Welcome And A Good ------ ------ There Are Enjoying Hardcore News! ------ Thank You For Visiting The Hardcore News Web Site! ------ The Most Comprehensive Global News On The Internet! ------ Your , Area's Most Updated News In The , AND THE WORLD! ------ PLEASE NOTE: Hardcore News Is Best If Used With Firefox Or Google Chrome Gecko Type Browser: ------ Hardcore News Web Site Is Best Using A Screen Setting Of 1024 X 768 Or Higher... ------ Your Current IP Address Is From Internet Provider ... This is All We Know About You, Ever Wonder What Kind Of Information Other Web Sites Could Get From Your Computer?... PLEASE BE CAREFUL Who You Share Information With Online! ------ By submitting personal information to any U.S. website, you are consenting that your information is being maintained and or being used here in the United States, is subjected to applicable U.S. laws. Thus... U.S. law may be different than the laws of your home country. ------ Hardcore News IS SAFE! We Never Track Your Moves Or Sell Your Information. ------ The Only Bull-Sh-t On This Site Is The Propaganda! ------ Stay Informed With The Hardcore News ------ All News is AUTO-UPDATED - AUTO-GENERATED Via Keyword Search Terms And Use Of RSS Based News Feeds And Tabbed Headlines On One Page ------ News From Over 40 Reliable News Sources, Even The News Your Not Supposed To Know! ------ PROVIDING UP TO THE MINUTE NEWS With LIVE Video Feeds FROM AROUND THE WORLD! ------ OUR NEWS IS ALWAYS FRESH DIRECTLY FROM THE SOURCE! ------ Again Thank You For Visiting The Hardcore News ------ If You Like This Project And Would Like To See & Help It Grow, Please Consider Donating What Ever You Can By Secure PayPal CLICK HERE ------ Please make a gift to Hardcore News today. Your continued support will ensure that Hardcore News is here reporting THE TRUTH, for a long time to come. It's fast, easy and secure. And Thank You, ------ Only YOU Can Make This Project Worth While! ------ Again Thank You For Visiting The Hardcore News ------
Hardcore Main Stream News Headlines
Top Stories

Mid East Watch

Politics

Tech News

Entertainment

Sports News


Monday, July 11, 2011

Anonymous shares 90,000 military email addresses


Anonymous' page on The Pirate Bay file-sharing site.

Hacking group Anonymous said Monday it infiltrated a server belonging to military consulting firm Booz Allen Hamilton and made available approximately 90,000 military email addresses online.
The hack was the second in the past week to target major companies doing business with the federal government. Late last week, Anonymous shared databases and emails it said it obtained by hacking the website of IRC Federal, a company that contracts with federal government agencies, including the FBI and the U.S. Department of Defense, for information management services.
"In this line of work, you'd expect them (to have a) state-of-the-art battleship, right? Well you may be as surprised as we were when we found their vessel being a puny wooden barge," Anonymous said on The Pirate Bay file-sharing website. "We infiltrated a server on their network that basically had no security measures in place."
A Booz Allen spokesman contacted by msnbc.com declined to comment, steering a reporter to thecompany's Twitter account, where the company posted this: "As part of @BoozAllen security policy, we generally do not comment on specific threats or actions taken against our systems."
Anonymous said that in addition to the email accounts and encrypted passwords it obtained:
...We found some related (data) on different servers we got access to after finding credentials in the Booz Allen System. We added anything which could be interesting. And last but not least we found maps and keys for various other treasure chests buried on the islands of government agencies, federal contractors and shady whitehat companies. This material surely will keep our blackhat friends busy for a while.
The loose collective of hackers also posted an "invoice" to Booz Allen for its work, a "bill" of $310. The total, the group said, is based on four hours of "man power, $40; network auditing, $35; Web-app auditing, $35; network infiltration, $0; password and SQL dumping, $200; decryption of data, $0; and media and press, $0."
These asterisks to the "amounts" added double salt: "Price is based on the amount of effort required ... price is based on the amount of badly secured data to be dumped, which in this case was a substantial figure ... no security in place, no effort for intrusion needed."
Anonymous gained notoriety for its denial-of-service attacks on Visa and MasterCard late last year. Those attacks were retribution, Anonymous said, because the companies halted online donations during the WikiLeaks controversy, blocking contributions to Bradley Manning, the accused document leaker now in custody.
http://technolog.msnbc.msn.com/_news/2011/07/11/7061036-anonymous-shares-90000-military-email-addresses


