Latest developments in the U.S. Chamber of Commerce scheme to illicitly target me and my family, as well as other progressive citizens, journalists and organizations...

Brad Friedman Byon 2/18/2011, 8:04pm PT

It's strange, difficult and a bit uncomfortable reporting on the $12 million U.S. Chamber disinfo plot and smear campaign after finding myself (and my family), much less VelvetRevolution.us (VR), the non-profit organization co-founded by The BRAD BLOG, as direct targets of it. As you might have assumed, there is much going on behind the scenes that I can't report on at this time, but I've been happy to see some fairly decent coverage --- even by some in the print MSM, if not much in the broadcast media yet --- of this important, disturbing and still developing story.

It's easier to talk and opine on what I've learned about the plot, as I've been doing in a lot of media interviews over the past week (a few of those radio appearances are linked below), than it is to actually report on it, per se. Yet, there have been several noteworthy points and advancements in the story over the past week since I originally covered it in depth here on Monday.

New information being dug up over the last several days, since I initially reported on this story in depth at the beginning of the week, now indicates that the Chamber Plotters had likely intended to use cyber attacks and hacks against us as well.

Those key updates, and the very quickest of backgrounders for those unfamiliar with the sordid tale up until now, follow below...

Quick Background

For those new to the story, it involves email revelations that the U.S. Chamber of Commerce, the nation's largest corporate lobbying firm, was working with the law firm Hunton & Williams (H&W), to develop a scheme with three well-connected, government-contracted cyber-security/intelligence firms (HBGary Federal, Berico Technologies and Palantir Technologies --- calling themselves "Team Themis" collectively) to use nefarious and likely illegal schemes in hopes of discrediting VR, myself and other progressive citizens, journalists and organizations who had opposed the Chamber's extremist corporate agenda.

A parallel plot, similar in many ways, was also being developed, according to tens of thousands of emails and other documents posted to the web by the "hacktivist" collective Anonymous, led by the Bank of America to attack WikiLeaks with the same law firm and security contractors on board. That plot included a scheme to target Salon journalist Glenn Greenwald, and both involved the use of tools and techniques developed for the so-called "War on Terror", the planting of false documents and the creation of fake personas, all in hopes of discrediting the perceived political enemies of both the Chamber and BofA.

Incredibly enough, H&W was recommended to BofA by the U.S. Dept. of Justice.

The schemes, as Greenwald described them, appear to "quite possibly constitute serious crimes."

"Manufacturing and submitting fake documents with the intent they be published likely constitutes forgery and fraud," he wrote. "Threatening the careers of journalists and activists in order to force them to be silent is possibly extortion and, depending on the specific means to be used, constitutes other crimes as well."

Malware Virus Attacks

Last night, ThinkProgress' Lee Fang reported the plan being solicited by the Chamber's law firm Hunton & Williams included plans "to use exploits to steal information from the Chamber's opponents, or worse." The Team Themis proposal "boasted of HBGary Federal's capabilities in 'Information Operations,' a military contractor term for offensive data extraction techniques typically reserved for use against terrorist groups. The slide [from one of their Power Point presentations] includes sections on 'Vulnerability Research/Exploit Development' and 'Malware Analysis and Reverse Engineering.'"

As Fang explains...

HBGary, the parent company of HBGary Federal, specializes in analyzing "malware," computer viruses that are used to maliciously steal data from computers or networks. In other presentations, Barr makes clear that his expertise in "Information Operations" covers forms of hacking like a "computer network attack," "custom malware development," and "persistent software implants." The presentation shows Barr boasting that he had knowledge of using "zero day" attacks to exploit vulnerabilities in Flash, Java, Windows 2000 and other programs to steal data from a target's computer. Indeed, malware hacking appears to be a key service sold by HBGary Federal. Describing a "spear phishing" strategy (an illegal form of hacking), Barr advised his colleague Greg Hoglund that "We should have a capability to do this to our adversaries." ... In September, HBGary Federal executives again contemplate their success of a dummy "evite" e-mail used to maliciously hack target computers.

...

Barr also sent another document to the Chamber's attorney describing in greater detail Team Themis' hacking abilities (download a copy here). In one section, Team Themis claims that "if/when Hunton & Williams LLP needs or desire," they can use "direct engagement" to "provide valuable information that cannot be acquired through other means." This cryptic pledge appears to be in reference to same malware data intrusion techniques proposed in the other Team Themis documents.

ThinkProgress finally concludes:

It should be noted that the Chamber's attorneys and lobbyists were well aware of Team Themis' plans. A sample demonstration of Team Themis work had " sold the Chamber " at one point. Throughout the conversations made available by the leaked e-mails, neither the Chamber or its attorneys ever raised ethical complaints.

