Operatives within the hacking collective Anonymous called the Christmas weekend release of data pertaining to customers of security firm Stratfor one of the biggest endeavors the group has ever undertaken.
For the insiders at Strategic Forecasting Inc. that thought their troubles were coming to a close already, however, they might not want to count their blessings just yet. Hackers are still on the prowl and the firm is warning their clients to keep quiet lest they want to risk further attacks.
Over the weekend, hacktivists with Anonymous released the names and credit card details of Stratfor clients, a move that Anon operative Barrett Brown says in a statement was made not just to make that information public, but rather an attempt at revealing nearly 3 million online contacts that have corresponded with the firm, known as a top-secret dealer of American intelligence.
“This wealth of data includes correspondence with untold thousands of contacts who have spoken to Stratfor's employees off the record over more than a decade,” writes Brown. Those contacts, he says, link Stratfor with major corporations and military contractors and government agencies that have been of interest to the group since February 2011 — a fascination, he writes, the spawned due to “among many other things, a widespread conspiracy by the Justice Department, Bank of America and other parties to attack and discredit WikiLeaks and other activist groups.”
“Since that time,” he adds, “many of us in the movement have dedicated our lives to investigating this state-corporate alliance against the free information movement. For this and other reasons, operations have been conducted against Booz Allen Hamilton, Unveillance, NATO and other relevant institutions.”
Following the document dump on Saturday, Stratfor quickly reported the attack to its customers and warned them that their personal data could be in jeopardy; In the days since, the firm has followed through with its clients and letting them know that they aren’t exactly in the clear yet.
Stratfor first posted on their Facebook of the hack on Sunday afternoon, apologizing to customers and insuring them that a formal investigation was beginning to help make sense of the matter. As the news quickly made its way around the web, Stratfor followed up hours later by warning their clients through the social networking site that speaking out against the responsible hackers could do more harm than good.
“It's come to our attention that our members who are speaking out in support of us on Facebook may be being targeted for doing so and are at risk of having sensitive information repeatedly published on other websites. So, in order to protect yourselves, we recommend taking security precautions when speaking out on Facebook or abstaining from it altogether,” the firm followed up with.
By the time Stratfor had issued that warning, 860,000 usernames, 75,000 credit card accounts and millions of email addresses were hacked. The firm quickly went on the record to downplay the attack and dismiss it as not an infiltration on its private clients as Anonymous operatives insisted. Technology commentator Colin Jackson tells Radio New Zealand, however, that no matter what kind of clientele was victimized by Anonymous in this case, it must be "really, really embarrassing for Stratfor."
Stratfor "has made a press statement saying 'oh, this kind of thing happens to everybody and it's pretty hard to keep these guys out.' Yeah, right, well, you are supposed to be security experts," Jackson adds.
Given Anonymous’ tendency to continue with a kill until their prey is all but pulverized, the onslaught against Stratfor is almost sure to continue in one form or another. In a follow up to the attack, operative Barrett Brown returned to the Web to offer more insight as to why the attack was carried out.
“Although Stratfor is not necessarily among the parties at fault in the larger movement against transparency and individual liberty, it has long been a ‘subject of interest’ in our necessary investigation,” he writes. “The e-mails obtained before Christmas Day will vastly improve our ability to continue that investigation and thereby bring to light other instances of corruption, crime and deception on the part of certain powerful actors based in the US and elsewhere.”
Adds the operative, “Unlike the various agents of the US Government, the hacking team that obtained this information did not break down the doors of the target, point guns at children, and shoot down any dogs that might have been present; Anonymous does not resort to SWAT tactics, and this is simply one of many attributes that separate the movement from the governments that have sought to end our campaign and imprison our participants. Of course, such points as these will not prevent our movement from being subjected to harsher scrutiny than is given to those governments which are largely forgiven their more intrusive tactics by virtue of their status as de facto holders of power in a world that has long been governed in accordance with the dictate that might makes right.”
Brown adds to RT, however, that Stratfor’s course of action to assure their customer’s safety was handled well in the aftermath.
“That warning may be intended to turn the focus onto alleged wrongdoing by those who support Anonymous, in which case it worked well enough to prompt a few major news stories,” he tells RT. “Or, it may actually be a well-intentioned effort to prevent any hardship for their customers. If it's the latter, it's a very ethical course to take, and in such case they shouldn't be criticized for choosing that course over a pretended ability to protect their customers in an unusual and fast-moving situation.”
The attack on Stratfor is only the latest in a string of hacks waged at supporters of what operatives say are colossal attacks on freedom and the flow of information. As the Stop Online Piracy Act and National Defense Authorization Act for Fiscal Year 2012 made their way through Congress earlier this month, activists against the legislation have launched similar campaigns to take down congressman and corporate sponsors that supported the bills. While those attacks seem far from over, Barrett Brown adds to RT that Strafor’s clients shouldn’t be worried of a follow-up strike. For the Anon operative, he tells RT that the firm’s clients “should not be concerned for their safety at all; nothing further will happen to them.”
“It is any of their past e-mail correspondents who might have revealed information that could come back to haunt them who should be concerned for their reputations in such cases, as they might be shown to be culpable for anything that negatively affects the public,” he says.
On his Twitter account, Brown says that "The Stratfor operation may yield the most revelatory trove of information ever seized by Anonymous," and updated followers on Tuesday that the previously reported tally of 2.5 million email accounts linked to Stratfor by the hackers had increased to over 3.3 million.