Obama and the Sinister Cyber-Surveillance Grifters
Security Grifters Partner-Up on Sinister Cyber-Surveillance Project
by Tom Burghardt l Antifascist Calling



Last week, the White House released its National Strategy for Counterterrorism, a macabre document that places a premium on "public safety" over civil liberties and constitutional rights. Indeed, "hope and change" huckster Barack Obama had the temerity to assert that the President "bears no greater responsibility than ensuring the safety and security of the American people."

Pity that others, including CIA "black site" prisoners tortured to death to "keep us safe" (some 100 at last count) aren't extended the same courtesy as The Washington Post reported last week.

As Secrecy News editor Steven Aftergood correctly points out, the claim that the President "has no greater responsibility than 'protecting the American people' is a paternalistic invention that is historically unfounded and potentially damaging to the political heritage of the nation."

Aftergood avers, "the presidential oath of office that is prescribed by the U.S. Constitution (Art. II, sect. 1) makes it clear that the President's supreme responsibility is to '...preserve, protect, and defend the Constitution of the United States.' There is no mention of public safety. It is the constitutional order that the President is sworn to protect, even if doing so entails risks to the safety and security of the American people."

But as our former republic slips ever-closer towards corporate dictatorship, Obama's mendacious twaddle about "protecting the American people," serves only to obscure, and reinforce, the inescapable fact that it's a rigged game.



Rest assured, "what happens in Vegas," Baghdad, Kabul or Manama--from driftnet spying to political-inspired witchhunts to illegal detention--won't, and hasn't, "stayed in Vegas."

Cyber Here, Cyber There, Cyber-Surveillance Everywhere

Last month, researcher Barrett Brown and the OpMetalGear network lifted the lid on a new U.S. Government-sponsored cyber-surveillance project, Romas/COIN, now Odyssey, a multiyear, multimillion dollar enterprise currently run by defense and security giantNorthrop Grumman.

With some $10.8 billion in revenue largely derived from contracts with the Defense Department, Northrop Grumman was No. 2 on the Washington Technology 2011 Top 100 List of Prime Federal Contractors.

"For at least two years," Brown writes, "the U.S. has been conducting a secretive and immensely sophisticated campaign of mass surveillance and data mining against the Arab world, allowing the intelligence community to monitor the habits, conversations, and activity of millions of individuals at once."

Information on this shadowy program was derived by scrutinizing hundreds of the more than 70,000 HBGary emails leaked onto the web by the cyber-guerrilla collective Anonymous.

Brown uncovered evidence that the "top contender to win the federal contract and thus take over the program is a team of about a dozen companies which were brought together in large part by Aaron Barr--the same disgraced CEO who resigned from his own firm earlier this year after he was discovered to have planned a full-scale information war against political activists at the behest of corporate clients."

Readers will recall that Barr claimed he could exploit social media to gather information about WikiLeaks supporters in a bid to destroy that organization. Earlier this year, Barr told the Financial Times he had used scraping techniques and had infiltrated WikiLeaks supporter Anonymous, in part by using IRC, Facebook, Twitter and other social media sites.

According to emails subsequently released by Anonymous, it was revealed that the ultra rightist U.S. Chamber of Commerce had hired white shoe law firmHunton & Williams, and that Hunton attorneys, upon recommendation of an unnamed U.S. Department of Justice official, solicited a set of private security contractors--HBGary, HBGary Federal, Palantir and Berico Technologies (collectively known as Team Themis)--and stitched-up a sabotage campaign against WikiLeaks, journalists, labor unions, progressive political groups and Chamber critics.

Amongst the firms who sought to grab the Romas/COIN/Odyssey contract from Northrop when it came up for a "recompete" was TASC, which describes itself as "a renowned provider of advanced systems engineering, integration and decision-support services across the intelligence, defense, homeland security and federal markets."

