RT’s Thom Hartmann interview, Lee Fang, reporter and blogger for ThinkProgress, and the person who broke the ChamberLeaks story.
Related Link: Glenn Greenwald Explains HBGary/ChamberLeaks
Congressman Hank Johnson, who represents Georgia’s Fourth Congressional District, refuses to allow the scandal to be swept under the rug. He wants to know exactly what HBGary Federal, Palantir Technologies, and Berico Technologies were up to when they proposed to use counterterrorism and intelligence technologies against U.S. citizens on behalf of powerful private interests.
Related Link: Congress Demands DoD and NSA Contracts with HBGary
Anonymous’ recent exposure of a Federal contractor’s plan to take down WikiLeaks has led to a congressional probe seeking data on contracts the company and its partners hold with the U.S. military and intelligence agencies.
The House Armed Services Subcommittee on Emerging Threats and Capabilities on Wednesday asked the Defense Department and its intelligence arm — the National Security Agency — to hand over copies of any contracts they may have signed with HBGary Federal, Palantir Technologies and Berico Technologies.
Rep. Hank Johnson (D-Georgia) grilled Gen. Keith Alexander, director of the NSA and commander of the U.S. Cyber Command, and Dr. James Miller, Jr., deputy under secretary of defense for policy, on the services the firms provided their agencies.
Miller replied that he would have to check with the Defense Department’s general counsel to “make sure that the provision of that type of information is allowed contractually.”
When Johnson asked whether this meant the contracts might have provisions barring them from being shared with Congress, Miller backtracked and said no, that it would take time to determine all the agencies in the department that have contracts with the companies and decide in what form to provide the information.
Subcommittee Chairman Mac Thornberry (R-Texas) interjected that the information should be provided to the entire committee.
“This scandal cries out for an investigation,” said Johnson in a statement to Threat Level. “I’ll do it by myself if I have to.”
All three companies were recently in the crosshairs after e-mails stolen from HBGary Federal revealed that the company had been working on a proposal for the law firm Hunton & Williams to investigate and discredit WikiLeaks. The proposal included such maneuvers as:
The plan was exposed after members of the online vigilante group Anonymous breached the company’s network and stole more than 60,000 internal e-mails.
HBGary Federal claimed in a news story that it had been working with the FBI to unmask hackers behind recent denial-of-service attacks against PayPal, Visa, MasterCard and Amazon. Members of Anonymous — a loosely structured group of vigilantes — had organized the mass attacks after the companies suspended accounts used by WikiLeaks to receive donations and host documents. In an attempt to uncover HBGary Federal’s investigation of its members, Anonymous hacked the company.
After HBGary’s WikiLeaks plan was exposed, Palantir denied knowledge of details of the proposal. Both it and Berico distanced themselves from HBGary Federal, and HBGary Federal CEO Aaron Barr subsequently resigned.
Last month, Rep. Johnson and more than a dozen other lawmakers sent a letter to four committees urging Republican leaders to investigate the three firms after it was revealed that in addition to the anti-WikiLeaks plan, HBGary Federal may also have been involved in a similar plan to target critics of the U.S. Chamber of Commerce.
Johnson’s office told Threat Level that the Judiciary Committee, one of the committees that received Johnson’s letter has responded that it will not investigate the companies.
A representative for the House Armed Services Committee, another committee that received the letter, said that a decision on investigating the companies will depend on what response the subcommittee gets from the Defense Department about the contracts.
“This is the first official ask from the subcommittee [in this matter], said committee spokesman Josh Holly.
HBGary Federal does classified work for the U.S. federal government among other security work; Palantir is believed to have government contracts, as well.
Gen. Alexander told the congressional subcommittee that he wasn’t sure how many contracts the government had with the companies or the nature of them but noted that Palantir offers tools to visualize traffic on the internet and computer networks.
“My recollection with working with Palantir was, here is an idea that we could use for how to look at networks and how to secure,” he said.
arstechnica.com: Embattled HBGary Federal CEO Aaron Barr quit his job yesterday as the prospect of a Congressional investigation loomed. A dozen Democrats in Congress asked various Republican committee chairs to launch probes of HBGary Federal’s idea for a “reconnaissance cell” targeting pro-union organizers. The three companies called themselves Team Themis, and instead of providing simple “business intelligence,” they had a few other ideas:
Now, some members of Congress want an investigation. “The [Team Themis] techniques may have been developed at US government expense to target terrorists and other security threats,” said a letter signed by the representatives.
