15-02-2011, 08:56 AM
HBGary: Don't let this story die, it's big.
by furiousxxgeorge
permalink 257 Comments
Please don't let the HBGary story die. The importance of what Anonymous has discovered is not being paid an appropriate amount of media attention. Even here, I know everyone is super excited about world changing events in Egypt, but that situation is in celebration mode for now and we have our own crisis to deal with. Let me try and get you up to date if you have not been following this issue too closely.
Earlier this week the group known as Anonymous brutally hacked a security firm called HBGary in retaliation for an attempt to infiltrate the group and sell information about them to the FBI. It was a nice funny story of arrogance and comeuppance, but at the same time it was a criminal action.
However, the information Anonymous uncovered in the E-Mails they stole in their break-in make it clear their action wasn't a crime against an innocent. HBGary was planning criminal actions that make a simple hacking job look like nothing. This was more like a mob war than anything else.
Anonymous discovered that HBGary was conspiring with a law/lobbying firm known as Hunton and Williams to launch a highly sophisticated campaign to subvert and sabotage the enemies of their clients. In some cases these plans involved illegal actions. The targets were journalists, labor unions, and political opponents.
One client was Bank of America, who hired Hunton and Williams to launch a campaign against Wikileaks. At some point the list of targets was expanded to various other supporters of Wikileaks such as journalist Glenn Greenwald. The other client so far revealed was the Chamber of Commerce, which wished to target labor unions and a shockingly long list of their supporters.
The main tool of attack would be the use of the Palantir technology to analyze the network of support for the targets.
How did Hunton and Williams convince the Chamber that HBGary were the people for the job? The e-mails reveal that a H&W attorney named Robert Quackenboss claimed the Chamber was convinced by the "Iranian Shipping Demo"
Here is the Iranian demo. The demo is about tracking Iranian arms smuggling, this is the type of technology they were going to bring to their campaign against their opponents. They mean business in a deadly serious way.
Quackenboss is an expert on union matters:
In addition to the Palantir program, which is already of questionable legality for this application, H&W was conspiring with HBGary to perform several clearly illegal actions in their campaign. These actions included cyberstalking and cyber-attacks against their targets.
There has been no pressure to ask them to explain their relationship with the firm, or the degree of their knowledge about what was being planned. All the Chamber has done is issue a non-denial denial that claims they didn't pay HBGary, but in no way denies they were paying Hunton and Williams to negotiate on their behalf on this matter. The e-mails make it clear Hunton and Williams was aware of what was being planned.
Robert Quackenboss knew, other partners in the firm such as John Woods are mentioned as being involved in discussions as well.
Woods:
There may be plausible deniability for the Chamber and the Bank because they used their law firm as a buffer, but there is absolutely none for Hunton and Williams. The evidence in the leaked e-mails makes it clear they were complicit in the conspiracy. Contact the media and demand they hold Hunton and Williams accountable. So far, they have not even issued a statement on these matters.
Contact Palantir technology, who claim to be a progressive company, and ask them if they will use their expertise to investigate right wing targets for us. Maybe using Palantir magic to look at the connection between Republicans and racist militia groups would be a nice start.Updated by furiousxxgeorge at Sun Feb 13, 2011, 06:17:55 PM
I want to emphasize something. The deal with the Chamber was deep in to negotiations before the Bank of America and Wikileaks thing began. It was Hunton and WIlliams who put the entire Bank of America chain of events in motion, not not HBGary.
Social networking and cyber security, a CIA presentation given to HBGary in 2009.
Well, I'm certainly glad the CIA was around to give them the skills they would later use to go after organized labor.
Here is the searchable database of e-mails.
Absolute must-read e-mail. Even HBGary knew what they were doing to workers and free speech activists was wrong. Anything for a buck in modern America, I guess.
http://www.dailykos.com/story/2011/02/13...,-its-big-
by furiousxxgeorge
Please don't let the HBGary story die. The importance of what Anonymous has discovered is not being paid an appropriate amount of media attention. Even here, I know everyone is super excited about world changing events in Egypt, but that situation is in celebration mode for now and we have our own crisis to deal with. Let me try and get you up to date if you have not been following this issue too closely.
Earlier this week the group known as Anonymous brutally hacked a security firm called HBGary in retaliation for an attempt to infiltrate the group and sell information about them to the FBI. It was a nice funny story of arrogance and comeuppance, but at the same time it was a criminal action.