The demo which "sold the Chamber", as I noted in Monday's report, was a video demonstration, embedded in that story, of the software the Team Themis firms had developed to collect or "scrape" information from social networking and news sites, and map them together to help track terrorist networks. As I noted, with side-by-side screen shots from the "Iranian Shipping Demo" video cited and from the Power Point presentation that Team Themis had created (featuring me as their first "Tier 1" target), the plan was to use the "terror tools" developed for the U.S. government's "War on Terror" against U.S. citizens and organizations:

Writing at Ars Technica tonight, Nate Anderson picked up on the same theme:

The actions of HBGary Federal's Aaron Barr also serve as a good reminder that, when they're searching for work, private security companies are more than happy to switch from military to corporate clients-and they bring some of the same tools to bear.

...

His compatriots at Palantir and Berico showed, in their many e-mails, few if any qualms about turning their national security techniques upon private dissenting voices. Barr's ideas showed up in Palantir-branded PowerPoints and Berico-branded "scope of work" documents. "Reconnaissance cells" were proposed, network attacks were acceptable, "target dossiers" on "adversaries" would be compiled, and "complex information campaigns" involving fake personas were on the table.

'Fake Personas'

As first reported by ThinkProgress when they originally broke the news of the Chamber Plot last week, key elements of the Team Themis plan included the use of both planting a "fake document", as well as creating "fake insider personas" at both VelvetRevolution.us' StopTheChamber.com campaign and the separate US Chamber Watch campaign run by Change to Win (CtW), a union-backed coalition also fighting against the Chamber's positions and tactics.

Here's a key portion from Team Themis' 11/29/10 "Information Operations Recommendation" [PDF], created for the U.S. Chamber and H&W, explaining how they hoped to "discredit" and "embarrass" US Chamber Watch "and those associated with it" with "information operations" [emphasis added]:

Create a false document, perhaps highlighting periodical financial information, and monitor to see if US Chamber Watch acquires it. Afterward, present explicit evidence proving that such transactions never occurred. Also, create a fake insider persona and generate communications with CtW. Afterward, release the actual documents at a specified time and explain the activity as a CtW contrived operation. Both instances will prove that US Chamber Watch cannot be trusted with information and/or tell the truth. 3., perhaps highlighting periodical financial information, and monitor to see if US Chamber Watch acquires it. Afterward, present explicit evidence proving that such transactions never occurred. Also,and generate communications with CtW. Afterward, release the actual documents at a specified time and explain the activity as a CtW contrived operation. Both instances will prove that US Chamber Watch cannot be trusted with information and/or tell the truth. 4. Connect US Chamber Watch's radical tactics to Velvet Revolution, explaining that both entities are loosely operating together. Depending on the level of connection established, such an approach may need to be spotlighted as more of a conspiracy rather than a separate, vocal persona. 5. If needed, create two fake insider personas, using one as leverage to discredit the other while confirming the legitimacy of the second. Such work is complicated, but a well-thought out approach will give way to a variety of strategies that can sufficiently aid the formation of vetting questions US Chamber Watch will likely ask.

When I wrote about this on Monday, I expressed concerns that the Dept. of Justice was unlikely to pursue real accountability in this matter for a number of reasons. Among those reasons was that, in the case of criminal action, the DoJ is compromised because they, themselves, had originally recommended the H&W law firm to Bank of America for their operation against WikiLeaks.

Moreover, and it seems this could come in to play in any potential civil action as well, the tactics proposed for use by these firms were developed for use in the "War on Terror" and are still being developed and used in that fashion today. Even a civil trial might, the DoJ could try to argue, expose the methods used to catch terrorists, as the methods used to attack the Chamber's political foes were detailed in court proceedings. (There is also the matter of the Big Corporations and the Big Government now largely becoming one, allowing corporate lawlessness with impunity, even as everyone else is forced to follow the rules that they are not, as Greenwald expertly discussed at Salon late last week.)

On Monday, Marcy Wheeler offered a real-world demonstration, based on the released emails, of how HBGary CEO Aaron Barr had used these techniques previously against terrorists. Today, however, The Examiner's Sean Kerrigan focuses on a U.S. government contract, discussed in the HBGary emails, specifically for the development of software to create and "manage 'fake people' on social media sites and create the illusion of consensus on controversial issues."

