Tuesday, February 28, 2012

Anonymous, WikiLeaks, and Stratfor: Sealed Indictment or Radioactive Leak?

In late December 2011, Anonymous hacked the website of Stratfor, a research and analysis company popular with students and journalists for its free newsletters providing perspective on current events, as well as in-depth and custom reports for paid subscribers.  This was no ordinary Anonymous attack, not just a DDoS to take the site offline temporarily, or a deface to promote an Anonymous video, this hack was a very thorough invasion that stole the entire archive of Stratfor's internal emails, as well as the credit card details of its paid subscribers.  Anonymous then used the credit cards to make a flamboyant series of donations to charity, supposedly totaling $1 million, as part of what they called "Op Robin Hood."  Of course this ultimately hurt the charities involved, as they had to not only return the stolen money but pay transaction fees to do so.

The motive for targeting Stratfor was never clear.  At the time, the only explanation offered by Anonymous was a desire to shame Stratfor for being a "security company" with lax security, but Stratfor is not in the business of computer security.  They focus on actual real-world national security, such as threats of war between nations.  Stratfor's policy of making most of its analysis freely available seems like something Anonymous would admire, not see as evil.  Stratfor isn't known for supporting Israel or holding any other political views that might draw Anonymous ire either.  The whole attack seemed like a lot of work and risk for no apparent reason.  Hacking a bank would make more sense for playing Robin Hood, and hacking an actual computer security company would make more sense for an "AntiSec" goal of exposing incompetent security experts.

Anonymous confirmed that they gave the stolen data to WikiLeaks, which announced this week it will release over 5.5 million internal Stratfor emails.  WikiLeaks justified their actions in releasing this stolen (not leaked) data by calling Stratfor a "shadow CIA," much to the amusement of pretty much everyone who has ever read Stratfor's newsletters.  WikiLeaks' release of these emails at first seemed like Anonymous throwing them a bone, giving them their first major release since the arrest of Bradley Manning, just a desperate bid to remain relevant.

Today, however, a very compelling reason emerged for Julian Assange to want the Stratfor emails: one of the emails allegedly contains a statement, made by a Stratfor employee in January 2011, that the company has a copy of a sealed indictment from a US grand jury charging Assange with crimes.  The existence of such an indictment has never been confirmed, though many people believe there probably is one, given Assange's alleged involvement with Manning's massive data theft.

The likelihood of Stratfor being privy to such an indictment, if it exists, is debatable, but judging by the excited tweets from the @WikiLeaks Twitter account, it seems clear that WikiLeaks staff completely believe the indictment does exist and Stratfor has a copy.  The question now is, when did WikiLeaks come to believe this, before or after the hack?  Eleven months certainly seems like enough time for such a sensational piece of information to make its way from the email recipient to Assange, and for a hack to be planned and carried out.

Is this the ultimate scoop, a random hack that just happened to reveal that a source within the US government is secretly sharing sealed court documents from the most high-profile espionage case of the century with a private think tank, apparently simply so they could gloat about it in one email?  Or is it more likely that a Stratfor employee emailed someone this shocking tidbit as part of their known strategy of sometimes giving false information to people they suspect of being leaks, referred to within the company as a "barium meal"?

Could it be that this particular "barium meal" provided the motive for hacking Stratfor?  What would you do if you were Julian Assange, and you heard through the grapevine that Stratfor had a copy of your indictment, or at least detailed discussions about it, sitting on their less-than-impervious servers?  Would you call on your old pals Anonymous to help you get it?

It's too soon to know what really happened, but it seems like a leak (whether true or false) about Stratfor holding a copy of Assange's indictment would finally provide a plausible motive for a hack that never made sense before.