However, the information Anonymous uncovered in the E-Mails they stole in their break-in make it clear their action wasn't a crime against an innocent. HBGary was planning criminal actions that make a simple hacking job look like nothing. This was more like a mob war than anything else.
Anonymous discovered that HBGary was conspiring with a law/lobbying firm known as Hunton and Williams to launch a highly sophisticated campaign to subvert and sabotage the enemies of their clients. In some cases these plans involved illegal actions. The targets were journalists, labor unions, and political opponents.
One client was Bank of America, who hired Hunton and Williams to launch a campaign against Wikileaks. At some point the list of targets was expanded to various other supporters of Wikileaks such as journalist Glenn Greenwald. The other client so far revealed was the Chamber of Commerce, which wished to target labor unions and a shockingly long list of their supporters.
The main tool of attack would be the use of the Palantir technology to analyze the network of support for the targets.
"Palantir offers a Java-based platform for analyzing, integrating, and visualizing data of all kinds, including structured, unstructured, relational, temporal, and geospatial."
This is what the chamber hoped to accomplish, from Mother Jones:"Early emails sent between the security firms by Pat Ryan of Berico Technologies describe a conversatoin with the Chamber's law firm about the proposed project: "The problem that they've identified is this: A client of theirs is targeted by some other entity, specifically a labor union, that is trying to extract some kind of concession or favorable outcome. They suspect that this entity is running a public campaign against their client by coordinating the actions of hundreds of seemingly separate entities to create a negative public impression of the client. The ultimate goal would be to extract the concession under duress essentially extortion in their view.
They haven't told us the name or nature of the client, so I can only guess at what this means, but you can imagine for instance an environmental campaign targeted at an oil company as a notional example.
They seek to understand the true nature of the campaign and its command and control structure in order to expose the fact that the client is dealing with a single entity rather than a true "grassroots"campaign.
They further suspect that most of the actions and coordination take place through online means forums, blogs, message boards, social networking, and other parts of the "deep web." But they want to marry those online, "cyber" sources with traditional open source data, tax records, fundraising records, donation records, letters of incorporation, etc. I believe they want to trace all the way from board structure down to the individuals carrying out actions."
This is a plan for a full scale frontal attack on all their union enemies and anyone who supports them. It would analyze their online activities, their personal finances...literally everything even down to independent bloggers.They haven't told us the name or nature of the client, so I can only guess at what this means, but you can imagine for instance an environmental campaign targeted at an oil company as a notional example.
They seek to understand the true nature of the campaign and its command and control structure in order to expose the fact that the client is dealing with a single entity rather than a true "grassroots"campaign.
They further suspect that most of the actions and coordination take place through online means forums, blogs, message boards, social networking, and other parts of the "deep web." But they want to marry those online, "cyber" sources with traditional open source data, tax records, fundraising records, donation records, letters of incorporation, etc. I believe they want to trace all the way from board structure down to the individuals carrying out actions."
How did Hunton and Williams convince the Chamber that HBGary were the people for the job? The e-mails reveal that a H&W attorney named Robert Quackenboss claimed the Chamber was convinced by the "Iranian Shipping Demo"
- Despite earlier conversations with John Woods (and/or Richard), H&W is unable/unwilling to pay any fees/costs to us for the "Phase I" demo build-out. Bob Q was under the impression we were willing to do this work at risk and then present jointly with H&W to the Chamber. I was very clear in telling him we had a different understanding based on multiple conversations with others at H&W. At the end of the day, though, they are at a point now where they won't commit any funds to this project until we've helped them earn buy-in from their Client (the Chamber). - Based on this, I said I would talk with you all and get buy-in for the following course of action:
1. Meet with Bob and team early next week (Mon/Tues) to get additional metadata and select focused topic(s) for the demo to the Chamber
2. Work as joint team to build 5-10 min demo (along the lines of the Iranian shipping demo which is what Bob Q said sold the Chamber in the first place great work Sam!)
