Covert ops exist globally and domestically, many share a common goal but require an sizeable quantity of work to accomplish their goals through standard methods. Governments and organizations will sometimes utilize resources that are thrown into their laps in order to accomplish a task. I’m going to talk about some of these that have played out in the real world. I will be using some real world examples that actually happened involving the United States government, hackers, journalists, and activists.
You definitely should always do your own research about subjects.
Disclaimer
Some of the individuals covered in this article may be offensive and you may dislike them, that is your choice. This information is provided from facts and documented events. Like it or not, these events happened. Reality is always much more grittier than the stories you are told. That being said, let’s take a look into some of the operations and clever honeypots the United States government has been involved with in the last decade.
LulzSec and AntiSec
I will begin this by saying that LulzSec and AntiSec were offshoots of Anonymous, there is a common thread between the two. One of which was a hacker who became an FBI informant, Sabu. Sabu was never officially associated with anonymous, or so is claimed, he did tweet about them several times and was in the IRC chats. His involvement with LulzSec and AntiSec are very interesting as during the time of both, Sabu was an informant and under constant surveillance and interaction with the feds. In many cases some 0-day exploits were provided to Sabu in order to be used in their campaign. This may seem odd but let’s take a look at some of the targets and the fall out of these two operations.
LulzSec was responsible for a number of sites being taken down, most of which were vulnerable to SQL injections which in the 2010–2015 range were very common to find for websites and services. LulzSec also used DDoS attacks via the LOIC. As technology changes often security is the last thing that most organizations care about, but, some organizations such as the CIA take it very seriously. This is were LulzSec becomes interesting as Sabu was arrested on June 7th, 2011 and that day became an FBI informant. June 15th, 2011 the CIA.gov site was attacked. The FBI actively knew and were monitoring the takedown of the CIA site with their informant, LulzSec took down many targets in their campaign. As the campaign started in May of 2011 and subsequently ended on the 26th of June, for 11 days with LulzSec, Sabu was an informant and attacking other federal agencies. There is more to this in the next operation, AntiSec.
LulzSec was all fun and games, to anyone reading about them. Their use of playful memes and messages of the hacks and their mannerisms. AntiSec would be a much different approach with a different goal. During this time Sabu and other large influence Anonymous accounts were publicly encouraging a dissident movement. This movement was Occupy Wall Street, more on that later, as some of the targets of AntiSec would shine a light into the op. As with any operation with hackers there was a plethora of targets, DHS, FBI, politicians, and political parties. Sabu is still an FBI informant under constant surveillance and working in some cases with him directly at his computer. This cooperation would benefit him later when prosecutors would begin filing charges, however, this level of involvement with the FBI is uncanny and dangerous.
AntiSec would target a number of companies and organizations, one being Stratfor. Stratfor is billed as an “intelligence think tank” based in Austin, TX. A trove of millions of emails were obtained from their servers thanks to AntiSec, specifically Jeremy Hammond. Hammond(aka Anarchaos, SUP_G, O) would later be charged and convicted for the Christmas Eve 2011 hack against Stratfor. Hammond was sentenced to 10 years in federal prison over the Stratfor hack. Hammond is currently serving the rest of his sentence in a halfway house in the Chicago area. Hammond would also utilize the credit card information of a former FBI agent to send Christmas Eve and Day donations to various organizations in 2011. This would make international news of the hack. Charges would be brought to Hammond in March of 2012. Note, Sabu is working directly with Hammond during all of the AntiSec attacks. Again, raising further questions about the FBI involvement in the operation and in some cases still providing 0 day exploits to Sabu.
The emails dumped in the Stratfor hack were circulated to journalists and reviewed to be placed on WikiLeaks under the Global Intelligence Files. Many of these emails contained communication with Stratfor employees and several high ranking United States government members. Discussions between Stratfor and Bank of America on spying on participants in Occupy Wall Street, discussions with the DEA to kill a Mexican Drug Lord, sealed indictment against Julian Assange, insider trading discussions, and oh so many more crimes. However, no charges were ever brought to any involved in such crimes as outlined by the emails. In the emails were authentication information and credit card information as well.
