, written by the now former HBGary CEO, flaunts his ability to hack into and “exploit” an Exelon plant in Pennsylvania:
Example: If I want to gain access to the Exelon plant in Pottsdown, PA, I only have to go as far as LinkedIn to identify Nuclear engineers being employed by Exelon in that location. Jump over to Facebook to start doing link analysis and profiling. Add data from twitter and other social media services. I have enough information to develop highly targeted exploitation efforts. I can and have gained access to various government and government contractor groups in the social media space using this technique . . . Given that people work from home, access home services from work – getting access to the target is just a matter of time and nominal effort.
The process described by Barr, along with services offered by HBGary sound eerily similar to Stuxnet, Duqu and Flame. Stuxnet was a computer virus revealed in 2010 to have sabotaged Iran’s nuclear programme. Duqu, a worm-type virus, is a beefed up version of Stuxnet that has the same function (attacking industrial control systems). Flame, discovered in 2012, gives user remote control over system hardware and software. In recent news, Stuxnet was brought back to the limelight by Snowden’s admission of the virus’ creation by joint efforts between the National Security Agency and the Israeli government. The most secretive materials in the cache, involve the aforementioned companies along with Palantir Technologies, Berico Technologies, and their formation of Team Themis, of which all related materials have subsequently been removed from the web and the group has since disbanded. Some lingering emails remain, delineating preferred tactics for their advancement: Matthew Steckman (Palantir) to Aaron Barr:
- Feed the fuel between the feuding groups.
- Create messages around the actions to sabotage or discredit the opposing organization.
- Submit fake documents then call out the error.
- Create concern over the security of the infrastructure.
- Create exposure stories.
- Cyber attacks against the infrastructure to get data on document submitters.
This rabbit hole gets deeper and the bottom is nowhere in sight. Brown, trying to link the pieces together, saw a consortium of private intelligence contractors (PICs) and US government agencies working hand-in-hand in acts that clearly impinge our civil liberties, and more disconcerting, our lives. The US Air Force in 2010, for example, requested “persona management software” that would enable one user, with a fake identity, to run several social media accounts simultaneously. In doing so, they’d be able to establish profiles on individuals participating in these forums indiscriminately. The vast links between Social Media outlets, Google, NSA, and computer/software companies such as Apple and Microsoft is intricate, but each has contributed and continues to contribute to an agenda that undermines our right to freedom of speech, press, and assembly. It would seem that since the vast majority are no longer seen as people, but commodities, our civil rights can be impinged because commodities have none.