Australian Federal Police Partnerships and cybercrime.
I Given the recent revelation of criminal activity by a group of US companies working under the name Team Themis I wondered if the same thing could happen here. According to this document:
Team Themis key players and relationships (via Firedoglake, click image.)
a relationship between Team Themis and US Govt may have been conducted via Booz Allen, and with the US CoC via Hunton and Williams.
The AFP have an interest in partnering with this sort of company. (From the AFP media centre, via the first link following.)
“Strategic and effective partnerships, and ongoing consultation, with the community and the private sector will be absolutely essential to the success of the strategy. Commissioners have recognised that such partnerships must be genuine, mutual and cooperative.”
“The private sector is already playing a significant role in the investigation of fraud etc. against large companies, however, the broader private sector* also has a key role in preventing e-crime and computer security incidents and ensuring that appropriate risk management strategies are adopted to protect key business systems.”
It also needs to be recognised that law enforcement may have to rely on the private sector to assist with what has previously been perceived as traditional police work. For instance, it may be necessary to give serious consideration to police/private sector alliances in areas such as forensic computing to optimise the capacity of both the private sector and law enforcement,” Commissioner Palmer said.
I’m not suggesting the AFP condones the sort of bollocks thats emerged over the last fortnight, in fact I imagine it would horrify them to be associated with such greed driven stupidity and incompetence. However the public would never have learned of all this, except for the actions of anonymous in counter attacking HBGary federal and their associates then releasing the information they gained to the public.
Some may question the morality or leality of anonymous’ actions, but lets remember the context. Aaron Burr of HBGary appeared to be about to meet with the FBI to sell information to them. This info appears to be inaccurate, so where does that leave Barr? Were his actions deliberately fraudulent?
Without the actions of anonymous and others this may never have come to light.
What guarantee do we or the AFP have that some of their proposed partners from the private sector won’t show the same levels of (at the very least) incompetence?
* Peter Thiel, who spoke on the wikileaks talk linked previously has been linked to the foundation of Team Themis, he was a founder of Planatir Technologies, a key member.
update:
This is (possibly was) the searchable database of HBGary fed emails.
http://hbgary.operationfreedom.ru/
I can’t access it at the moment, and I dunno why.
(3 hours pass)
It seems that link is gone.
Here are some mirror sites:
(Thanks Plutonia)
update:
Slightly related is the story of Ray Davis, the (alleged) CIA agent who shot and killed 2 (alleged) ISI operatives who appear to have been following him in Pakistan. There has been plenty of noise about this but the two most interesting points are his potential connection with the Drone attacks, and more relevant to this post, the allegation that he was working for another private security company, Xe (formerly known as Blackwater.)
Hole in a Mountain 
Heya Jules.
Good job on the story. You put as lot of work into that. I believe one of the biggest issues with this cyber crime and the paranoia of the public and private sector is jurisdiction, as stated in your AFP link.
A hacker would have to be mad, dumb, damn good or to the point of not caring of the consequences to hack someone in their own country. I guess that is why the chinese and russian hacking teams are so successful. Because not only are they able to hack or impliment phishing scams without the worry of the AFP o FBI rocking up on their doorsteps, but their governments probably cover for them and in some cases even assist them in some capacity. Like cyber black ops that work in front groups, taking down or disrupting their political and economic enemies.
Like Chechnya, Kosovo, the middle east, estonia and georgia.
Click to access BlackHat-Japan-08-Geers-Cyber-Warfare-Whitepaper.pdf
http://www.computerworld.com/s/article/9112443/Russian_hacker_militia_mobilizes_to_attack_Georgia
Russia and China might not pack the military punch that the US has, but they make up for it in cyber warfare. Which is probably why for that reason and because of recent events in Egypt and their internet blackout, that the USA wants a kill switch of their own.
http://www.associatedcontent.com/article/7711126/president_obama_could_be_given_an_internet.html
In the event of the US declaring war on a not so easy target like they have the last few decades, cyber hackers would immediately try to disrupt or destroy as much infrastructure as quickly as possible through the net.
This business of contracting private contractors HBGary etc, to wage war on wikileaks and others to defend these corporations so as to prevent the public finding out what they are really up to and where all the bodies are buried is desperate stuff. Anonymous seems to have created an unspoken alliance with wikileaks as they both have similar goals.
In my opinion the USA is way behind in the cyber warfare stakes and case in point is the HBGary hack. This not only means that these private security firms are not up to the task, but the military, NSA, CIA and FBI have not been successful in either recruiting or keeping hackers they have taken under their wings. The DEFCON hacking event http://en.wikipedia.org/wiki/DEF_CON is a known recruiting spot for the US and the private sector.
I believe the AFP and ASIO would have some sort of white hat hackers or “security experts” . But it would pale in significance to anything overseas.
Cheers Phil, actually tho, a couple of other did a lot of the leg work finding those links on a discussion forum. You can get to it via the Jeff Wells link in the blog roll.
The thing about alot of that overseas security stuff is the way it operates on a multinational level. Have a look at who runs Australian private prisons and detention centres, and especially back in the middle of Howards reign. You’re right that they’d pale into insignificance compared to the overseas stuff.
Thats the big problem with these private security companies, like HBGary and Palantir and the myriad others, even ones as powerful as Xe, formerly Blackwater. There’s a massive market there, not just in the US – lots of govts know their security forces aren’t able to deal with the threat. Its easy to see the AFP looking at companies like the ones in the US, and thinking they are competent. Thats scary given their potential power.
But its also scary cos really, how up to it are they? Apparantly HBGary was hacked by a 16 yr old kid. Its a joke but it has some scary implications as far as managing power in a free society via transparency and accountability.
Onya Jules, i share your concerns.
Whatever i might think about how careful the AFP are, what i fear more is the AFP accepting the paperwork/warrants for foriegn agencies. Look at (iirc) Bernard Keane from Crikey getting named by HB Gary as a member of Anonymous – its merely funny for him, but if he was a muslim who had recently visited Indonesia he’d be renditioned and on his way to Bhagram for some not-torture in days.
Cheers liam.
You are right about the real dangers of incompetent clowns like Aaron Barr. He was prepared to sell info about alleged members of anonymous to the FBI – well thats the allegation from everyone else.
That could well have resulted in B. Keane ending up on a list or with a visit from ASIO or the AFP. And even if he got raided as a result, and the agencies involved were satisfied he wasn’t involved, it would probably be under the aegis of the Anti Terror legislation which means he goes to prison for 5 years if he mentions it to anyone.
So even tho Barr is a laughing stock (one of his alleged members of anon was apparantly an IRC admin bot know as “Q”,) this is definitely no laughing matter.
The stuff that is coming out of these hacked HBGary emails is just amazing.
http://www.dailykos.com/story/2011/02/16/945768/-UPDATED:-The-HB-Gary-Email-That-Should-Concern-Us-All
Can’t wait for more of these emails. Koch, Bank of America & others are probably in a war room meeting right now.
Phil, I tried to check what used to be the searchable database of HBGary emails, and updated the post with the link (which I must have forgotten originally. There were so many links tho.)
I’m in the process of tracking down access to them again.
Try that link tho, it might work for you, and it should work from a proxy overseas, provided it hasn’t been permanantly barfed. It was fine a couple of days ago, maybe its on an ACMA list or something.
I can’t believe people are so ho hum about this story. To me, it’s a friggin big deal and has massive ramifications and implications.
However the public would never have learned of all this
Funny that. This convergence between the corporate world and the state especially the security/military/law enforcement aspect of the state is the single worst threat to democracy and liberty early in the 21st century and hardly anyone makes a fuss.