The Sixth Estate

2011 is the Year of the Leak, and Cablegate only got us started. The latest major release has its genesis in the WikiLeaks saga, but actually revealed something (in my mind) just as interesting: the murky world of private hacking for pay, populated (among other things) by security firms helping right-wing business groups to secretly attack and discredit their political foes. According to one document available from Think Progress, for instance, private hacking firms were contracted as part of what one must assume is now a cancelled plot to undermine one Chamber of Commerce critic, called US Chamber Watch.

I think we would be remiss to assume that the Canadian counterparts of business organizations like this are inherently more morally upright and decent than their American counterparts. But, to business:

This story actually begins with WikiLeaks. Actually, it begins with HBGary Federal, a hacking outfit led by Aaron Barr that does work for the American government. When the Anonymous group (a decentralized assortment of hackers and online libertarians) defended WikiLeaks and attacked the credit card companies for squeezing off WikiLeaks’s donations, HBGary went after Anonymous, apparently managing to identify a number of the people at the “top” of the organization. (Police raids soon followed.) In return, Anonymous went after HBGary, bringing down his website and pilfering his email server, the contents of which are now available via Torrent. By all accounts, Barr is a stunningly inept individual when it comes to information security; had he kept a lower profile (and had a better-defended website, something you might expect from a computer security company) he might have come out of this squeaky clean.

But he didn’t, and because of the leaked emails, some of his business contacts didn’t either. On February 9, WikiLeaks roused itself from its cable-induced stupor to post a plan by HBGary and two other computer security firms, Palantir and Berico Technologies, to attack WikiLeaks on behalf of Bank of America. It is widely rumored that WikiLeaks is sitting on a large cache of incriminating documents from BoA, which will form its next major document release after Cablegate. The document is a briefing by Palantir, which proposed to:

• Feed the fuel between the feuding groups [at WikiLeaks]. Disinformation. Create messages around actions to sabotage or discredit the opposing organization. Submit fake documents and then call out the error…
• Cyber attacks against the infrastructure to get data on document authorities. This would kill the project. Since the servers are now in Sweden and France putting a team together to get access is more straightforward…
• Search for leaks. Use social media to profile and identify risky behavior of employees.

According to coverage at Firedoglake, last November HBGary, Palantir, and Berico Technologies also put together a plan to work for the U.S. Chamber of Commerce, with the Hunton & Williams law firm acting as an intermediary, presumably for plausible deniability. Barr put together some initial background information on connections between Chamber Watch and the labour movement as part of a proposal for a longer-term intelligence contract, pulling in $250,000-$300,000 per month from the Chamber of Commerce, presumably with the intention of monitoring connections between union officials and Chamber of Commerce critics. Together, these companies referred to themselves as THEMIS.

The initial THEMIS plan, dated November 15, divided work into a preliminary Phase I (cost: $200,000) and a full-scale Phase II (cost: $2 million). The first phase was just getting things moving and performing some preliminary estimates, like preparing “target folders” against the “Top 10″ critics of the Chamber of Commerce. Phase II is where things get interesting. Some “additional capabilities” Themis offered to provide at this stage included “persona development” and social media campaign management. Two weeks later, Themis unveiled a full-scale “Information Operations” plan:

• Create a false document, perhaps highlighting periodical financial information, and monitor to see if US Chamber Watch acquires it. Afterward, present explicit evidence proving that such transactions never occurred. Also, create a fake insider persona and generate communications with CtW (Change to Win). Afterward, release the actual documents at a specified time and explain the activity as a CtW contrived operation. Both instances will prove that US Chamber Watch cannot be trusted with information and/or tell the truth…
• If needed, create two fake insider personas, using one as leverage to discredit the other while confirming the legitimacy of the second. Such work is complicated, but a well-thought out approach will give way to a variety of strategies that can sufficiently aid the formation of vetting questions US Chamber Watch will likely ask.

Other ideas were much more mundane, like “creating a humor piece about the leaders of CtW,” but the above is disturbing to say the least. We don’t know (yet?) whether the Phase II plan was ever approved or whether the Chamber of Commerce wisely stepped back. Further details from Think Progress suggest Barr began assembling the “target folders,” including pictures and personal information of the family members of staffers at the labour groups and anti-Chamber of Commerce groups; this might just be Phase I work. The answer may be hidden in several gigabytes of the leaked emails on Torrent.