Hacking for the Man - Macleans.ca

Hacking for the Man

How cyberattacks have become the new censorship


In Russia, hacking is a government gig.

Kremlin-affiliated hackers launched a crippling cyberattack against Estonia. Hackers routinely flood the comment sections of news sites that criticize the government and spread lies to discredit the journalists who write them.  When opposition parties plan rallies, hackers spread misinformation, confusing supporters with false dates and meeting places. Similar shenanigans take place in China, where PRC-linked hackers tried to infiltrate Google in retaliation for the search engine’s criticism of government censorship.

These Russian and Chinese hackers are little more than digital thugs- bullying, threatening, silencing and discrediting anyone who is deemed an enemy of the State, or of State-affiliated businesses and institutions.  They are never directly on the government payroll and are kept at an arm’s length distance for the sake of plausible deniability. They are compensated by intermediaries of intermediaries through tangled systems of kickbacks and payoffs.

As goonish as the whole practice may seem, through a certain lens it must be appreciated as a clever new kind of censorship.  In Egypt or Iran, governments simply tried to shut off the Internet when faced with dissent. Such ham-fisted acts merely strengthened the resolve of revolutionaries while attracting international rebuke.  Much subtler then to have your agents use a cocktail of digital dirty-tricks to muddy the waters and murder reputations.

You may think such a thing could never happen in the U.S., and you may be right.  But it almost did.

If you haven’t yet heard of the HBGary scandal (and if you like spy novels), you should check out these fantastic reports by Nate Anderson of Ars Technica. This is a complicated story and it’s still unfolding as thousands of hacked emails are scrutinized, but the basics suggest that a private cybersecurity firm called HBGary Federal proposed to the U.S. Chamber of Commerce and to Bank of America a dirty-tricks campaign, in order to thwart their enemies (labour unions, non-profits, and Wikileaks, who are expected to soon release incriminating information about the Bank of America). The proposed tactics include:

  • Cyberattacks
  • Misinformation campaigns
  • Phishing emails
  • Fake social network accounts
  • “Disrupting” journalists who are sympathetic to Wikileaks
  • Intimidating financial donors who support Wikileaks

Ironically, these hacking schemes were exposed by hackers.  HBGary’s website was attacked after its CEO picked a public fight with the Internet entity Anonymous.  Anonymous discovered major insecurities in the security firm’s website, and was able to steal and leak and thousands of HBGary emails, which expose the details recounted above. The U.S. Department of Justice is tangentially involved, as they recommended to the Chamber of Commerce the law firm that in turn hired HBGary.  It’s highly unlikely that the DoJ had any direct knowledge of HBGary’s plans.  It’s also important to note that there is no evidence that the Chamber of Commerce or Bank of America signed-off on HBGary’s proposals.

But then, I doubt that Vladimir Putin signed-off on the cyberattack against Estonia.   The point of pro-government hackers is that they get results for their masters without implicating them.

If HBGary’s foolish CEO hadn’t picked a fight with Anonymous, who knows how far he might have gone?

Filed under:

Hacking for the Man

  1. Meanwhile we worry about old world stuff like fighter planes.

    New world folks…pull up yer sox.

  2. One of the profs at the RMC has a paper on signal jamming, social media is just another channel to add noise to.

    • Oh a paper!

      How useless.

      • And yet it adds more to the discussion than you.

        • A paper adds nothing to the discussion. It means we're years behind the curve yet again.

          • Can't find the link sorry. I was just heartened that our military was aware of it. Implementation is trivial with moores law etc. And I'm pretty sure our dsp guys have good equipment. Besides locally all the isp's track. I'm not sure what we are arguing, Canada's security state is not up to snuff or anti-gov protections are weak.

          • Both

          • Um, "Signal Jamming" on the Internet is as simple as pointing the Low Orbit Ion Cannon at a location and hitting "Send". You don't need any complex equipment to pull it off, although extra people certainly help which is why Anonymous is so successful when they start playing with it. If you're really crafty, you find holes in DNS and Router Software and start routing data into "nowhere" in the same way China blocks out the outside world from their Internet customers or, essentially, how ISP's try and deal with DDoS traffic as they figure out where it's coming from.

            The reality that the easiest way to overwhelm the Internet is to throw more traffic at it than it can handle has been known for years, since the Morris worm first effectively demonstrated how to bring the thing to a grinding halt in 1988 while it was still essentially a military and researcher network.

            If our military were not aware of DoS, and it's derivatives, by now… well, heartened is not a word I'd use for them "discovering" it.

          • Yes, depressing is more the word.

          • Not ddos,
            but getting propaganda through social media.

            By passing filters, basically being a concern troll spam bot.

          • That's not "Signal Jamming", that's Signals Intelligence, Psy-Ops, Counter-Intel or "Message Management"/Propaganda. Which was Aaron Barr, the key player in this mess, prior military specialization.