According to Bloomberg BusinessWeek, TASC's head of "Cybersecurity Initiatives," Larry Strang, was formerly a Vice President with Northrop Grumman who led that firm's Cybersecurity Group and served as Northrop's NSA Account Manager. Prior to that, Strang, a retired Air Force Lt. Colonel, was Vice President for Operations at the spooky Science Applications International Corporation (SAIC).

Brown relates that emails between TASC executives Al Pisani, John Lovegrow and former HBGary Federal CEO Aaron Barr, provided details that they "were in talks with each other as well as Mantech executive Bob Frisbie on a 'recompete' pursuant to 'counter intelligence' operations that were already being conducted on behalf of the federal government by another firm, SAIC, with which they hoped to compete for contracts."

In fact, HBGary Federal and TASC may have been cats-paws for defense giant ManTech International in the race to secure U.S. Government cyber-surveillance contracts. Clocking in at No. 22 on Washington Technology's "2011 Top 100 list," ManTech earned some $1.46 billion in 2010, largely derived from work in "systems engineering and integration, technology and software development, enterprise security architecture, intelligence operations support, critical infrastructure protection and computer forensics." The firm's major customers include the Defense Department, Department of Homeland Security, the Justice Department and the Defense Advanced Research Projects Agency (DARPA), the Pentagon's geek squad that is busily working to develop software for their Cyber Insider Threat (CINDER) program.

Both HBGary Federal and parent company HBGary, a California-based security firm run by the husband-wife team, Greg Hoglund and Penny Leavy, had been key players for the design of malware, undetectable rootkits and other "full directory exfiltration tools over TCP/IP" for the Defense Department according to documents released by the secret-shredding web site Public Intelligence.

Additional published documents revealed that they and had done so in close collaboration with General Dynamics (Project C and Task Z), which had requested "multiple protocols to be scoped as viable options ... for VoIP (Skype) protocol, BitTorrent protocol, video over HTTP (port 80), and HTTPS (port 443)" for unnamed secret state agencies.

According to Brown, it appears that Romas/COIN/Odyssey was also big on social media surveillance, especially when it came to "Foreign Mobile" and "Foreign Web" monitoring. Indeed, documents published by Public Intelligence (scooped-up by the HBGary-Anonymous hack) was a ManTech International-HBGary collaboration describing plans for Internet Based Reconnaissance Operations. The October 2010 presentation described plans that would hand "customers," presumably state intelligence agencies but also, as revealed by Anonymous, corporate security entities and public relations firms, the means to perform "native language searching" combined with "non-attributable architecture" and a "small footprint" that can be "as widely or narrowly focused as needed."

ManTech and HBGary promised to provide customers the ability to "Locate/Profile Internet 'Points of Interest'" on "individuals, companies, ISPs" and "organizations," and would do so through "detailed network mapping" that will "identify registered networks and registered domains"; "Graphical network representation based on Active Hosts"; "Operating system and network application identification"; "Identification of possible perimeter defenses" through "Technology Research, Intelligence Gap Fill, Counterintelligence Research" and "Customer Public Image Assessment."

The presentation described the social media monitoring process as one that would "employ highly skilled network professionals (read, ex-spooks and former military intelligence operatives) who will use "Non-attributable Internet access, custom developed toolsets and techniques, Native Language and in-country techniques" that "utilize foreign language search engines, mapping tools" and "iterative researching methodologies" for searching "Websites, picture sites, mapping sites/programs"; "Blogs and social networking sites"; "Forums and Bulletin Boards"; "Network Information: Whois, Trace Route, NetTroll, DNS"; "Archived and cached websites."

Clients who bought into the ManTech-HBGary "product" were promised "Rapid Non-attributable Open Source Research Results"; "Sourced Research Findings"; "Triage level Analysis"; "Vulnerability Assessment" and "Graphical Network and Social Diagramming" via data mining and extensive link analysis.

Undoubtedly, readers recall this is precisely what the National Security Agency has been doing since the 1990s, if not earlier, through their electronic communications intercept program Echelon, a multibillion Pentagon project that conducted corporate espionage for American multinational firms as researcher Nicky Hager revealed in his 1997 piece for CovertAction Quarterly.