During mid 2011 a project began started by Barrett Brown, called ProjectPM this project’s aim was to shine a light into the global intelligence industrial complex. At the time the Snowden leaks had not occurred but a lot of speculation on what was possible had long been made. Barrett was an outspoken journalist and had ties to Anonymous. Barrett and other journalists were scouring for data on the intelligence industry and later in 2011 would be provided information directly from Sabu. This information would be Stratfor emails. Barrett Brown uploaded these emails directly to the ProjectPM wiki without any redaction. Due to this linking, he would subsequently be charged in 2012 and face 100+ years. Later those charges would be dropped and Barrett would end up being convicted of various other charges including accessory after the fact, obstruction of justice, and threatening a federal authority all related to the Stratfor hack. He was sentenced to 63 months in federal prison and ordered to pay Stratfor $900,000 in restitution.
Occupy Wall Street
Occupy Wall Street began in September 2011. Anonymous and other groups strongly encouraged the movement as well as provided advice on how to prevent from being identified. In 2011, facial recognition software was not as pervasive as it is now but was a constant fear at the time by many. Anonymous accounts would tweet and provided updates and videos of the situation just as they had numerous times before. At this time Sabu’s twitter following had grown quite a bit as he publicly would tweet anti government tweets and support for Occupy Wall Street.
Occupy Wall Street was seen as being an opportunity for the 99% to demonstrate their frustrations to banks, the stock exchange, and government. It was also used by the governments, banks, and intelligence agencies to target individuals. This became very clear with just some of the Stratfor emails that would be dumped in December of 2011. The identities of participants were shared in intelligence and financial industry. This type of information along with the intelligence gathered by the Department of Homeland security would lead to subsequent arrests as well. Civil disobedience was being weaponized against the very people being disobedient. This operation along with AntiSec were very successful in arrests of journalists, activists, and hackers. Tax dollars at work.
The outcome of Occupy Wall Street was lackluster and really resulted in no changes for Americans. Some Americans would lose their freedoms as part of their arrests and permanently added to intelligence watch lists for further use when needed. The key takeaway from this, be mindful of a movement. If it does not have a clear goal of what changes are to be made then it could very possibly be an extensive operation to discover dissidence. It is possible and Occupy and AntiSec are clear cases of such events. Even at the cost of destroying people’s lives in the process.
Stuxnet
We have looked extensively how the FBI used influence of an individual and organization in order to break it’s citizens. Let’s take a look at how government operations can be used in conjunction with other op’s to completely stop a perceived threat. In comes Stuxnet, a computer worm. It’s sole reason to exist was to stop a particular nuclear reactor controller in Iran. It infected millions of devices that it did no damage or cause any issues for those infected in search of this devices. This clever worm is a demonstration of the vulgar display of power governments can have when backed by expansive military budgets.
Stuxnet started circulating around 2010, it was thought to have been in development since 2005. It was a joint effort with the United States government and Israeli governments. The scope was to attack centrifuges in Iran nuclear facility. These machines were “airgapped” meaning they were not connected to the public internet and were isolated to their own intranet. This worm had to circulate around the world and back again, until it got to it’s target. Once there it would spoof output to the control center to prevent detection until it destroyed the centrifuges safely in order to disable Iran’s nuclear capabilities. It was able to do this successfully.
Stuxnet being a successful operation implies not only that the intelligence that the governments had gathered was accurate, it also demonstrated what they were capable of doing with that intelligence. This operation was seen as an unknown threat to cybersecurity experts. Top researchers were trying to reverse engineer the code and determine what it was trying to do besides infect more and more machines. Outsiders looking in, it was a throwback to the 90’s when virus and worms ran rampant on the internet and was common occurrence. The story behind Stuxnet is in and of itself worth spending time to really research in your free time, I recommend it.
Playpen
We have no seen our own government participate in use of individuals, software, and other governments to accomplish operations. Let’s now take a quick look at Operation Pacifier. The FBI hacked the Playpen site, this site was a child pornography site. Had the feds shut it down, this would be just seen as an overall win by everyone. However, with the operation the FBI continued to run the site for two weeks. Many ads on the deep web were found to be encouraging users to go to the site during this time. This uptick in advertisements had to originate from somewhere, and many speculate that this was part of operation pacifier. The attack of the site and continued operation also led to international concerns over the FBI’s jurisdiction and legality of their actions.
I support the takedown of child abuse and human trafficking sites. They represent the ultimate in depravity of human nature. Anonymous also has led a number of attacks of child abuse sites on the dark web as well as groups on Facebook, Instagram, and other social media services. Child abuse is not isolated to the dark web, it is also very much in a lot of platforms deemed as safe. Even YouTube has had numerous problems with private videos. If you encounter any child abuse on the internet, use this link to report it.