3. Brief demo to the Chamber on 14 Feb (or potentially a few days later…based on confirming schedule for meeting with Chamber)
4. Once approved, begin enduring work at agreed upon rates (approx. $250-300k per month for the entire team both services and license fees)
Note the date, this was all going to the Chamber this Monday if not for Anonymous. Do we really believe they had no idea what the content of that briefing would be?1. Meet with Bob and team early next week (Mon/Tues) to get additional metadata and select focused topic(s) for the demo to the Chamber
2. Work as joint team to build 5-10 min demo (along the lines of the Iranian shipping demo which is what Bob Q said sold the Chamber in the first place great work Sam!)
3. Brief demo to the Chamber on 14 Feb (or potentially a few days later…based on confirming schedule for meeting with Chamber)
4. Once approved, begin enduring work at agreed upon rates (approx. $250-300k per month for the entire team both services and license fees)
Here is the Iranian demo. The demo is about tracking Iranian arms smuggling, this is the type of technology they were going to bring to their campaign against their opponents. They mean business in a deadly serious way.
Quackenboss is an expert on union matters:
"Mr. Quackenboss is a trial lawyer whose practice focuses on complex labor and business disputes. He represents clients in federal and state courts nationwide, before the National Labor Relations Board, and in the tactical and public communications response to union-coordinated attack campaigns. He counsels employers on practical global labor relations strategies, collective bargaining and management of union elections. Mr. Quackenboss also co-chairs the firm's Unfair Competition and Information Protection Task Force, which coordinates the firm's resources on trade secret theft, restrictive covenant and non-competition matters."
The analysis abilities of HBGary and their use of Palantir software was, in the case of their actions against Anonymous, described by one of their own programmers as completely statically invalid."He's on a bad path. He's talking about his analytics and that he can prove things statistically but he hasn't proven anything mathematically nor has he had any of his data vetted for accuracy, yet he keeps briefing people and giving interviews. It's irresponsible to make claims/accusations based off of a guess from his best gut feeling when he has even told me that he believes his gut, but more often than not it's been proven wrong. I feel his arrogance is catching up to him again and that has never ended well...for any of us."
This seems to be supported by the fact that even after Anonymous publicly released the data that had been gathered about them, the group still seems to be in perfect working order, releasing new leaked e-mails every day. In other words, whatever connections HBGary found to make about their labor and Wikileaks targets would likely be nothing more than a tenuous web of guilt by association that would serve only to slime the innocent. The ultimate high tech Glenn Beck chalk board.In addition to the Palantir program, which is already of questionable legality for this application, H&W was conspiring with HBGary to perform several clearly illegal actions in their campaign. These actions included cyberstalking and cyber-attacks against their targets.
The leaked report suggested numerous ways to destroy WikiLeaks, some of them likely illegal -- including planting fake documents with the group and then attacking them when published; "creat[ing] concern over the security" of the site; "cyber attacks against the infrastructure to get data on document submitters"; and a "media campaign to push the radical and reckless nature of wikileaks activities."
So far, there is no evidence that the Department of Justice will start any sort of investigation into this matter. (Much like they utterly failed to investigate cyber attacks against Wikileaks in the past) In this case the reluctance may be because the Department of Justice itself is the one who recommended Hunton and Williams for the task of taking on Wikileaks. Hunton and Williams are the very definition of the corrupt culture the mixture of corporate and government power creates.There are supposed to be institutions which limit what can be done in pursuit of those private-sector goals. They're called "government" and "law." But those institutions are so annexed by the most powerful private-sector elites, and so corrupted by the public officials who run them, that nobody -- least of all those elites -- has any expectation that they will limit anything. To the contrary, the full force of government and law will be unleashed against anyone who undermines Bank of America and Wall Street executives and telecoms and government and the like (such as WikiLeaks and supporters), and will be further exploited to advance the interests of those entities, but will never be used to constrain what they do. These firms vying for Bank of America's anti-WikiLeaks business know all of this full well, which is why they concluded that proposing such pernicious and possibly illegal attacks would be deemed not just acceptable but commendable.
The firms which worked alongside HBGary, Palintir and Berico, have already severed their relationship with HBGary. However, there has been zero pressure put on Bank of America or the Chamber of Commerce to distance themselves from the other conspirator in this matter, Hunton and Williams.There has been no pressure to ask them to explain their relationship with the firm, or the degree of their knowledge about what was being planned. All the Chamber has done is issue a non-denial denial that claims they didn't pay HBGary, but in no way denies they were paying Hunton and Williams to negotiate on their behalf on this matter. The e-mails make it clear Hunton and Williams was aware of what was being planned.
