View Full Version : Operation Metal Gear

Magda Hassan
03-17-2011, 07:35 AM
Public Pad

Revision 2
Saved March 16, 2011

Operation Metal Gear

This operation stems from a string of leaked HBGary emails wherein a company by the name of Booz Allen Hamilton, in direct contact with Aaron Barr, is believed to have bid on and successfully won the contract to develop an unnamed software from the US Air Force. This software will be known as "Metal Gear" for informational purposes.

We believe that Metal Gear involves an army of fake cyber personalities immersed in social networking websites for the purposes of manipulating the mass population via influence, crawling information from major online communities (such as Facebook), and identifying anonymous personalities via correlating stored information from multiple sources to establish connections between separate online accounts, using this information to arrest dissidents and activists who work anonymously.

The primary goal of this operation is to find out exactly what metal gear is and why they are developing it.

What is 'Metal Gear' ?
We codenamed the software that we believe Booz Allen Hamilton and some of their partners are working on.
The nature of the software is partially known, from the documents that we have seen and from what some employees have said it is a software that would allow a single agent to command an 'army' of sockpuppet accounts on social networking mediums. It is sophisticated enough to develop a 'profile' for each puppet to add a level of 'realism' to each. In short, there would be no fesiable way to distinguish between 100 people commenting on a subject, and 100 of these puppets doing the same.

This is nothing new for those of us familiar with how the net works. However, given recent events across the world, the idea behind Metal Gear seems to be 'weaponizing' sockpuppets, in order to influence the face of revolutions that are based within social networking sites.

Audio recording of our announcement (16th of March 2011)
http://ge.tt/5tzZlkq (try various browsers if stream does not work)

IBM Patent


Airforce contract

The Patent:



Li Chen
(Documentation Needed)

Yongcheng Li
(Documentation Needed)

Govndaraj Sampathkumar
IBM Corporation 3901 S. Miami Blvd
Durham, NC 27703-9315, USA

Ryan Urquhart
(Documentation Needed)


(This is the profile for Holman IP Law. It is no longer active.)

(These are profiles of Jeff Holman, formerly of Holman IP law, now with a firm called WH&H. Same person.)

(IBM RSW is believed to be an IBM office near the SW Regional Airport in Florida.)

4037 Del Prado Boulevard South, Cape Coral, FL
(239) 945-1013

Patent application number: 20090313274


Meeting/training class between NSA, USAF, HBGary, Booz Allen & other various sec companies
Note: Why are the exact same companies that are intrested in Metal Gear have a seminar about a malware analyzing software?


The purpose of the meeting/thing was to school them in Responder Pro
Phil Wallisch was the instructor..
Dox of guys in the meeting

Parties involved;

Booz Allen Hamilton

Here's the list of folks who will be attending 'class':

Protip: call these people, ask them about Metal Gear, ask them about the air force, NSA, USAF, Aaron Barr. Get them worried, get them talking.

Keesok Han USAF Keesook.Han@rl.af.mil
http://bit.ly/dPFV23 - some document aboutKeeseok.
http://www.ksea.org/KSEA/Newsletters/FullVersion/Archived/Vol_11_3_1982.pdf <- someone check this out, search for his name
<- whitepages say 3 or less with this name, it may also be Kesook, misspelt on purpose?

Jose Faura NSA NTOC faura2@gmail.com

Zane Lackey iSEC Partners zane@isecpartners.com
http://hbgary.anonleaks.ch/phil_hbgary_com/15070.html <- check this out
http://www.linkedin.com/pub/zane-lackey/4/340/66a ?
Have written book about :
H.323 Attack And IAX Attacks
Txt msg attacks

Scott Brown NSA - Blue Team sbrown@dewnet.ncsc.mil
> Scott K. Brown
> Technical Director
> NSA Blue Team
> (410) 854-6529
> sbrown@dewnet.ncsc.mil

George Peslis DISA george.peslis@disa.mil

Jimmy Lloyd DISA James.Lloyd@disa.mil

Eric Potter DISA Eric.Potter@disa.mil

Phil Geneste BAH geneste_philip@bah.com

Patrick Upatham Verdasys pupatham@verdasys.com
Patrick Upatham
Security Solutions Manager
Verdasys, Inc.
Mobile: +1 339.222.4022

David Black IBM david.black@us.ibm.com
http://www.linkedin.com/in/dcblack?goback=.npp_%2Fjerome*5byrne%2F13%2F3B5%2F 43B
David Black
Engagement Manager
Emergency Response Service
IBM Security Services
Kansas City, Missouri USA
Office: (+001) 816-525-5494

Tim Sherald DISA timothy.sherald@disa.mil
> Tim Sherald
> Computer Scientist
> timothy.sherald@disa.mil
> timothy.sherald@disa.smil.mil
> Comm: 717-267-9370
> DSN: 570-9370
> Cell: 717-414-3450

Christina Smyre NSA clsmyre@nsa.gov
http://www.facebook.com/clsmyre <- real, matches with email
http://n-design.com/EN/other_pubs/Entries/2002/5/9_SANS_Beyond_Firewalls_files/SANSDenver.Sample.pdf <- someone dig in this

John Laliberte NSA
http://www.facebook.com/people/John-Laliberte/13949810 ?

