Corporate espionage, shady political motives, secret documents, closed door meetings, confidential hacking plots – there’s a scandal brewing in the cybersecurity world that has all the makings of a best-selling John Grisham novel.
Three computer-security consulting firms proposed to hack left-wing nonprofit organizations on behalf of a well-connected law firm, a firm whose clients include Bank of America and the U.S. Chamber of Commerce, according to e-mails released by the shadowy “hacktivist” group Anonymous.
The still-unraveling tale began somewhat accidentally 10 days ago when Aaron Barr, chief executive of the Washington, D.C.-area cybersecurity firm HBGary Federal, told the Financial Times that he had uncovered the identities of the members of Anonymous, an online hacking collective that had launched cyberattacks against organizations opposed to WikiLeaks. Barr said he would announce his findings at a security conference this month.
But before that could happen, Anonymous retaliated, bringing down Barr’s company’s website, hacking into his Twitter account and posting his home address along with his cell phone and Social Security numbers.
Anonymous also stole more than 70,000 e-mails from HBGary Federal and its parent company, California-based HBGary. The group first posted a link to the e-mails on Barr’s Twitter page, and this past weekend created a searchable archive at http://internetfeds.mil.nf/hbgary/.
The plot thickens
Up to this point, Anonymous was simply demonstrating its online strength and defiant nature. But when people began reading the stolen e-mails, the line between right and wrong — between victor and victim — began to fade.
Barr’s e-mail cache contained the details of a strategic plan to attack WikiLeaks using disinformation, pressuring influential journalists to sway public opinion against WikiLeaks and even launching cyberattacks to cripple the whistleblower site.
Barr’s company, HBGary Federal, was not the only group behind the plan; HBGary Federal was working in conjunction with two more security firms, Berico Technologies and Palantir Technologies, both of which have Washington, D.C.-area offices and extensive government and Department of Defense connections.
All three groups were brought together by New York-based law firm Hunton & Williams, which represents Bank of America (rumored to be a future WikiLeaks target).
Who are the real criminals?
It turns out HBGary, Berico and Palantir had their sights set higher than WikiLeaks.
Barr’s leaked e-mails revealed that Hunton & Williams, the law firm that brought the three security companies together – and also works for the U.S. Chamber of Commerce -- contracted them to target political organizations critical of the chamber, according to the New York Times.
Beyond defamation and public relations smear campaigns, the three security firms were also planning to launch cyberattacks to weaken the groups, which included U.S. Chamber Watch and ThinkProgress.
By hacking into the groups’ servers, the goal was to “discredit, confused, shame, combat, infiltrate, fracture,” the adversarial groups, according to the three firms’ proposal.
Dissension in the ranks
Since HBGary Federal’s e-mails went public, the two other security firms have attempted to distance themselves from the scandal.
Berico Technologies has cut all ties with HBGary Federal, citing the company’s “reprehensible” actions in targeting the firms opposed to the Chamber of Commerce.
Palantir Technologies also severed professional ties with HBGary Federal on Feb. 11, Forbes reported.
“Palantir Technologies does not build software that is designed to allow private sector entities to obtain nonpublic information, engaged in so-called ‘cyber attacks’ or take other offensive measures. I have made clear in no uncertain terms that Palantir Technologies will not be involved in such activities,” wrote Palantir chief executive Alex Karp.
Bank of America and the U.S. Chamber of Commerce have denied any knowledge of the security firms' proposals.
It will be interesting to see how this new development – in which legitimate firms charged with investigating so-called “hackers” planned to launch malicious cyberattacks of their own – plays out in the future.
And what is the government’s role in policing cyberespionage?
Salon.com columnist Glenn Greenwald — named as a WikiLeaks sympathizer and potential target of disinformation in the three security firms’ proposal to Hunton & Williams — thinks it's likely that the Department of Justice will probably look the other way.
“Cyberattacks are ‘crimes’ only when undertaken by those whom the government dislikes, but are perfectly permissible when the government itself or those with a sympathetic agenda unleash them,” Greenwald wrote.