The "Face" of hacktivism?: Inside Anonymous hack of Stratfor

A reader of Venture Beat bemoans $300 USD in fraudulent charges placed on his credit card after the number was stolen from Austin, Texas security firm Stratfor Forecasting, Inc.  The hooligans charged $300 to his account, buying hooded sweatshirts.  

 

I. FBI: Stratfor

But he's hardly alone.  In total, the U.S. Federal Bureau of Investigations (FBI) -- itself a recent victim of Anonymous espionage -- estimates that $700,000 USD in charges were placed on the 90,000+ credit cards that were stolen by members of the massive worldwide hacker collective Anonymous.

It is not yet fully determined why Anonymous singled out Stratfor for an attack as part of its "Operation AntiSec", an effort it conducted with its notorious splinter group LulzSec.  

Anonymous
Members of LulzSec and Anonymous stole 90,000+ credit card no. from Stratfor.
[Image Source: Jason Mick/DailyTech]

It is likely that the firm was targeted due to its close relationship with the government.  The firm specialized at predicting actions of nation-state level players like the U.S., as well as militant groups, such as al Qaeda.  The firm -- composed heavily of ex-intelligence and ex-military officials -- sold its analysis reports to news networks, international government agencies, and Fortune 500 firms.

But despite being wizards of intelligence gathering, Stratfor was downright foolish when it came to securing its servers.  Passwords on the servers were reportedly in plaintext, which allowed hackers with LulzSec and Anonymous to easily deeply penetrate the company's digital presence and steal a wealth of information -- including customers' credit cards.  Writes YourAnonNews, a major Twitter account for the collective:

Stratfor 'tweet'
II. Charities Left to Foot the Bill for Anonymous's Mischief

In the wake of the attacks Anonymous vowed that in the spirit of "hacktivism" they would use the cards to donate to charities, such as CAREthe Red Cross, and Save the Children.  Most of the donations were indeed charged to these charities.  States HBGary's CEO Aaron Allen Barr -- whose information was also abused during the series of intrusions, "It was all charities, the Red Cross, CARE, Save the Children. So when the credit card company called my wife she wasn't sure whether I was just donating.  It made me feel terrible. It made my wife feel terrible. We had to close the account."

Cody Sultenfuss an employee with the U.S. Department of Homeland Security also was among those affected.  He states, "They took money I did not have.  I think 'Why me?' I am not rich."

Stratfor protesters
"Occupy Wall Street" protesters celebrate the hack outside Austin security contractor Stratfor's headquarters. [Image Source: John Anderson]

Anonymous is known for being vindictive and unforgiving in its assaults.  In fact its ubiquitous slogan is:

We are Anonymous
We do not forgive
We do not forget
Expect us

 

 
While much of its efforts have focused on harassing executives at government contractors like HBGary and Statfor, at times its members have shown themselves more than willing to attack lowly employees who work at firms the collective considers "dirty". It is this approach that has drawn criticism.

However, in this case it is the charities that will likely suffer.  While the victims credit scores may take a hit, the FBI estimates that most of the $700K USD in fraudulent donations has been cancelled.

Worse yet, according to F-Secure security chief Mikko Hyponnen, the donations will allow credit card companies to charge the nonprofits thousands, if not millions in punitive fees.  Writes Mr. Hyponnen:

These donations will never reach the ones in need.  In fact, these actions will just end up hurting the charities, not helping them.  When credit card owners see unauthorized charges on their cards, they will report them to their bank or credit card company.  Credit card companies will do a chargeback to the charities, which will have to return the money. In some cases, charities could be hit with penalties. At the very least, they will lose time and money in handling chargebacks.

While the unfortunate turn of events may serve to highlight unsavory credit card practices, it also is symbolic of the at times bumbling nature of the "attack first, think later" brand of justice practiced by some of Anonymous's many worldwide members.