AAPC G-PPE Task Force Members <----
Eric Potter brought us to that link <- check it out

Magda Hassan
09-26-2011, 02:59 AM
Kiwi programmed Twitter bot 'James' influences real Americans

NBR Staff | Thursday April 14, 2011 |


Ever been taken in by a bot who sounded like the real thing?
You're not alone and according to a recent social-engineering experiment, social networks and thus movements can be influenced by these social bots.
The Web Ecology Project, based in Boston invited three teams to programme social bots - fake, interactive identities - who could mimic Twitter conversations. One of the teams, consisting of cyber security specialists from New Zealand, programmed a bot called JamesMTitus (http://twitter.com/#!/jamesmtitus). The Project then picked 500 real users with a core of cat lovers to be infiltrated.
JamesMTitus was programmed with a series of generic responses and was set to systematically test the network for what tweets received the most responses and to then engage with the most responsive users.
After a week the teams were allowed to fine-tune their bot's programming and launch secondary bots to take down their competitors, with JamesMTitus being targeted by a British secondary bot. When one user confronted it, the JamesMTitus gave vague responses, such as 'Right on bro', evading detection and garnering 109 followers in two weeks.
In the experiment, all three teams' bots inflitrated the centre of network, according to network graphs.
The experiment highlights results found by the Web Ecology Project during the 2009 Iran post-election protests, that one person controlling a social identity or group of identities can shape social network architecture, and thus social movements themselves. The Project found that only a handful of people actually accounted for most of the Twitter activity during the protests. Many will be familiar with company employees posing as customers touting products on web boards, but according to The Atlantic, social bots are a new scale, reaching thousands of people at practically no cost. The worry is the personal data people freely give out on social networks, which bots can harvest for future commercial or hacking use.
A week after the experiment finished, The Atlantic reported (http://www.theatlantic.com/magazine/archive/2011/05/are-you-following-a-bot/8448/), Anonymous hacked the email accounts of cyber-security firm HBGary Federal. The hack revealed that the United States Air Force was soliciting for bids in June last year for something called "Persona Management Software", or a programme that would create multiple fake identities for the government to trawl social-networking sites for personal data. The data would be used to gain credibility and circulate propaganda.
The Web Ecology Project has a spin-off group, Pacific Social, which is planning future experiments in social networking such as the creation of connection bots, which could bring together groups of like minded people.

Magda Hassan
09-30-2011, 10:20 AM
US military creates fake online personasThe US military awarded a contract for software to create 500 fake personas on social networks in order to secretly influence online debate in its favour, it has been reported.By Christopher Williams, Technology Correspondent

4:54PM GMT 17 Mar 2011

The $2.76m contract was won by Ntrepid, a Californian firm, and called for an "online persona management service" that would enable 50 military spies to manage 10 fake identities each.

The personas should be "replete with background , history, supporting details, and cyber presences that are technically, culturally and geographacilly consistent", a US Central Command (Centcom) tender document (http://webcache.googleusercontent.com/search?q=cache:x77_OqXU-bwJ:https://www.fbo.gov/%3Fs%3Dopportunity%26mode%3Dform%26id%3Dfb52e53817 7e19516382984146bfc004%26tab%3Dcore%26_cview%3D0+R TB220610&cd=4&hl=en&ct=clnk&gl=uk&client=safari&source=www.google.co.uk)said.

It added: "Individual applications will enable an operator to exercise a number of different online persons from the same workstation and without fear of being discovered by sophisticated adversaries.

"Personas must be able to appear to originate in nearly any part of the world and can interact through conventional online services and social media platforms."

The project would be based at MacDill Air Force base in Florida, The Guardian reported. The contract was first revealed by The Raw Story (http://www.rawstory.com/rs/2011/02/22/exclusive-militarys-persona-software-cost-millions-used-for-classified-social-media-activities/), a US news website.

It also called for internet traffic from the project to be "mixed" with traffic from outside Centcom to provide "excellent cover and powerful deniability".
A Centcom spokesman however said the fake social media personas would not "address US audiences".
"The technology supports classified blogging activities on foreign-language websites to enable Centcom to counter violent extremist and enemy propaganda outside the US," said Commander Bill Speaks.
If used against US citizens such "sock-puppetry" techniques, as they are known online, would bring legal fire on the military.
The MoD meanwhile said it could find no evidence that British forces was involved in Operation Earnest Voice, a $200m anti-jihadism psychological operation, of which Centcom's "online persona management service" contract was thought to be part.