Hacker, Hoaxer, Whistleblower, Spy
Page 34
The whole while Sabu remained unflappably brazen and ferocious. In reply to an ex-supporter who blamed AntiSec for being irresponsible, he bit back: “FUCK the intelligence community. the security industry. and everyone in between. We support the people.”6 He painted Stratfor as the criminals: “@STRATFOR has potentially broken the law by storing customer data, unencrypted, on an [sic] publicly accessible insecure server. Question them.”7 The internal accusations and suspicions of Sabu were mitigated by moments like these. But accusations persisted. A few Pastebin announcements surfaced on the subject. One was entitled “Press Release: Stratfor Hack NOT Anonymous” and chided Sabu: “Sabu and his crew are nothing more than opportunistic attention whores who are possibly agent provocateurs.”8
Just a few weeks prior to LulzXmas, Sabu had finally agreed to meet with Brian Knappenberger to be filmed for his documentary—but only if certain conditions were met. Sabu was to be concealed and his voice distorted, and Knappenberger was to leave no digital trace of his travels or whereabouts. He would have to get to New York City by paying for his airline ticket and hotel in cash—making sure to choose a hotel or place to sleep where ID was not required. I was away for the holidays and returned to New York City (and a relentless downpour) on December 26 expressly to assist Knappenberger and help him connect with Sabu, but Sabu never showed. However, given the major hacks that had just occurred, Sabu’s absence seemed more like an indication that he was being careful rather than chickening out.
The next day, and despite the no-show, I decided to make one last effort to see Sabu. I wanted to give him a small gift before I left NYC, the book Outliers by Malcolm Gladwell. I went downstairs and called Sabu, asking whether he would come by the next day to pick it up before my partner and I left for Canada. After the wet and miserable failures of the day before, I had serious doubts that he would show up. But Sabu did not disappoint. As my partner and I sat in our car, just minutes before our planned departure time, a huge black pickup truck loaded with guys rolled up, and Sabu hopped out. I went out to meet him. He was in a rush and we were too, so our exchange lasted less than ten minutes. I gave him the book and wished him well. He walked over to our car and my partner rolled down the window. I introduced them (avoiding, as per protocol, any reference to “Sabu” or any other name; he never offered his real one). They shook hands as our scruffy dog looked on. It was the last time I would see Sabu in person.
Back to the Classics
Anonymous activity would soar to new heights over the next three months. AntiSec was still sitting on the full Stratfor email spool, providing nibbles here and there in taunting press releases. Meanwhile, Barrett Brown continued to beg for the emails, and relations between him and the crew became tense. Hammond explained that some AntiSec members at the time “did not like BB [Brown] for many of the same personality-ego-tripping reasons that are already well known.” A few were especially upset that he had tweeted about the release before it was made public.
They decided to give the cache to WikiLeaks. Hammond simply went to the WikiLeaks IRC server (largely behind Sabu’s back) and the deal was done. “When talking to WikiLeaks,” Hammond recounted to me, “they first asked to authenticate the leak by pasting them some samples, which I did, [but] they didn’t ask who I was or even really how I got access to it, but I told them voluntarily that I was working with AntiSec and had hacked Stratfor.” Soon after, he arranged the handoff. When Sabu found out, he insisted on dealing with Assange personally. After all, he told Hammond, he was already in contact with Assange’s trusted assistant “Q.” (Later, Wired.com’s Kevin Poulsen broke a story about Q, an Icelandic teenager, Sigurdur “Siggi” Thordarson, who voluntarily became an FBI informant in August 2011, handing thousands of WikiLeaks chats and documents over to law enforcement in the process. He did it, reportedly, for “the adventure.”)9 Sabu entered into “conversations with WL about getting some cash for the leaks,” according to Hammond, but by that time WikiLeaks already had the documents and were well on their way to processing them for release. In just two months the public would see the emails for themselves.
As the hubbub over the credit card donations simmered down around mid-January, the populist face of Anonymous reemerged in reaction to the Stop Online Piracy Act (SOPA). The far-reaching US copyright bill was unpopular, and not only among civil libertarians. The digerati and Silicon Valley elite also came out against it. SOPA called for, among other things, Google and other search engines to prevent flagged sites like the Pirate Bay from showing up in search results. A massive and elaborate outpouring of dissent ensured the bill’s unraveling well before it could pass into law. The linchpin was a “Blackout Day” held on January 18, 2012—a web-based protest of unprecedented scale. A handful of large Internet companies, several public interest groups, and thousands of individuals programmed their websites to display only black, with links urging visitors to write their representatives to express opposition to SOPA. Around seventy-five thousand webpages went dark, including dozens of prominent corporate and nonprofit websites such as Wikipedia, Flickr, Wired, 4chan, and Google.10 Journalists also wrote a torrent of articles. Less than a week later, SOPA and its Senate counterpart, PIPA, were effectively scrapped—by being tabled indefinitely. In the end, CBS News described the number of participants as “staggering”: 4.5 million people signed a petition circulated by Google; 350,000 citizens wrote to their representatives via SopaStrike.com and AmericanCensorship.org; over 2.4 million SOPA-related tweets were written on January 18 alone; and an online White House petition garnered 103,785 names.11 In response to the petition, the government officially announced the bill’s demise: “Moving forward, we will continue to work with Congress on a bipartisan basis on legislation that provides new tools needed in the global fight against piracy and counterfeiting, while vigorously defending an open Internet based on the values of free expression, privacy, security and innovation.”12
Corporate giants like Google, respected Internet personalities like Wikipedia cofounder Jimmy Wales, and civil liberties organizations like the EFF were all integral to the victory. But the grassroots geek and hacker contingent was also present—including, of course, Anonymous. They churned out videos and propaganda posters, and provided constant updates on several prominent Twitter accounts. When the blackout ended, corporate players quickly receded from the limelight. Anonymous and others, however, continued the seemingly endless fight.