“The e-mails indicate that these defense contractors planned to mine social network sites for information on Chamber critics; planned to plant ‘false documents’ and ‘fake insider personas’ that would be used to discredit the groups; and discussed the use of malicious and intrusive software (‘malware’) to steal private information from the groups and disrupt their internal electronic communications.”
Did anything illegal happen? The letter suggests that forgery, wire fraud, and computer fraud might have taken place and that Congress should investigate the ways that private contractors turn their military contracting experience on private targets. Other e-mails contain similar proposals to target supporters of WikiLeaks on behalf of Bank of America, which fears it will be that group’s next target. Bank of America has denied knowledge of the proposals.
Hunton & Williams, the middleman law firm in all this (and the middleman between a major US bank and Team Themis’ similar plan to take down WikiLeaks), has steadfastly refused to comment on the whole story. But it too may find itself in trouble after a professional conduct complaint (PDF) was lodged against it last week in Washington, DC. The complaint was filed by Stop the Chamber and Velvet Revolution, two of the groups targeted for the potential Chamber of Commerce campaign. It accuses the three Hunton & Williams lawyers named in the HBGary Federal e-mails of “an extended pattern of unethical behavior that included likely criminal conduct.”
Specifically, they solicited, conspired with and counseled three of its investigative private security firms to engage in domestic spying, fraud, forgery, extortion, cyber stalking, defamation, harassment, destruction of property, spear phishing, destruction of property, identity theft, computer scraping, cyber attacks, interference with business, civil rights violations, harassment, and theft.
Most of this alleged bad behavior was done, of course, by Team Themis and not by Hunton & Williams. Still, they reviewed (and appear to have had no problems with) the material. As the complaint puts it, “none of the H&W lawyers ever expressed any reservation or doubt about the unethical conduct proposed and committed by their investigators. In fact, they actively solicited and approved everything that was proposed and presented.”
The complaint asks the DC Board of Professional Responsibility to strip all three Hunton & Williams lawyers of their licenses.
Related Link: Congress Demands DoD and NSA Contracts with HBGary
Embattled CEO Aaron Barr says he is stepping down from his post at HBGary Federal to allow the company to move on after an embarassing data breach.
The announcement comes three weeks after Barr became the target of a coordinated attack by members of the online mischief making group Anonymous, which hacked into HBGary Federal’s computer network and published tens of thousands of company e-mail messages on the Internet. HBGary did not respond to telephone and e-mail requests for comments on Barr’s resignation.
In an interview with Threatpost, Barr said that he is stepping down to allow himself and the company he ran to move on in the wake of the high profile hack.
Anonymous conducted a preemptive strike on HBGary after Barr was quoted in a published article saying that he had identified the leadership of the group and planned to disclose their identities at the B-Sides Security Conference in San Francisco. By combining a SQL injection attack on HBGary’s Web site with sophisticated social engineering attacks, the group gained access to the company’s Web- and e-mail servers as well as the Rootkit.com Web site, a site also launched by HBGary founder Greg Hoglund. Ultimately, the group defaced HBGary’s Web site and disgorged the full contents of e-mail accounts belonging to Barr, Hoglund and other company executives.
Though Barr and HBGary were the victims of the hack, the contents of the e-mail messages divulged plans that cast both in an unflattering light. HBGary counted many U.S. government agencies, including the Department of Defense, CIA and NSA as customers. The disclosure of e-mail messages from the company poses a major security risk to those organizations, as well as individuals who had corresponded with the firm. The breach also raises troubling questions about the direction that HBGary and other Beltway firms have taken. Email exchanges published online revealed the firm to be at work on a variety of plans to do data mining and information operations on U.S. organizations and journalists on behalf of clients including law firms representing a large U.S. bank and the U.S. Chamber of Commerce. Most recently, the incident spilled into the mainstream, with comedian Stephen Colbert devoting a segment of his Colbert Report program on February 24th to the HBGary hack.