As Kerrigan reports:

The contract calls for the development of "Persona Management Software" which would help the user create and manage a variety of distinct fake profiles online. The job listing was discussed in recently leaked emails from the private security firm HBGary after an attack by internet activist last week. Click here to view the government contract (PDF) According to the contract, the software would "protect the identity of government agencies" by employing a number of false signals to convince users that the poster is in fact a real person. A single user could manage unique background information and status updates for up to 10 fake people from a single computer. The software enables the government to shield its identity through a number of different methods including the ability to assign unique IP addresses to each persona and the ability to make it appear as though the user is posting from other locations around the world. Included in HBGary's leaked emails was a government proposal for the government contract. The document describes how they would 'friend' real people on Facebook as a way to convey government messages.

...

The creation of internet propaganda software is only one of HBGary's controversial activities. According to Wikileaks competitor and occasional collaborator Cryptome.org, several other progressive organizations were intended to be targeted including anti-war activist, anti-torture organizations and groups opposed to the US Chamber of Commerce.

"Happy Rockefeller" at dKos has also been writing about the troubling implications of all of this, and how sites like dKos could well be targeted by such software. Last week Marcy Wheeler discussed how HBGary was preparing to pay folks $250/hour to manage such personas on social media sites such as Twitter and Facebook as part of the U.S. Chamber plot.

The Chamber plot being organized by Hunton & Williams with Team Themis might have been diabolical and illegal --- at least if you or I had been working to carry it out against them --- but the contract highlighted by Kerrigan, and Barr's detailed discussion about his company hoping to do exactly what was being called for in it, demonstrates again how the U.S. government and their partners in the now-all-but-exempt-from-the-rule-of-law corporate world are already using such tactics, with the blessings (and tax-payer dollars) of the U.S. government, against lord knows who, with impunity --- and likely with immunity from the law.

Public Shame

While these folks may be immune from the law, they are not necessarily immune from public shame --- at least in the case of HBGary, which was to have featured several speakers, including Barr, and a booth at a series of important cyber-security conferences (the RSA Conference and B-Sides) in San Francisco this week.

"Rarely in the history of the cybersecurity industry has a company become so toxic so quickly as HBGary Federal," Forbes' Andy Greenberg wrote on Tuesday. "Over the last week, many of the firm’s closest partners and largest clients have cut ties with the Sacramento startup. And now it’s cancelled all public appearances by its executives at the industry’s biggest conference in the hopes of ducking a scandal that seems to grow daily as more of its questionable practices come to light."

ZDNet's Ryan Naraine posted the sign at the RSA Conference this week, in the booth where HBGary would have been before they, for some reason or another, decided to cancel their appearances at both conferences entirely:

No evidence of the supposed "threats of violence" referenced on their the sign have been offered to the public. And then there's the rich irony of their complaints about breaches of privacy, etc. Given the section above detailing HBGary's intentions until caught, and the specific targets they had drawn on me and members of my family (who have nothing to do with my work or advocacy), you can imagine I have little sympathy for their complaints, whatever legitimacy they may or may not have.

Bar Complaints & Media Failures

Greenwald was interviewed by MSNBC's Dylan Ratigan in a podcast earlier this week (audio and transcript here) and discussed the likelihood of complaints being filed with the D.C. Bar Association against the three key attorneys who appear to have been coordinating this campaign at Hunton & Williams, as just one way possible way to begin to see some sort of accountability in this matter.

As Salon's Justin Elliot has now reported publicly on VR's intention to file such a complaint, I can also confirm that such an effort is moving forward, both by the organizations targeted in these schemes, as well as some of the individuals who were personally targeted, as Greenwald hinted in his interview with Ratigan.

As Hunton & Williams has yet to offer any comment on any of this, in any way (while the other parties have offered comments, usually completely disingenuous ones playing off HBGary as the only bad guy --- see "Damage Control" section of my Monday report), a bar complaint would at least require the attorneys to respond in writing, on the public record, to the allegations.

Where such an effort might go thereafter, whether the information could be helpful in either a criminal case or civil complaint, or whether it could help lead to disbarment of the three high-priced attorneys (H&W reportedly received $1.1 million from the Chamber in 2009), remains to be seen. But as H&W was clearly a key lynchpin of both the Chamber and BofA plots, they need to be called on the carpet in a way that media and law enforcement and general public shame have failed to do up until now.

Happily, legal journals are beginning to focus on the machinations of H&W's attorneys in this sordid affair. The National Law Journal's David Ingram wrote about H&W's role in these schemes this week, and the "huge gains" they'd hoped to see from them. Debra Cassens Wiess at The American Bar Association's ABAJournal also reported on the "Plans for a 'dirty-tricks-style-campaign' against the Chamber critics" that H&W were engaging in.

The ABAJournal report, however, just like the Los Angeles Times' report on this yesterday, and the Washington Post's report earlier this week --- but unlike Ingram's article at National Law which is accurate on this point --- all misreport on the amount of the proposed Chamber contract.