Just the next day, in fact, on January 19, 2012, federal authorities orchestrated the takedown of popular file-sharing site Megaupload. The company’s gregarious and controversial founder, Kim Dotcom, was arrested in a dramatic early morning raid in New Zealand. The removal of this popular website was received ominously by Anonymous activists. Although SOPA had nothing to do with Dotcom’s arrest, it was a reminder of the enormous regulatory power that copyright industries could wield over web content, with or without formal legal backing: even though no court had yet found Dotcom guilty of piracy, his property was confiscated and his website knocked off the Internet. (While Dotcom’s case is still ongoing at the time of writing, the prime minister of New Zealand, John Key, has issued a formal apology for illegal surveillance leading up to the dramatic raid on Dotcom’s house, which involved two helicopters and seventy-six officers.13)
As soon as the news broke, Anonymous retaliated with its largest DDoS campaign to date, downing the homepages of Universal Music, the FBI, the US Copyright Office, the Recording Industry Association of America, and the Motion Picture Association of America, among others—entities, all, which sought to stamp out illegal file sharing. Anonymous and AnonOps changed up their tactics, opting for a different tool than LOIC. This new tool, called PyLoris, was both more cleverly designed and also more powerful; most importantly, it protected the privacy of its user. It worked by making an incomplete connection to the target server and then holding it open for a very long time. Normally, a server has only so many available “slots” for accepting connections. But if the connection
is only partially set up, the slot will wait, refusing subsequent connections in the interim. With enough people making and maintaining these incomplete connections, the server’s available slots become filled and service is effectively denied.
It all unfolded like the best old-school ops, with the software available to download from a link in the IRC channel topic and the targets announced to the channel for the several thousand people who opted into the attack. Links also pointed to guides on how to better anonymize one’s connections using Tor and VPNs.
Just a few weeks later, in Europe, as massive online and offline demonstrations unfolded against the Anti-Counterfeiting Trade Agreement (ACTA), another international copyright agreement, Anonymous again appeared. Following the Polish government’s agreement to ratify ACTA, Anonymous took down a slew of their websites and began to heavily publicize the street protests sweeping Krakow. Soon after, Poland’s left-leaning Palikot’s Movement party donned Guy Fawkes masks during a parliamentary hearing on ACTA—the first, and so far the only, time elected officials adopted the revolutionary symbol. Amid this and many other outcries, the European parliament rejected the proposed law in July 2012.
Afterwards, one of the old-guard Anons, who had been a member of #command as far back as the fall of 2010, reached out to me with the following assessment:
As an insider, it’s natural that he would seek to puff up Anonymous. But that wasn’t all that was going on—his assessment of the group’s increasing power seemed accurate. Not long after this exchange, I received a call from a venture capitalist who had helped organize some of the protests against SOPA. He wanted to learn more about how Anonymous operated behind the scenes. The group seemed to pop up unpredictably, he remarked, before musing on the possibility that an outsider contacting and harnessing it toward other fights for Internet freedom. It felt a bit gross—one of Anonymous’s core principles is that it will not be anybody’s “personal army”—but, if nothing else, his interest demonstrated the accuracy of h’s intuition: Anonymous had become an important, recognized, and potent component of the global political mix.
“Admit nothing, deny everything and
make counter-accusations”
On February 27, WikiLeaks distributed the Stratfor emails, labeling them “The Global Intelligence Files.” Opinions over their political significance varied. A small cohort of journalists, security specialists, and even some of Stratfor’s own customers reacted with a mere “meh.” Scant evidence of outrageous or illegal behavior was contained in the emails, they asserted. This blasé reaction was colored by the less-than-stellar reputation already enjoyed by Stratfor at the time of the release. Many viewed the company, frankly, as rip-off artists: “Stratfor Is a Joke and So Is Wikileaks for Taking It Seriously” was the insulting headline proffered by Max Fisher in The Atlantic.14 For an exorbitant fee (up to $40,000 per annum in 2001), Stratfor subscribers received a newsletter, which Fisher said contained little more than rehashed news. Of course, the firm’s reputation only plunged further when it was revealed it never bothered to encrypt its subscribers’ credit card information.
