Sunday, March 6, 2011

"The WikiLeaks Threat" and Other Tales from the Dark Side

It all began with news that WikiLeaks would soon shine a spotlight on the thieves dominating the global financial sector, those self-styled "masters of the universe" reigning over capitalism's Borg hive.

Scant months later, as a result of hubris and egomaniacal greed, an enormous window was smashed open and a sharp, merciless light flooded the dark recesses of the dirty world of corporate spying.

Last November, Julian Assange told Forbes that WikiLeaks next target would be a "major American bank."

"It will give a true and representative insight into how banks behave at the executive level in a way that will stimulate investigations and reforms, I presume," Assange informed journalist Andy Greenberg. "For this, there's only one similar example. It's like the Enron emails."

This was no idle threat. Back in January, Swiss whistleblower Rudolf Elmer, a former executive with Switzerland's Bank Julius Baer turned over two CDs to Assange at a London press conference.

WikiLeaks first brush with notoriety, readers will recall, came in 2008 when a federal district court judge in San Francisco first clamped down and then rescinded an order that would have shuttered the web site over their release of highly-compromising internal Baer documents; files which revealed secret trust structures used for asset hiding, money laundering and tax evasion.

The next Baer disclosures are reportedly chock-a-block with new information on tax dodges by "about 40 politicians along with business people, multinational conglomerates and figures from the art world," leaks which The Independent claims could spark a major international scandal.

Elmer, once Baer's man in the British-controlled corporatist paradise, handed Assange information that purportedly included "all the back-up data held on Julius Baer's computer server in the Caymans at the time he was sacked, including accounts, correspondence, memos and resolutions dealing with 114 trusts, 80 companies, 60 funds and 1,330 individuals," according to The Guardian.

It was enough to get Bank of America executives to break out in a cold sweat. After all, Assange told Forbes that WikiLeaks has the hard drive of a bank official loaded with some 5 gigabytes, or 200,000 pages of text, disclosures that would "take down" a major American bank and reveal a pervasive "ecosystem of corruption."

Better break out the biohazard suits!

Shortly after the Forbes interview, The New York Times reported that a high-level conference call amongst key executives, led by BofA's chief risk officer, Bruce R. Thompson, brain-stormed what damaging information might lay buried in the dark silicon brain of that missing hard drive, and concluded that the bank's "counterespionage work was only just beginning."

In full crisis mode, BofA brought in the ultra-spooky consulting firm and private spy shop Booz Allen Hamilton, former National Intelligence oberführer Mike McConnell's current haunt along with the high-powered law firm and lobby shop Hunton & Williams (H&W).

Clocking in at No. 9 on Washington Technology's 2010 list of "Top 100 Government Contractors," Booz Allen raked-in some $3.3 billion last year from various defense and intelligence agencies across the secret state.

Reporting for CorpWatch, investigative journalist Tim Shorrock informs us that "among the many services Booz Allen provides to intelligence agencies ... are wargaming ... as well as data-mining and data analysis, signals intelligence systems engineering (an NSA specialty), intelligence analysis and operations support, the design and analysis of cryptographic or code-breaking systems (another NSA specialty), and 'outsourcing/privatization strategy and planning'."

For their part, Hunton & Williams have long been connected with lobbying for right-wing causes and corporate clients (two terms entirely synonymous) in the banking and energy sectors. The Center for Responsive Politics' OpenSecrets.org web site reports that anti-union stalwarts, far-right Koch Industries, paid the firm some $160,000 last year for lobbying and other unspecified "services."

Other clients, according to OpenSecrets and SourceWatch, include Acxiom Corporation, American Electric Power, the climate change-denying Americans for Affordable Climate Policy, Bank of America, Berkshire Hathaway, Duke Energy, Entergy Corporation, Gas Processors Association (the friendly "fracking" people!), General Dynamics, MasterCard, the National Association of Manufacturers, the Southern Company, Wells Fargo and many, many more!

According to published reports, in early December H&W's go-to guy, John W. Woods, held a meeting with BofA's management team touting the firm's expertise--and connections to the White House and Congress--in hopes of convincing the bank to retain them for their internal probe of WikiLeaks.

It didn't help matters in the "perception management" department when word leaked out that the bank had begun buying up web addresses and domain names that might prove embarrassing should disclosures bring forth those proverbial "smoking guns."

So BofA crisis managers did what they do best when faced with similar sticky situations: they turned to the "experts" and outsourced.