Robert Quackenboss knew, other partners in the firm such as John Woods are mentioned as being involved in discussions as well.
Woods:
Mr. Woods' practice focuses on conducting internal investigations, advising on information security legal issues and representing corporations in government investigations and business crimes. He has a particular focus in advising corporations in the legal response to network security intrusions and data breaches. He regularly counsels clients on the related topics of electronic discovery and electronic surveillance.
What did this partner know?The e-mails include what appears to be an exchange on Nov. 9, 2010, between Aaron Barr, HBGary Federal's chief executive, and John W. Woods, a Hunton & Williams partner who focuses on corporate investigations. Mr. Barr recounted biographical tidbits about the family of a one-time employee of a union-backed group that had challenged the chamber's opposition to Obama administration initiatives like health care legislation. "They go to a Jewish church in DC," Mr. Barr apparently wrote. "They have 2 kids, son and daughter."
A week later, Mr. Barr submitted a detailed plan to Hunton & Williams for an extensive investigation into U.S. Chamber Watch and other critics of the chamber, including the possible creation of "in-depth target dossiers" and the identification of vulnerabilities in their computer networks that might be exploited.
Obama's Justice Department will, in my opinion, absolutely not get involved in this unless the coverage gets much wider and much more loud. This is a Red Alert crisis for the labor movement. The Chamber declared total war on them using the same tools used to track terrorists and arms suppliers. Kossacks, don't let this story die. Contact Bank of America and demand an explanation. Contact the Chamber of Commerce and demand and explanation. Contact the media and demand they start asking questions.A week later, Mr. Barr submitted a detailed plan to Hunton & Williams for an extensive investigation into U.S. Chamber Watch and other critics of the chamber, including the possible creation of "in-depth target dossiers" and the identification of vulnerabilities in their computer networks that might be exploited.
There may be plausible deniability for the Chamber and the Bank because they used their law firm as a buffer, but there is absolutely none for Hunton and Williams. The evidence in the leaked e-mails makes it clear they were complicit in the conspiracy. Contact the media and demand they hold Hunton and Williams accountable. So far, they have not even issued a statement on these matters.
Contact Palantir technology, who claim to be a progressive company, and ask them if they will use their expertise to investigate right wing targets for us. Maybe using Palantir magic to look at the connection between Republicans and racist militia groups would be a nice start.Updated by furiousxxgeorge at Sun Feb 13, 2011, 06:17:55 PM
I want to emphasize something. The deal with the Chamber was deep in to negotiations before the Bank of America and Wikileaks thing began. It was Hunton and WIlliams who put the entire Bank of America chain of events in motion, not not HBGary.
On Dec 2, 2010, at 3:55 PM, "Woods, John" wrote:
Richard and I am meeting with senior executives at a large US Bank tomorrow
regarding Wikileaks. We want to sell this team as part of what we are
talking about. I need a favor. I need five to six slides on Wikileaks -
who they are, how they operate and how this group may help this bank.
Please advise if you can help get me something ASAP. My call is at noon.
These guys have to go down. Richard and I am meeting with senior executives at a large US Bank tomorrow
regarding Wikileaks. We want to sell this team as part of what we are
talking about. I need a favor. I need five to six slides on Wikileaks -
who they are, how they operate and how this group may help this bank.
Please advise if you can help get me something ASAP. My call is at noon.
Social networking and cyber security, a CIA presentation given to HBGary in 2009.
Well, I'm certainly glad the CIA was around to give them the skills they would later use to go after organized labor.
Here is the searchable database of e-mails.
Absolute must-read e-mail. Even HBGary knew what they were doing to workers and free speech activists was wrong. Anything for a buck in modern America, I guess.
http://www.dailykos.com/story/2011/02/13...,-its-big-
"The philosophers have only interpreted the world, in various ways. The point, however, is to change it." Karl Marx
"He would, wouldn't he?" Mandy Rice-Davies. When asked in court whether she knew that Lord Astor had denied having sex with her.
“I think it would be a good idea” Ghandi, when asked about Western Civilisation.
"He would, wouldn't he?" Mandy Rice-Davies. When asked in court whether she knew that Lord Astor had denied having sex with her.
“I think it would be a good idea” Ghandi, when asked about Western Civilisation.