As we noted as long ago as Monday, the contract discussions were for $2 million per month, for six months, for a total of $12 million dollars --- not merely a $2 million contract as the three outlets mentioned continue to misreport.

While there was a Team Themis proposal drawn up for H&W [PDF] referencing the $2 million figure on November 15, 2010. A subsequent email from Aaron Barr on November 16, made clear that that figure was meant to be per month, as we highlighted when we quoted the email last Monday [emphasis added]:

I have been sucked up for the last, seems like almost 2 weeks working the law firm deal. The potential is huge for us. We are starting the pilot this week, 50K effort. After the pilot the end customer gets briefed. We were talking to the senior partner of the law firm on Friday and he wants a firm fixed price by month for 6 months and the figure we have come to settle on is $2M per month for the 3 team members. That will equal $500-$700K for HBG Federal, thats per month. We still need to close it, so I am spending most of my time making sure we blow them away and get the funding.

We notified the editors and reporters (Marc Lifsher at LATimes, Dan Eggen at WaPo) about their error several days ago. Neither has yet bothered to issue a correction to their inaccurate reporting, and so naturally folks at places like ABAJournal continue to reference that inaccuracy for the record.

Surprisingly Decent Media Coverage (if Not Yet on Television)

Happily, the coverage by many in the progressive media and in the tech press --- and even in the legal journals, as noted above --- has been pretty good on this story, as you'll see if you do Google News searches for "Hunton Williams" or, more so, for "HBGary". Even some of the mainstream corporate (and corporate-friendly) outlets have been covering this story, at least a bit. And some of them more than just a bit (the excellent and early coverage by Forbes' Parmy Olson and Andy Greenberg come particularly to mind.)

The exceptional series of reports from Ars Technica on this story must also be mentioned, including their two latest, "Black Ops: How HBGary Wrote Backdoors for the Government" by Nate Anderson and "Anonymous Speaks: The Inside Story of the HBGary Hack" by Peter Bright.

Oddly, even with all of the print and Internet coverage, the story has yet to make its way onto much of the broadcast media, particularly television. I already mentioned Greenwald's podcast with MSNBC's Dylan Ratigan and that I've been doing quite a few lengthy radio interviews over the past week myself.

Here are links to just a few of the many interview appearances I've done for radio and/or podcast this week, if you're interested:

The only television news coverage of note that I'm familiar with, however, is an appearance by Greenwald on Ratigan's MSNBC show, as guest hosted by NPR's Matt Miller, focusing more on the BofA/WikiLeaks angle than the Chamber's smear plot, though that is discussed as well.

Of note in the segment, as posted below, Greenwald mentions his own considerations in the importance of a possible civil action against these bad actors, particularly in the face of the apparent lack of interest (or conflict thereof) by the DoJ. His interests, as mine would be, in exploring the possibilities of such a complaint would be, in no small part, to help "enable discovery, putting people under subpoena and deposition and finding out what really happened here and who's responsible"...





Finally for now, in case you're under the impression that it's only us "alternative" media folks, or aggrieved progressives in the blogosphere or cybertech geeks who are troubled by the enormity of the implications built into this story, I'll leave you with one of the observations from MSNBC's Ratigan (of the mainstream corporate broadcast media) from his audio interview with Greenwald. In response to Glenn's description of the breadth of the smear campaigns being devised against him, me, and a number of others by these very powerful, very elite corporations, Ratigan responds by drawing an important and, I think, appropriate, parallel to Egypt...

DYLAN: Now, you just said, “This is par for the course for what happens in this world.” We’ve spent a lot of time the past few weeks in this country, I think, a lot of people getting educated as to just how abusive and dictatorial and murderous Mubarak’s regime was in Egypt. Mubarak, of course, one of the closest allies of America in the Middle East, a man bank rolled by the American taxpayer for the past 30 years, the tear gas that’s used against the crowd supplied by the Americans, the guns supplied by the Americans that are pointed at the oppressors and the F-16s used to intimidate the protesters, of course, supplied by the U.S. military and bought with U.S. tax dollars. What you’re describing to me sounds like the sort of thing that we would report here at NBC as the dastardly scheme of a Middle Eastern dictator to annihilate the reputations of journalists who disagreed with him...

...

I stopped for just because what you’re --- I’m somebody who is fairly up to speed on a lot of this and certainly tries to keep his eyes open as to what is real as opposed to what I want to believe is real or what I’m told is real. But this is about as disturbing as anything that I’ve heard in this country in recent memory.

It goes without saying, I suspect, that I completely concur with Ratigan's assessment.

* * *

Previously related at The BRAD BLOG:



