White House targets WikiLeaks and LulzSec in cyber-espionage report
February 21, 2013 17:37
In Washington, DC on Wednesday, Attorney General Eric Holder unveiled a new White House report that is meant to address further the growing threats malicious hackers are posing on America’s computer networks and the information stored therein.
The presentation, made just days after a security firm released an in-depth analysis of a covert cyberbattle waged at the US by Chinese hackers, is only the latest in a series of actions from the White House being rolled out to target computer criminals scouring the Web for privileged information to pilfer and exploit. As with an onslaught of other recent administrative actions, though, the latest release out of Washington also serves as yet another example of the White House’s escalating war on information sharing: In addition to singling out the dangerous actors abroad that are attempting to uncover state secrets and private intelligence, the report put out on Wednesday also points the finger at the whistleblowing website WikiLeaks and the group LulzSec — a now-defunctoffshoot of the hacktivist movement Anonymous who wreaked havoc on the Web for a span of several months in 2011.
US President Barack Obama has made numerous statements in recent months in which he addresses emerging cyberthreats from foreign competitors, specifically China, but the report released by the White House on Wednesday doesn’t stop with states abroad. Within the 141 pages of the publication, ‘Administration Strategy on Mitigating the Theft of US Trade Secrets,’ the Obama administration includes portions of a 2011 report that discusses the dangers posed by alleged hacktivists groups, including WikiLeaks and LulzSec.
That sub-report, a product of the Office of the National Counterintelligence Executive, was put together 16 months ago to warn Congress of the growing threats facing American companies holding onto crucial trade secrets and sensitive technologies that could be harvested from bad actors on the Internet. But in addition to the Chinese hackers who have managed to make international headlines this week on the heels of a highly-cited report, the publication warns that domestic parties could be acting as proxies for foreign intelligence.
“Cyberspace provides relatively small-scale actors an opportunity to become players in economic espionage,” the report claims in part. “Under-resourced governments or corporations could build relationships with hackers to develop customized malware or remote-access exploits to steal sensitive US economic or technology information, just as certain FIS have already done.”
“Similarly, political or social activists may use the tools of economic espionage against US companies, agencies, or other entities, with disgruntled insiders leaking information about corporate trade secrets or critical US technology to ‘hacktivist’ groups like WikiLeaks,” it continues.
Further down, the authors of the whitepaper attempt to broadly explain the hacktivism phenomena, citing WikiLeaks and the Anonymous-offshoot as examples of hacktivist groups orchestrated to harm the United States.
In the section ‘Possible Game Changers,’ the report reads:
“Political or social activists also may use the tools of economic espionage against US companies, agencies or other entities. The self-styled whistleblowing group WikiLeaks has already published computer files provided by corporate insiders indicating allegedly illegal or unethical behavior at a Swiss bank, a Netherlands-based commodities company, and an international pharmaceutical trade association. LulzSec — another hacktivist group — has exfiltrated data from several businesses that it posted for public viewing on its website.”
Exposing “allegedly illegal or unethical behavior” seems unworthy of administrative action on the surface, but when WikiLeaks or other groups are unearthing damaging facts about the United States, the White House is ready to respond. While unveiling the report this week, Mr. Holder said attacks targeting United States entities are posing a "steadily increasing threat to America's economy and national security interests.”
The attorney general’s comments mirror a remark made by Pres. Obama earlier this month during his annual State of the Union address when he said, “We cannot look back years from now and wonder why we did nothing in the face of real threats to our security and our economy.” Holder’s quip, however, comes at a crucial moment as it comes the same week that two accused LulzSec members have hearing in federal court week for matters related to WikiLeaks.
On Thursday morning, District Judge Loretta Preska told 27-year-old Jeremy Hammond and a courtroom full of supporters that she will not be stepping down at this time from the federal case against the young political activist, who’s accused by the government of hacking private intelligence firm Stratfor during a highly-publicized security breach in late 2011. Prosecutors say Hammond, an alleged member of LulzSec, hacked into Stratfor and obtained a trove of personal information, including personal correspondence between executives and thousands of credit card credentials belonging to subscribers of a paid service offered by the company. In recent weeks, though, it’s been discovered that Judge Preska’s husband, attorney Thomas J. Kavaler, was victimized in that very hack. Mr. Kavaler’s personal information, including his credit card numbers, were leaked in the hack attributed to Hammond. Despite this knowledge, though, Judge Preska said Thursday that she is reserving judgment in recusing herself from the case.
“The conflict of interest here is clear cut,” National Lawyers Guild Executive Director Heidi Boghosian said in a statement earlier this week. “Judge Preska is required to avoid the appearance of bias so that, even if she owned one share of Stratfor stock, she would be obligated to recuse herself. How can she be impartial when the case directly affects the man she wakes up to every morning?”