Other firms included in Lovegrove's email to Barr indicate that the new Romas/COIN/Odyssey "team" was to have included: "TASC (PMO [Project Management Operations], creative services); HBGary (Strategy, planning, PMO); Akamai (infrastructure); Archimedes Global (Specialized linguistics, strategy, planning); Acclaim Technical Services (specialized linguistics); Mission Essential Personnel (linguistic services); Cipher (strategy, planning operations); PointAbout (rapid mobile application development, list of strategic partners); Google (strategy, mobile application and platform development--long list of strategic partners); Apple (mobile and desktop platform, application assistance--long list of strategic partners). We are trying to schedule an interview with ATT plus some other small app developers."

Recall that AT&T is the NSA's prime telecommunications partner in that agency's illegal driftnet surveillance program and has been the recipient of "retroactive immunity" under the despicable FISA Amendments Act, a law supported by then-Senator Barack Obama. Also recall that the giant tech firm Apple was recently mired in scandal over reports that their mobile phone platform had, without their owners' knowledge or consent, speared geolocational data from the iPhone and then stored this information in an Apple-controlled data base accessible to law enforcement through various "lawful interception" schemes.

"Whatever the exact nature and scope of COIN," Brown writes, "the firms that had been assembled for the purpose by Barr and TASC never got a chance to bid on the program's recompete. In late September, Lovegrove noted to Barr and others that he'd spoken to the 'CO [contracting officer] for COIN'." The TASC executive told Barr that "the current procurement approach" was cancelled, citing "changed requirements."

Apparently the Pentagon, or other unspecified secret state satrapy told the contestants that "an updated RFI [request for information]" will be issued soon. According to a later missive from Lovegrove to Barr, "COIN has been replaced by a procurement called Odyssey." While it is still not entirely clear what Romas/COIN or the Odyssey program would do once deployed, Brown claims that "mobile phone software and applications constitute a major component of the program."

And given Barr's monomaniacal obsession with social media surveillance (that worked out well with Anonymous!) the presence of Alterian and SocialEyez on the procurement team may indicate that the secret state is alarmed by the prospect that the "Arab Spring" just might slip from proverbial "safe hands" and threaten Gulf dictatorships and Saudi Arabia with the frightening specter of democratic transformation.

Although the email from TASC executive Chris Clair to John Lovegrow names "Alterion" as a company to contact because of their their "SM2 tool," in all likelihood this is a typo given the fact that it is the UK-based firm "Alterian" that has developed said SM2 tool, described on their web site as a "business intelligence product that provides visibility into social media and lets you tap into a new kind of data resource; your customers' direct thoughts and opinions."

This would be a highly-profitable partnership indeed for enterprising intelligence agencies and opaque corporate partners intent on monitoring political developments across the Middle East.

In fact, a 2010 press release, announced that Alterian had forged a partnership with the Dubai-based firm SocialEyez for "the world's first social media monitoring service designed for the Arab market."

We're informed that SocialEyez, a division of Media Watch Middle East, described as "the leading media monitoring service in the Middle East," offers services in "television, radio, social media, online news and internet monitoring across most sectors including commercial, government and PR."

That Barr and his partners were interested in bringing these firms to the Romas/COIN table is not surprising considering that the Alterian/SocialEyez deal promises "to develop and launch an Arabic language interface for Alterian SM2 to make it the world's first Arab language social media monitoring tool." Inquiring minds can't help but wonder which three-lettered American agencies alongside a stable of "corporate and government clients, including leading Blue Chips" might be interested in "maximising their social media monitoring investment"?

Pentagon "Manhunters" in the House

On an even more sinister note, the inclusion of Archimedes Global on the Romas/COIN team should set alarm bells ringing.

Archimedes is a small, privately-held niche security firm headquartered in Tampa, Florida where, surprise, surprise, U.S. Central Command (USCENTCOM) has it's main headquarters at the MacDill Air Force Base. On their web site, Archimedes describes itself as "a diversified technology company providing energy and information solutions to government and businesses worldwide." The firm claims that it "delivers solutions" to its clients by "combining deep domain expertise, multi-disciplinary education and training, and technology-enabled innovations."