Other journalists and members of the public found the emails to be politically potent, however, providing solid nuggets of proof that Stratfor profited from morally dubious practices, such as corporate propaganda dressed as public relations and the monitoring of activists. The Stratfor emails are indeed revealing—and occasionally prescient. Take, for instance, the following excerpt from a lengthier email typed, remarkably, on an iPhone on December 10, 2010:
The chaners/anon/b are educated and at the leading edge of network based technology, have a nebulous structure of loyal people spread through the world with no nationalistic foundations bit [sic] drawn together under a shared interest in chaos (hentai and cats, for fuck sake). There are numerous examples where they have uncovered identities and all personal details of people based on a single photo (of a woman putting a cat in a garbage bin for example) and bought [sic] some serious vigilanty style justice to those they disagree with …
It’s going to be very interesting to watch what anon does in the ‘post-wilileaks’ environment. If they move from a bunch of tech geeks in mum’s basement into a real movement they could cause serious trouble and be hard to kill. The coresy [sic] not be the problem but the few unhinged among them could prove to be quite destructive if so inclined.15
Journalist Steve Horn sifted through thousands of Stratfor emails and wrote a two-part series examining the tactics deployed by the firm and its predecessors, Mongoven, Biscoe and Duchin (MBD) and Pagan. The founder of MBD, Ronald Duchin—a military man with extensive work experience in public relations—devised the “Duchin formula”: “isolate the radicals, ‘cultivate’ the idealists and ‘educate’ them into becoming realists. Then co-opt the realists in agreeing with industry.” Horn notes that this strategy “is still employed to this day by Stratfor.”16
The majority of company emails show that “the most important service Stratfor provides is its sociological analysis in service to corporate power and capital, not the dirty on-the-ground work,” according to Horn.17 A smattering of emails also point to more direct involvement in the monitoring of activists. A 1984 explosion at a Union Carbide India Ltd. plant in Bhopal, India—one of the worst industrial disasters of the twentieth century—left thousands dead and over 500,000 exposed to deadly chemicals. Dow Chemical, who purchased Union Carbide, hired Stratfor to keep tabs on various activist groups, such as the Yes Men and Bhopal Medical Appeal, which were publicizing the issue or assisting victims. The documents revealed that Coca-Cola hired Stratfor to watch the environmental group PETA, particularly its operations in Canada in the lead-up to the Vancouver Olympics. And Stratfor sent an employee, self-described in an email as “U/C” (undercover), to infiltrate the local Occupy group in Austin, Texas, with the goal of gathering organizational intelligence—tracking the occupiers’ movements and identifying possible ties with environmental activists:
There is a group you may be familiar with called Deep Green Resistance … Whether anyone in the Fed or elsewhere classifies this group as eco-terror or not, I don’t know, but they are nothing but and should be watched … The local Austin chapter was part of the Occupy Austin crowd at city hall, however, things were not “radical” enough for them since they do not believe in working within the system. When I was working U/C on Nov. 5th, some of my contacts told me that at the General Assembly on Nov. 4th, there was some conflict between regular Occupy people and Deep Green.18
These examples harken back to the issues raised in Chapter 7 regarding the HBGary and HBGary Federal e-mails which, among other suggestions both creepy and invasive, contained a proposal to discredit WikiLeaks. Information about corporate espionage, even with these emails, is still scant. Still, between emerging examples of abuse and the difficulty in accessing corporate records, we should, at a minimum, be troubled by cozy ties revealed between private industry and government. If indeed—as one email purports—Stratfor’s vice president of intelligence, Fred Burton, lives by the code “Admit nothing, deny everything and make counter-accusations,” then we can see the importance of the leaks and whistleblowing activites of Anonymous and its ilk.
Stratfor issued this statement about the authenticity of the leaked emails:
Some of the emails may be forged or altered to include inaccuracies; som
e may be authentic. We will not validate either. Nor will we explain the thinking that went into them. Having had our property stolen, we will not be victimized twice by submitting to questioning about them.19
Stratfor did, however, comment on two emails that were subsequently widely accepted as frauds: a letter of resignation from Stratfor’s founder, CIO, and CEO, George Friedman, which AntiSec wrote, and a fraudulent email purportedly sent to all Stratfor customers offering a free subscription to the company’s newsletter as a peace offering and apology for the breach.
“I needed the truth out there”
Around this time, Sabu became more cocky and defiant in public than ever. In early February, in response to a critic asking about the status of Syrian emails that AntiSec was rumored to have, Sabu barked: “You’ll eat your words once we decide to leak what we have. We don’t give a fuck about governments. We give a fuck about people.”20 I had not talked to him on the phone since moving to Canada. This wasn’t only due to the logistics of moving; calling from an outdoor payphone in the middle of a Montreal winter put one at risk of frostbite. But early in the morning on March 6, Sabu kept harassing me on Twitter. He didn’t care how I contacted him, as long as I did it, and as soon as possible. I picked up my home phone and called him.