In turn, Booz Allen and H&W also did what they do best: they subcontracted out the dirty tricks portfolio to security grifters meant to do the heavy-lifting they believed would provide that indispensable element of "plausible deniability" lusted after by capitalist thugs and governments everywhere.

Unfortunately for the principals, that high-speed corporate spy train was about to make an unannounced stop.

Anatomy of an "Information Op"

Last month The Tech Herald revealed that private security firms HBGary Federal (currently offline), HBGary, Palantir Technologies and Berico Technologies were contacted by Hunton & Williams and called upon to "develop a strategic plan of attack against Wikileaks."

We learned that H&W "would act as outside counsel on retainer, while Palantir would take care of network and insider threat investigations. For their part, Berico Technologies and HBGary Federal would analyze WikiLeaks," The Tech Herald reported.

According to journalist Steve Ragan, that campaign was to have included a dirty tricks operation targeting critical journalists, including Salon's Glenn Greenwald, WikiLeaks supporters, their families and the group itself through "cyber attacks, disinformation, and other potential proactive tactics."

It seemed like a smart bet at the time. After all, HBGary Federal sold themselves as "experts in threat intelligence and open source analysis" with a focus on "Information Operations (INFOOPS); influence operations, social media exploitation, new media development."

Palantir claimed their security "products" are "broadly deployed throughout the National intelligence and defense communities" as well as "Fortune 50 companies focused on cybersecurity, counter-fraud and insider threat investigations."

Palantir's Government division even bragged that they deliver "the only platform that can be used at the strategic, operational, and tactical levels within the US Intelligence, Defense, and Law Enforcement Communities," and that they can draw "in any type of data, such as unstructured message traffic, structured identity data, link charts, spreadsheets, SIGINT, ELINT, IMINT and documents."

Playing second fiddle to none, Berico told prospective clients that "we are trusted advisors in the areas of technology integration, high-end consulting, cyberspace operations, and intelligence analysis for specialized units and agencies throughout the intelligence community (IC)."

As a dark world denizen of the Pentagon Berico had partnered-up with SAIC and--guess who!--Booz Allen, "winning" a five year, $130 million contract with the Army Intelligence Campaign Initiatives Group (AI-CAG).

According to Berico publicists we learned that the firm "will assist the AI-CIG government program office in producing and developing strategies, concepts, architectures, road maps, and analyses regarding integration of existing and future ISR programs, as well as support to the Army's Intelligence mission."

Meanwhile, a second covert op, also brokered by H&W and using the same players was being stitched-up on behalf of the U.S. Chamber of Commerce.

ThinkProgress investigative journalist Lee Fang revealed that sordid corporate campaign sought to undermine Chamber critics through the production and selective leaking of false documents that could then be called out as fabrications.

Fang reported that "the Chamber hired the lobbying firm Hunton and Williams" and the above-named security outfits "to develop tactics for damaging progressive groups and labor unions, in particular ThinkProgress, the labor coalition called Change to Win, the SEIU, US Chamber Watch, and StopTheChamber.com."

"The security firms," Fang wrote, "hoped to obtain $200,000 for initial background research, then charge up to $2 million for a larger disinformation campaign against progressives."

Rounding out what appears to be part of a larger "public-private partnership" targeting corporate and government critics, The Tech Herald learned that the H&W team "were recommended to Bank of America's general counsel by the Department of Justice," and that the firm was "using the meeting to pitch Bank of America on retaining them for an internal investigation surrounding WikiLeaks."

On paper it seemed like a slam dunk.

Anonymous Enters the Frame

Published reports, notably those of Ars Technica journalist Nate Anderson, have since revealed that Aaron Barr, HBGary Federal's CEO claimed he could exploit social media networks such as Facebook, Twitter and IRC and "easily" gather information about WikiLeaks and their supporters which could then be used to "take down" the organization.

But when Barr boasted to the Financial Times that he had penetrated the cyber-guerrilla collective Anonymous, the group that launched distributed denial of service (DDOS) attacks against PayPal, Visa, MasterCard and other firms which cut-off funds to WikiLeaks after Cablegate revelations, claiming "he had collected information on the core leaders, including many of their real names, and that they could be arrested if law enforcement had the same data," it was a boast too far.

Shortly thereafter, the masked cyber-marauders wrote: "You have blindly charged into the Anonymous hive, a hive from which you've tried to steal honey. Did you think the bees would not defend it? Well here we are. You've angered the hive, and now you are being stung."

In a stunning coup, Anonymous had penetrated HBGary Federal and parent company HBGary's "secure" servers, seizing a treasure trove of more than 70,000 internal emails and other documents, then posted them on the internet along with a search engine.

It didn't help win hearts and minds when Forbes' Andy Greenberg reported that "the head of one of those firms also suggested going after the thousands of individuals who have donated to the group."

"A quick search of the company's WikiLeaks-related conversations," Forbes reports, "shows that Aaron Barr, the HBGary chief executive who first caught the attention of Anonymous by boasting that he'd penetrated the group and identified its leaders, also suggested other tactics against WikiLeaks ... namely, tracking and intimidating anyone who had given money to WikiLeaks."

Another in a long line of "smartest guys in the room," Barr averred that "the security firms 'need to get people to understand that if they support the organization we will come after them. Transaction records are easily identifiable'."

While BofA has sought to distance the bank from the project and Hunton & Williams have refused to comment, leaked emails paint a damning picture indeed.

In early December, John Woods wrote executives at HBGary, Berico and Palantir that "Richard [Wyatt, another H&W partner] and I am meeting with senior executives at a large US Bank tomorrow regarding Wikileaks. We want to sell this team as part of what we are talking about. I need a favor. I need five to six slides on Wikileaks--who they are, how they operate and how this group may help this bank. Please advise if you can help get me something ASAP. My call is at noon."

Barr replied, "Sure thing. I will work on it tonight. Sam?"

Eli Bingham, a top Palantir executive chimed in, "Fine by me."

A day later, Palantir code monkey Matthew Steckman wrote that Woods and other principles should review the attached WikiLeaks slide deck.

That now-infamous PowerPoint presentation appearing under the Palantir logo, titled "The WikiLeaks Threat," was rushed into production by the firms' self-styled "Themis Group," named after the Greek Titan who embodied divine order, law and custom. Lacking imagination, it was suspiciously similar to a 2008 Pentagon proposal to destroy WikiLeaks.

• Feed the fuel between the feuding groups. Disinformation. Create messages around actions of sabotage or discredit the opposing organizations. Submit fake documents and then call out the error.

• Create concern over the security of the infrastructure. Create exposure stories. If the process is believed not to be secure they are done.

• Cyber attacks against the infrastructure to get data on document submitters. This would kill the project. Since the servers are now in Sweden and France putting a team together to get access is more straightforward.

• Media campaign to push the radial [sic] and reckless nature of WikiLeaks activities. Sustain pressure. Does nothing for the fanatics, but creates concern and doubt among moderates.

• Search for leaks. Use social media to profile and identify risky behavior of employees. (The WikiLeaks Threat: An Overview by Palantir Technologies, HBGary Federal, and Berico Technologies, December 2, 2010)


In their presentation, Themis Group luminaries averred that "this threat requires advanced subject matter expertise in cybersecurity, insider threats, counter cyber-­fraud, targeting analysis, [and] social media exploitation."

Lusting mightily after a contract they believed could be worth millions, not to mention media publicity that just might land them future deals with the secret state, they claimed that "Palantir Technologies, HBGary Federal, and Berico Technologies represent deep domain knowledge in each of these areas."

"If the deal came through," Ars Technica reported, it would put HBGary Federal in a "healthy position." The Themis Group then "decided to ask for $2 million per month, for six months, for the first phase of the project, putting $500,000 to $700,000 per month in HBGary Federal's pocket."

On a parallel track, in late January Barr wrote Woods that he was "doing research on the anonymous group for a security presentation I am giving next month and have collected information that identified the organization operations and communications infrastructure as well as key players by name. I don't think anyone else has this data. ... I thought you might be interested to hear this given the other opportunity we discussed."

Woods replied: "I have a client that may be interested. Pursuant to a mandate from my client, we are working through Booz Allen on this type of activity. You should expect a call from Bill Wansley at Booz shortly."

With plans (apparently) moving forward, Barr contacted William J. Wansley, a Senior Vice President with Booz Allen Hamilton January 28 on what he claimed were alleged links between Anonymous and WikiLeaks he had scraped from Facebook, Twitter and IRC. For his part, Wansley had written Barr informing him of the upcoming meeting at Booz Allen "to discuss how you may be able to support our project."

In a February 5 email to Woods, Barr, ever the publicity whore, cited the Financial Times piece writing, "I have made significant progress on the group and have 80-90% of their leadership mapped out. Meeting with Govies next week. I have tight few weeks and have told the folks supporting our other effort that I will not be able to give them much support until my presentation is over on Feb. 14th. Sorry for the timing."

Woods replied, "Good luck with the government. We look forward to seeing the [Anonymous] paper when it is published."

Nuclear Fallout

While they're now running for cover, Greg Hoglund and Penny Leavy, the husband and wife duo at the helm of parent company HBGary, wrote that Barr's disclosures would demonstrate how "HBGary Federal flexes private intelligence muscle:"

HBGary Federal, the specialized and classified services arm of HBGary, flexes it's muscle today by revealing the identities of all the top management within the group Anonymous, the group behind the DDOS attacks associated with Wikileaks. HBGary Federal constructed and maintained multiple digital identities and penetrated the trust upper management of Anonymous, and was subsequently able to learn actual identities of the primary management team. This information was critical for law enforcement, yet all the intelligence work was done without law enforcement or government involvement. Only after achieving the mission did Aaron Barr, the CEO of HBGary Federal, reveal this information to the Feds. This underscores the need for new blood in the intelligence community and the abilities of small agile teams that are unhindered by the bureaucratic machine. (Greg Hoglund to Aaron Barr, "Re: story is really taking shape," Friday, February 4, 2011)


One might also add, any public oversight over out-of-control private and public surveillance machines.

Underscoring that point, Secrecy News reported that the Obama regime refuses "to rescind certain classified legal opinions issued by the Justice Department Office of Legal Counsel (OLC) that asserted legal justifications for the Bush Administration's warrantless wiretapping program," claiming that "the review process" is "ongoing," and likely to continue indefinitely.

Barr's "muscle flexing" presentation wasn't meant to be. Even as he boasted that he had "mapped out" Anonymous and was planning on meeting with "Govies next week," in reality it was Anonymous who had brought their own unique cartographic skills to bear in exposing BofA's dirty little WikiLeaks project!

Weeks later, HBGary Federal crashed and burned and Aaron Barr has since resigned. Barr told ThreatPost he needed to "focus on taking care of my family and rebuilding my reputation."

For their part, HBGary's Hoglund and Leavy have been reduced to pleading with Anonymous that their corporate and personal emails remain private. And given the brisk business between HBGary and secret state agencies such as the CIA and the National Security Agency, one can see why they'd want to quietly melt back into the shadows. Good luck with that!

Meanwhile across the icy Potomac, Forbes reported that three Hunton & Williams partners, John Woods, Richard Wyatt Jr. and Robert Quackenboss, will soon be answering charges filed last month with the Washington, D.C. Bar Association that could lead to their disbarment.

According to the complaint filed by attorney Kevin Zeese on behalf of his clients VelvetRevolution.us and StopTheChamber.com, the trio are charged with soliciting illegal acts that include domestic spying, cyber stalking, spear phishing, cyber attacks, and theft in furtherance of the Themis Group's black op.

Proving the old adage that the best defense is a good offense, Anonymous was at it again, taking down two web sites, Americans for Prosperity and Northern Quilt, connected to far-right puppetmasters, billionaires David and Charles Koch.

Last Sunday, Anonymous declared war on the Koch brothers for their support of Wisconsin governor, and Koch sock puppet Scott Walker, for his unconscionable attacks on the wages and workplace rights of public employees and workers everywhere.

In a statement dubbed OpWisconsin, Anonymous wrote: "It has come to our attention that the brothers, David and Charles Koch--the billionaire owners of Koch Industries--have long attempted to usurp American Democracy. Their actions to undermine the legitimate political process in Wisconsin are the final straw. Starting today we fight back."

The group accuses the brothers Koch of stitching-up a plan, in the interest of fighting "deficits" mind you, that would hand them a monopoly over Wisconsin utilities; a "privatization" at fire sale prices.

"Koch Industries, and oligarchs like them," declared Anonymous, "have most recently started to manipulate the political agenda in Wisconsin. Governor Walker's union-busting budget plan contains a clause that went nearly unnoticed. This clause would allow the sale of publicly owned utility plants in Wisconsin to private parties (specifically, Koch Industries) at any price, no matter how low, without a public bidding process. The Koch's have helped to fuel the unrest in Wisconsin and the drive behind the bill to eliminate the collective bargaining power of unions in a bid to gain a monopoly over the state's power supplies."

"Anonymous hears the voice of the downtrodden American people," the cyber-guerrillas proclaimed, "whose rights and liberties are being systematically removed one by one, even when their own government refuses to listen or worse--is complicit in these attacks."

In what could be a preview of a new virtual offensive against vicious capitalists and their political bagmen here in the heimat, Anonymous threw down the gauntlet and declared--as BofA, the Chamber of Commerce and Themis Group thugs learned to their dismay: "We are actively seeking vulnerabilities."

It seems there's quite a few people out there besides Assange who enjoy "crushing bastards"!