While short on information regarding what it actually does, evidence suggests that the firm is chock-a-block with former spooks and Special Forces operators, skilled in the black arts of counterintelligence, various information operations, subversion and, let's be frank, tasks euphemistically referred to in the grisly trade as "wet work."

According to The Washington Post, the firm was established in 2005. However, although the Post claims in their "Top Secret America" series that the number of employees and revenue is "unknown," Dana Priest and William M. Arkin note that Archimedes have five government clients and are have speared contracts relating to "Ground forces operations," "Human intelligence," Psychological operations," and "Specialized military operations."

Brown relates that Archimedes was slated to provide "Specialized linguistics, strategy, planning" for the proposed Romas/COIN/Odyssey project for an unknown U.S. Government entity.

Based on available evidence however, one can speculate that Archimedes may have been chosen as part of the HBGary Federal/TASC team precisely because of their previous work as private contractors in human intelligence (HUMINT), running spies and infiltrating assets into organizations of interest to the CIA and Joint Special Operations Command (JSOC) throughout the Middle East, Central- and South Asia.

In 2009, Antifascist Calling revealed that one of Archimedes Global's senior directors, retired Air Force Lt. Colonel George A. Crawford, published a chilling monograph, Manhunting: Counter-Network Organizing for Irregular Warfare, for the highly-influential Joint Special Operations University (JSOU) at MacDill Air Force Base in Tampa.

JSOU is the "educational component" of United States Special Operations Command (USSOCOM). With a mission that touts its ability to "plan and synchronize operations" against America's geopolitical adversaries and rivals, JSOU's Strategic Studies Department "advances SOF strategic influence by its interaction in academic, interagency, and United States military communities."

Accordingly, Archimedes "information and risk" brief claim they can solve "the most difficult communication and risk problems by seeing over the horizon with a blend of art and science." And with focus areas that include "strategic communications, media analysis and support, crisis communications, and risk and vulnerability assessment and mitigation," it doesn't take a rocket scientist to infer that those well-schooled in the dark art of information operations (INFOOPS) would find a friendly home inside the Romas/COIN contract team.

With some 25-years experience "as a foreign area officer specializing in Eastern Europe and Central Asia," including a stint "as acting Air and Defense Attaché to Kyrgyzstan," Crawford brings an interesting skill-set to the table. Crawford writes:

Manhunting--the deliberate concentration of national power to find, influence, capture, or when necessary kill an individual to disrupt a human network--has emerged as a key component of operations to counter irregular warfare adversaries in lieu of traditional state-on-state conflict measures. It has arguably become a primary area of emphasis in countering terrorist and insurgent opponents. (George A. Crawford, Manhunting: Counter-Network Organization for Irregular Warfare, JSOU Report 09-7, The JSOU Press, Hurlburt Field, Florida, September 2009, p. 1)


Acknowledged manhunting masters in their own right, the Israeli settler-colonial security apparat have perfected the art of "targeted killing," when they aren't dropping banned munitions such as white phosphorus on unarmed, defenseless civilian populations or attacking civilian vessels on the high seas.

Like their Israeli counterparts who come highly recommended as models of restraint, an American manhunting agency will employ similarly subtle, though no less lethal, tactics. Crawford informs us:

When compared with conventional force-on-force warfare, manhunting fundamentally alters the ratio between warfare's respective firepower, maneuver, and psychological elements. Firepower becomes less significant in terms of mass, while the precision and discretion with which firepower is employed takes on tremendous significance, especially during influence operations. Why drop a bomb when effects operations or a knife might do? (Crawford, op. cit., p. 11, emphasis added)


Alongside actual shooters, "sensitive site exploitation (SSE) teams are critical operational components for Pentagon "manhunters." We're told that SSE teams will be assembled and able to respond on-call "in the event of a raid on a suspect site or to conduct independent 'break-in and search' operations without leaving evidence of their intrusion." Such teams must possess "individual skills" such as "physical forensics, computer or electronic exploitation, document exploitation, investigative techniques, biometric collection, interrogation/debriefing and related skills."