Honeypot Companies
We have now seen a number of methods that actively been deployed by the government in order to perform their operations. Last on the list for this article is use of companies or creation of honeypot companies. Governments around the world play into this as technology is global and not just region isolated unless you are in North Korea. As technology has exploded so has the dragnet capabilities of applications and services that people have grown to rely on for entertainment, news, and other aspects of their lives. This reliance also introduces a number of data collectors that could be used against individuals, in a lot of cases without warrants.
Metadata and companies providing free services are in most cases the de facto in the modern era. Nothing is truly free though, servers cost money, developers cost money, and everyone has bills to pay. This cost comes at the data of the consumer. On the surface this could be seen as just used only for advertisement, but it is also used with machine learning now to determine individuals involvements in certain behaviors. Data collection has made the need for large scale in person ops not quite as needed though even recently the Capitol Raid could be seen as an elaborate operation at the cost of Parler, Facebook, and others. Each company’s service was used and each company had data points that ended up being disclosed about the organization of the event. This should set off alarms, but, most are just shrugging it off.
Big tech companies should not be replaced by migrating to a smaller company who also is collecting data. This effectively is just changing hands of who has the data. This is not only bad for operational security this is also bad for innovation. It is a behavioral experiment and demonstrates that even when given tools to be in control of their own data, people will still rely on a third party and complain when information is compromised. This mentality plays right into complex operations. Our society has shunned away from privacy up until recently and it shows. Elon Musk recently tweeted to use Signal, they now have 40 million new users and are having some technical issues handling the new traffic volume. The technical issues of them handling the traffic volume is also an indicator of centralized services that could be weaponized. I have posted an article before on the dangers of phone registration applications and how they can be abused, Signal is no different.
There have been a few companies over the years invested in, started by, or ran by operatives from nations around the world and the United States. These operations have been as subtle as introduction of encryption tools to extensive cybersecurity research organizations. You should do research on any and all software you use and find out who is behind the company. Look into what data they collect, how are they making money if it is free, and understand the risks involved. There is a deep topic here of companies that have historically been honeypots. As we have seen in the past the feds are not afraid to throw their own under the bus so to speak to get data and arrests they want. I would not put it past any social media company, website, or service you use.
Closing
It is important to understand that operations from nation states and in these cases the United States governments have often been grossly under estimated in their scope. The amount of involvement in some of these operations should be labeled as criminal, however, they will often just be swept under the rug. There are many others, but these few operations here involve technology, journalists, and hackers. All of which are very dear to my heart and I thought I would I use those specifically to point a light at the current situation in the United States. As there is not a “hacker group” running rampant in perception to the outside, instead we have company’s playing some parts in this.
To clarify, currently some journalists are reporting as well as the FBI to be mindful of impeding demonstrations and attacks against capitol cities. We have company’s fighting in such a way that it appears to be a technological dog fight of sorts over the rights of individuals and their freedom of speech. I want to make one thing very clear, even on the platform this is posted, when you use someone else’s platform you do not have any rights over that information. Read the TOS. That being said another common fallacy happening daily is jumping from large dangerous tech company to make another tech company large and dangerous. Perception is key in proper honeypotting, do not think for a moment any company is above complying with law enforcement, that is a common mistake seen time and time again.
I cannot stress enough that you should take a moment and look at the reality of the world and not buy into social media. Social media, especially during this pandemic, is creating an environment ripe for conspiracy theories and unfounded claims. This creates a volatile atmosphere similar to the one seen in 2011. Do not allow government agencies to use an advanced operation to dupe you into participating in such activities only to be used against you as they have so many before you. 2011 was a testing ground, so many are now so eager for excitement in their life that they will buy into these operations in the hopes of being a part of a “movement”. The only real movement is the movement for yourself.
Hacking, journalism, activism, and freedom go hand in hand, each carries it’s own set of challenges and when they combine powers you have a powder charge that can blow easily with just one person setting off a chain reaction. The chain reaction in 2011 is still having adverse effects and did quite a number on eroding the Anonymous movement, hacktivism, and the ever evolving intelligence industry.
Tread carefully, stay vigilant, and research.
Feel free to reach out to me on these platforms:
Signal:(867–675–1041)
Tox: D7D264EA7541C4324625A8360267C3C54F9C1AF564D4266FE4 5F2BCB68924E21CB2A75746D51