Red Cross
Anonymous's actions may unintentionally end up costing charities like the Red Cross, thousands to millions in fees, depriving the poverty and disaster-stricken of support. [Image Source: AP]

 

Further, there are a growing number of claims that not all of the "donations" were to charity -- some were in fact Anonymous members donating to their own pockets.  Of course to be fair, it's possible that some members of Anonymous became aware of the likelihood that charities would be hit with fees and denials, and instead decided to purchase items like hooded sweatshirts and other untraceable goods to personally distribute to the poor.

Regardless, for charities the net impact is likely going to be quite negative.

III. Wikileaks Leveraged Attack to Post More U.S.-Targeting Espionage

Wikileaks encouraged the attack and has been publishing scores of Stratfor's emails from a 200 GB archive of stolen information.  Wikileaks founder Julian Assange told Reuters, "[Stratfor is] a private intelligence firm, relying on informants from the U.S. government, foreign intelligence agencies with questionable reputations and journalists...[what] is of grave concern is that the targets of this scrutiny are, among others, activist organizations fighting for a just cause."

Wikileaks attacks Stratfor's apparent policy of paying international political insiders for information.  The site says the emails ”show Stratfor’s web of informers, pay-off structure, payment laundering techniques and psychological methods” and “expose the revolving door that operates in private intelligence companies in the United States.”

Wikileaks itself gathers similar information by encouraging people to steal it.  However, unlike Statfor, which analyzes the world, Wikileaks' "leaking" focuses on one nation -- the U.S.  Site insiders defend this singular focus, claiming the U.S. is the chief geopolitical aggressor.  However, when pointed to the host of anti-freedom, anti-democracy behavior in regions such as China, Russia, and the Middle East the site's proponents paradoxically argue that the U.S. is more open and less guarded, hence is "easier to gather leaks from."

The sites' singular focus on the U.S. has led some to believe that it is receiving money and or intelligence information from hostile nation-state players like ChinaNorth Koreaand Iran who would love to see the U.S. name discredited internationally.

Wikileaks founder Julian Assange -- an ex college professor, convicted hacker, and self-proclaimed "transparency" crusader, who now enjoys a lavish lifestyle of international travel and fame -- has refused to publish his donors, explicit donor guidelines, or any concrete information about his site's budget/finances.  And neither he nor Wikileaks ever appears to have pledged to refuse money from nation states that might benefit from one-side "leaks".

Julian Assange
Julian Assange has been rewarded with a lavish lifestyle for his attacks on the U.S.  Some speculate leaks on Stratfor and other players may be financed by China or other hostile nation-states. [Image Source: Boing Boing]

Thus it is unclear whether all is as it seems, or whether Wikileaks is really a front for an anti-American international espionage effort, cleverly exploiting the gullible anti-American nature of many members of Anonymous.

Regardless of where exactly the financial truth and motivations behind Wikileaks and its founder's actions lie, the site's credibility was seriously damaged when the full, unedited video [video] of Collateral Murder was recently posted.  

Wikileaks claimed that the video -- shot from a U.S. army AH-64 Apache helicopter in Baghdad, Iraq -- depicted the U.S. military gunning down a group of civilians, including a pair of Reuters journalists.  While indeed two journalists were killed in the attack, the unedited footage revealed that Wikileaks had edited out clips showing that the majority of the people in the area were armed militants carrying a rocket launcher and other equipment.  It also appeared that Wikileaks had dubbed false dialogue to make it appear as if the soldier manning the chopper cursed at the militants, screaming "prick", when in fact he said "break" indicating to shut down the gun.

Collateral Murder
Wikileaks edited out portions of the chopper cam video thast showed armed militants, in an effort to make the strike look like it intentionally targeted non-combatants.
[Image Source: U.S. Army via YouTube]

Wikileaks proponents have reacted to the revelation in several ways.  Some claim that the guns could easily be mistaken for "long telephoto lenses" and thus the edit was unintentional, a claim that paints an inadvertently fantastic and hilarious notion of a group of dozens of photographers with "long telephoto" lenses trooping around the most dangerous regions of Baghdad on a photo-shooting party.  Others admit that the site sensationalism, but argue that the site should be allow to the same tactics it blasts news sites for as it is "revealing global wrongdoing".