            Entirely different subject. HB Gary or, more specifically – Aaron Barr, wasn't looking to "jam", or "stop the signal" to coin Serenity, in so much as analyze the people's online "presences" in an effort to identify their physical ones and their co-relations (he'd leverage access to people's Facebook profiles to attempt to line up work by pointing out just how much information about them is lying around online – including fun stuff like "here's pictures of your kids, they look about 5 and 7, no?"), and he was heavily pushing that he could use this "technique" to track down information on everyone; most notably calling out Anonymous which led to this nice cache of emails you now have.

            Now, the email at your link isn't Jamming either; it's also one of the others and a, to be blunt, the ultimate extension of an already existing service industry in which companies/political parties pay private companies to create online presences and post favourable arguments for them. He just wanted to automate the process down so that one person could appear to manage many. That's not jamming, that's Message Control.

          • I'm going to maintain that it is signal jamming, in a strict definition of the term. Lowering the information content of a channel. But you are right, flooding twitter users with strings of characters to overwhelm their processing capacity would be a more traditional approach, but because of social filters, it is necessary that the noise, be somewhat tangential. So propaganda, advertising, PR etc is signal jamming. I agree just defending the definition.

            if you rebut, my next post will be links to shannon etc. pedantic but I will die on this hill.

            The link I posted describes, how he was going to automate the generation of online aliases comments so one operator could manage a bunch, also show a us gov call for tenders on implementing this in iraq, afgan etc.

          • The problem with your definition is intent, and I think you really need to parse your link to get a better feel for what they're proposing there because "lowering the information content" is not the intent.

            The goal of HB Gary's system was not to prevent information from getting through, but to make it look like there were a whole bunch of "individuals" supporting a given position when, in reality, they were all just one guy managing a software program. Thus, the goal was to create an image of false consensus on a subject where the actual prevailing opinion were or, to be fair, could be otherwise. That's traditional Psy-Ops/Spin Control, not signals jamming, because the purpose was not to lower or even prevent the information content of a channel but, far more ominously, control it by overwhelming "real" people with "fake" ones who were "on message".

            In other words, you post that you love cherry pie on your blog one morning and return later in the day to find that the next 500 replies are from "people", unknowingly supported by the Strawberry Lobby, who hate cherry pie and are going to tell you how entirely wrong you are and how Strawberry Pie is better. Your message is still there, everyone can read it, but the appearance is that you're so out of touch with everyone else as to be completely wrongheaded in your choice; which creates a psychological effect of diminishing/discounting your opinion. It's an application of mob-mentality in action.

            So, that's why I can't see what they're proposing as traditional "signal jamming", but more as a counter-intel/propaganda/psy-ops method. Only, and this is where people should get particularly offended, primed for use against the general public.

            Having said all that, I'm freely willing to agree to disagree on our interpretations though.

          • And yet my point stands.

  3. Anarchists, and their kindred spirits (the hacker community being a good example) never cease to amaze me with their naivite. They honestly believe that, absent central authority, they will be allowed to roam free instead of being trampled upon by whatever gang of thugs organize themselves most effectively. The Internet is a wild west only because the same country that contains much of the necessary infrastructure decrees that it is so (the US doesn't have a kill switch, but enough servers and ISPs are in the US that American influence over the shape of the Internet is overwhelming).

    • The US doesn't run the internet.

      And actually it's a perfect place for anarchists.

      • You don't know anything about the internet.

        • LOL I was using it before you were born, sonny.

          • Oh really? How fast was your first modem?

          • LOL faster than you, apparently.

            Now kindly return to the topic.

          • Another epic fail Em.

          • LOL for such a 'master-bater'….sorry, 'master debater' as your profile claims…it seems your 'debate' consists of attacking other posters.

            Oh…and using outdated web slang.

            Maybe I was right the first time. LOL

            In any case, I don't play games with kids, so go find someone else to whine to.

  4. Interesting stuff. I encourage you to stay with this thread, given the revelation today (to me anyway) by CBC that Cdn Treasury Board and Finance Departments were compromised over a month ago. Apparently hackers using servers based in China have been fishing around in restricted data all that time.

  5. One legitimate question I had after reading Anderson's article and again after seeing this – who's to say Anonymous aren't involved in their own campaign of misinformation, phishing, and the like? I know they've got a great reputation among much of the Internet, and most likely Anderson is reporting the true events, but it is really that far out of the realm of possibility that all is not appears here? Even if it is, it most certainly won't be come the next similar case, or the one after that, or the one after that.

    • " who's to say Anonymous aren't involved in their own campaign of misinformation, phishing, and the like?"

      That's not Anonymous' style- they aren't any semblance of an organized group. It's the loosest of loosely connected individuals (constantly changing) who get together for single action/purpose. The idea that they would want to or be able to plan a campaign of misinformation/phishing is somewhat laughable. Plus- there's no evidence they ever have.

      • OR is that just what they want you to believe?

        • Lookout, double reverse!