Supporters of Hammond say any conviction might be grounds for an appeal if Judge Preska stays on board, but given the current state of affairs — especially Thursday’s decision — a happy ending for the alleged hacktivist seems improbable. Moments before Thursday’s hearing began, attorney Michael Ratner of the Center for Constitutional Rights told a crowd outside of the courthouse that Mr. Holder’s report from one day earlier suggests the Obama administration will go to great lengths to return a guilty verdict against Mr. Hammond and any other hacktivists.
“Just yesterday, our wonderful attorney general announced a new policy, a tougher policy, one in which he said we are going to make truth tellers — getting them — a priority,” he said.
According to Ratner, the latest maneuver out of Washington exemplifies the Obama administration’s ongoing witch-hunt for political activists who have engaged in activity critical of the US government.
“They already killed Aaron Swartz; Jeremy Hammond is facing 39 years-to-life; Bradley Manning, life imprisonment; and Julian Assange, if they ever get him out of that embassy and into a prison here, will face the same,” said Mr. Ratner, who works as an American attorney for the whistleblower site.
Last month, 26-year-old Demand Progress founder and Reddit co-creator Aaron Swartz was found dead in his New York City apartment from an apparent suicide. He was weeks away from standing trial in a controversial court case regarding his alleged theft of free academic papers published on the website JSTOR. After his death, Aaron Swartz’ father blamed the government in part for his loss.
“Aaron did not commit suicide but was killed by the government,” Robert Swartz said during his son’s funeral earlier this month outside of Chicago, Illinois. “Someone who made the world a better place was pushed to his death by the government.”
Interestingly, all parties mentioned by Mr. Ratner share one common bond in particular: they’ve all been linked in some regards to the WikiLeaks website. After his passing, WikiLeaks founder Julian Assange said with little explanation that Swartz had a relationship with his organization. As for Hammond, the Stratfor data he is believed to have compromised was later published by WikiLeaks, a group which has been in the sights of American prosecutors since even before the 2010 release of materials attributed to Army Private first class Bradley Manning — a 25-year-old soldier who has been detained for roughly 1,000 days now without trial. Assange, an Australian citizen residing in England, has been inside of London’s Ecuadorian Embassy for over six months awaiting safe passage to South America.
“What do they want to do? Put them up against the wall and just shoot the guys?” Mr. Ratner asked outside of the courthouse.
On Friday, Mr. Ratner might very well get his answer. Hector Xavier Monsegur, a hacker who famously operated on the Web as LulzSec ringleader “Sabu,” will be sentenced in federal court for crimes that preceded the Stratfor hack. But although Sabu’s rap sheet is long and his crimes arguably heinous, he is expected to be let off easy: according to court documents, he pleaded guilty back in August 2011 but has had his sentencing delayed because of his ongoing cooperation with federal investigators. In fact, FBI agents provided him with the very computer used by Hammond to upload the hacked Stratfor files just two months later.
“A travesty of justice,” Mr. Ratner said of the ordeal on Thursday, accusing the government of entrapping other LulzSec members by using Sabu as a confidential informant. That on its own is being considered enough reason by soon to shut-down the case against Hammond.
Since the start of 2013, Washington’s elite have relentlessly rolled out new attempts at prosecuting and persecuting alleged cybercriminals. On the day of his State of the Union address, Pres. Obama signed an executive order that will lay out the framework for a system of information-sharing about the government and private businesses. One day later, Rep. Mike Rogers (R-Mich.) and Sen. Dutch Ruppersberger (D-Calif.) reintroduced the Cyber Intelligence Sharing and Protection Act, or CISPA — an attempt at formally creating those government-to-business links through federal legislation. Both lawmakers attempted to have CISPA be approved by Congress last year, but the bill failed to advance to the Senate before the end of the session.
In light of recent events, though, CISPA may have a new fate. This week’s report on emerging cyberthreats from China has garnered so much attention that the White House and Justice Department responded with their new strategies to protect trade secrets and intellectual property on the Web. Meanwhile, lawmakers on both sides of the aisle and the president himself are advocating new cybersecurity laws almost to the same extent of the fear-mongering being spewed at the same time.
“This is clearly not a theoretical threat – the recent spike in advanced cyberattacks against the banks and newspapers makes that crystal clear: American businesses are under siege,” Rep. Rogers said when he unveiled his proposal. Rep. Ruppersberger added that all it will take is one national cyber-emergency and Congress “will get all the bills passed we want.”
Until then, though, it will be the courts that come down on hacktivists — not Congress. Meanwhile, those making enemies with the White House say they won't stop. In a letter published by his attorney on Wednesday, Jeremy Hammond writes, "We the people demand free and equal access to information and technology. We demand transparency and accountability from governments and big corporations, and privacy for the masses from invasive surveillance networks.
"The government will never be forgiven. Aaron Swartz will never be forgotten."
No comments:
Post a Comment