The video -- like the ongoing leaks of Stratfor and other contractors -- has triggered murderous outrage in the Middle East, with groups like the Taliban and al Qaeda stating that there will be bloodshed for the U.S. treachery.  A senior editor for Britain's most prestigious newspaper The Guardian claims Julian Assange was delighted at the idea of loss of lives of U.S. allies exclaiming, "These people were collaborators, informants. They deserve to die."

While journalists with The New York Times (also at the meeting) and other top international journalists at the meeting corroborated the statement, Julian Assange maintains that the acclaimed writers are all liars.  He accuses the same news sites that help to promote and publish his organization (such as The Guardian) of committing to "lies" and a massive "conspiracy" to silence his "truth". His followers unquestioningly parrot the defense that the alleged quote is just "media lies" to discredit a "hero".

IV. Some Anons May Have Protested Stratfor Hack

Returning to Stratfor, likely more will come out in coming weeks as the international trials of members of LulzSec -- who participated in the intrusion -- carry on.  The group's members have now all been arrested and detained, thanks to the work of their former leader "Sabu", who was actually a single father of two living in New York City.

The welfare recipient worked to sabotage the government that was paying for his and his children’s' livelihood, until the FBI swooped in and caught him.  At that point the Lulzsec "don" opted to save his own hide and turn informant.  For the next several months he collected information that led to the arrest of his underlings, including those that participated in the Stratfor attack.

Sabu 1
Hacker "messiah" Hector Monsegur, handle "Sabu" was a top leader in Anonymous and beloved.  While on government welfare, he helped mastermind the attack on gov't contractor Stratfor.
[Image Source: Fox News]

While some of the information on the Stratfor has already been published in various Anonymous or LulzSec attributed posts, the statements of international law enforcement agencies in the trials offer some of the first definitive verification and accounting of the extent of certain intrusions, such as the Stratfor breach.

Anonymous is reeling over Sabu's betrayal and responded with their favorite action -- more attacks.  Sabu was one viewed as a top leader in Anonymous.  Now he's reviled as a "snitch".  

Anonymous is "a group without a leader", in principle, but in practice it has many leaders, operating somewhat like a termite nest.  In a sense Sabu was like a queen -- while it's a blow to Anonymous, other queens will rise to take his place.

There is potential evidence that not all members of the group agreed with Sabu or his attack on Stratfor. A post to Pastebin states:

Stratfor has been purposefully misrepresented by these so-called Anons and portrayed in false light as a company which engages in activity similar to HBGary. Sabu and his crew are nothing more than opportunistic attention whores who are possibly agent provocateurs. As a media source, Stratfor's work is protected by the freedom of press, a principle which Anonymous values greatly.

This hack is most definitely not the work of Anonymous.

How much truth the claim holds is anyone's guess as the post could easily be the work of Stratfor or the U.S. government, even.  However, given that Sabu or his associates likely had posting rights to YourAnonNews, the presence of Twitter posts on the common feed does not necessarily represent that all members of the collective supported the attack.

 

Published by:

CWZ's picture

Name
Reza Rafati

Information
I am the founder of Cyberwarzone.com and I focus on sharing and collecting relevant cyberconflict news., The goal of Cyberwarzone is to provide the world a portal with global cyberwar information. The effort in getting this cyberwarfare information is hard. But as the internet is growing we need to get an global cyberwar & cybercrime monitoring system., By the people and for the people. We will be gathering information about Cybercrime, Cyberwarfare and hacking. LinkedIn: http://www.linkedin.com/pub/reza-rafati-%E2%99%82/1a/98b/197

Country
The Netherlands

My website
Cyberwarzone.com

Twitter:
http://twitter.com/#!/cyberwarzonecom