    • The only party questioning the authenticity of the emails taken by Anonymous are the management of HBGary, Inc., in particular HBGary’s President, Penny Leavy. There are two problems with her statements:

      1) Many of the email messages, particularly those written by Aaron Barr, were signed with a VeriSign Class 1 S/MIME certificate, thus proving beyond a reasonable doubt that the messages are authentic and not tampered with. If you read the messages, with a mailreader that supports S/MIME (and most do) you can verify for yourself that the messages are unchanged — the software will indicate whether the digital-signatures are valid or not. .

      2) The Founder and CEO of Palantir Technologies, as well as the CEO and COO of Berico Technologies apoligized for their part in the proposed schemes as contained in the leaked emails. If those emails were forged, they would not have stuck out their necks like this, would they?

      Truth in Advertising

      • Just as importantly, it's not just the quality of the contents but the volume. By all accounts, there's 80K worth of company emails there that folks have been wading though and finding multiple cases of, shall we say, questionable ethics and office drama. Creating all that in a cohesive manor takes time and even Anonymous isn't that bored.

    • As KevinTMillz indicated, they are not a group of linked individuals, with the exception that they meet on various message boards to exchange 'ideas', information, and pretty much any crap they've found on the Internet. There's a network effect, where a few individuals who like an idea will keep it going, and others will pile on, and pretty soon it becomes a running meme within the entire collective, for a brief period. And then they get bored and move onto something else.

      And it's a bombardment of ideas, not a couple posted here and there. Think thousands of posts per hour that flow through these collectives. It's impossible to harness, or even defeat, for that matter. It's more like Twitter, if Twitter was being used by a million crack-heads.

  6. Anonymous has no leader. Anonymous is everyone.

    • What's up /b/rother?!?

    • Anonymous is Legion.

      • Sage

  7. Th3J35t3r is another example of a guy who's quite likely hacking for the US government. His focus previously was on taking down jihadist websites, but since the WikiLeaks fiasco, he's turned his attention to Anonymous, and has been screwing with them from the inside for months.

    And while there are a few very talented hackers who fly the Anonymous flag, 99% of those who claim to be part of Anonymous are talentless script kiddies who think that executing LOIC on their Mommy's new Windows 7 PC and voluntarily joining a Botnet makes them 31337 h4x0rs.

    Still, not wise to screw with them, and certainly not threaten them.

  8. This article reminded me of the Blogging Tories.

  9. Ok, I admit to a complete lack of technosavy, but not so long ago this site curiously forbade the use of the term Harper.

    Now, kindly Claire the editor patiently explained that it was a rear filter problem, which our own CR had predicted. My understanding is that our PM's well known weakness for that second helping and aversion to exercise had caused his back end expansion to exceed the allowable Maclean's parameters. My understanding is that Claire adjusted the associated electronic belt buckle so that Harper's full attributes could be passed through Maclean's servers.

    Now, what if instead it was nasty Russians that actually shrunk the Maclean's end filter maliciously just to embarr-ass our leader? For the techno-elites out there: IS THIS POSSIBLE?

    If so, can someone ask MacKay if those new F35's will help send those Russians running (electronically) back to their home base?

  10. I can't believe anyone would imagine that Anon was capable of any sort of rational objective. They're like a swarm of bees, where they can inflict massive damage when focused on a specific target, but it's almost impossible to harness that energy. When it is focused, however, it's incredible. The Iranian government learned this during the last attempted revolution, when they–as a group–took down all government websites and basically forced the government to shut down the country's Internet.

    They're not anarchists, they're bored teenagers who are killing off an afternoon before mommy or daddy makes supper. You just have to convince them that a project would result in lulz, and you're halfway there, but the idea that there's some nefarious mind behind their actions is absurd.

  11. Yawn. Ciao, junior.

    • Well, I'm glad to see that at least you're not denying it.

      • You forgot to stamp your foot and stick out your tongue.

        Class dismissed.

        • No, I didn't. And class is still in session, at least until you answer my original question. Which, clearly you can't. Because you're lying. Anybody who was on the InterTubes pre-1995 would easily be able to remember their connection speed.

          • No thanks. Techno is just new-age disco, without the awesome pants.

          • LOL this from Beavis!

            Now off you go and let the grown-ups talk.


          • Beavis and Butthead are metal heads. They despise techno with a passion.

  12. We still don't know where stuxnet came from. People suspect Israel, but it could just as easily have been a Russian or Chinese custom job.

  13. I know it's common for the media to get them mixed up, but I invite you to read Wikipedia and/or the jargon file on differences between hacker and cracker.

    • I appreciate the difference, singpolyma, and I too roll my eyes when, say, a script kiddie is uncritically described as a "hacker". But language is a consensus system defined by what people use and understand, not by specific lexicons of this subculture or that group. The fact is, "hacker" has become an umbrella term commonly understood to describe all kinds of folks who manipulate information and systems. "Cracking for the Man" would have been a confusing headline.

  14. I hope someone over at Macleans is investigating the behaviour of our own Conservative Government in this regard.