As if to drive home the point that the target of such sinister operations are the American people and world public opinion, Crawford, ever the consummate INFOOPS warrior, views "strategic information operations" as key to this murderous enterprise. Indeed, they "must be delicately woven into planned kinetic operations to increase the probability that a given operation or campaign will achieve its intended effect."

Personnel skilled at conducting strategic information operations--to include psychological operations, public information, deception, media and computer network operations, and related activities--are important for victory. Despite robust DoD and Intelligence Community capabilities in this area, efforts to establish organizations that focus information operations have not been viewed as a positive development by the public or the media, who perceive government-sponsored information efforts with suspicion. Consequently, these efforts must take place away from public eyes. Strategic information operations may also require the establishment of regional or local offices to ensure dissemination of influence packages and assess their impact. Thus manhunting influence may call for parallel or independent structures at all levels..." (Crawford, op. cit., pp. 27-28, emphasis added)


While we do not as yet have a complete picture of the Romas/COIN/Odyssey project, some preliminary conclusions can be drawn.

"Altogether, then," Brown writes, "a successful bid for the relevant contract was seen to require the combined capabilities of perhaps a dozen firms--capabilities whereby millions of conversations can be monitored and automatically analyzed, whereby a wide range of personal data can be obtained and stored in secret, and whereby some unknown degree of information can be released to a given population through a variety of means and without any hint that the actual source is U.S. military intelligence."

Although Brown's initial research concluded that Romas/COIN/Odyssey will operate "in conjunction with other surveillance and propaganda assets controlled by the U.S. and its partners," with a firm like Archimedes on-board, once information has been assembled on individuals described in other contexts as "radicals" or "key extremists," will they subsequently be made to "disappear" into the hands of "friendly" security services such as those of strategic U.S. partners Bahrain and Saudi Arabia?

We're reminded that "Barr was also at the center of a series of conspiracies by which his own company and two others hired out their collective capabilities for use by corporations that sought to destroy their political enemies by clandestine and dishonest means."

Indeed, "none of the companies involved," Brown writes, have been investigated; a proposed Congressional inquiry was denied by the committee chair, noting that it was the Justice Department's decision as to whether to investigate, even though it was the Justice Department itself that made the initial introductions. Those in the intelligence contracting industry who believe themselves above the law are entirely correct."

Brown warns that "a far greater danger is posed by the practice of arming small and unaccountable groups of state and military personnel with a set of tools by which to achieve better and better 'situational awareness' on entire populations" while simultaneously manipulating "the information flow in such a way as to deceive those same populations."

Beginning, it should be noted, right here at home...

http://www.pacificfreepress.com/news/1-/9119-obama-and-the-sinister-cyber-surveillance-grifters.html



Anonymous Hackers Breach Booz Allen Hamilton, Dump 90,000 Military Email Addresses
Jul. 11 2011 - 3:02 pm | 7,281 views | 0 recommendations | comment
The summer of anti-security rolls on.
As part of the spree of data breaches that the loose hacker movement Anonymous is calling AntiSec, the group announced Monday that it had penetrated a server belonging to the defense contractor Booz Allen Hamilton and released what it claims are 90,000 military email addresses, encrypted passwords and an assortment of data related to other companies and government networks. It also claims to have accessed and deleted four gigabytes of the firm’s source code.
“In [Booz Allen Hamilton's] line of work you’d expect them to sail the seven proxseas with a state-of-the-art battleship, right? Well you may be as surprised as we were when we found their vessel being a puny wooden barge,” reads the group’s statement posted to the Pirate Bay. “We infiltrated a server on their network that basically had no security measures in place.”
Though the passwords included in the leak are scrambled, Anonymous’ statement claims that the passwords are encrypted with an MD5 function that is widely considered to be insecure.
I’ve contacted Booz Allen Hamilton for comment but haven’t yet heard back from the firm. Update: the company writes on its Twitter feed that “as part of @BoozAllen security policy, we generally do not comment on specific threats or actions taken against our systems.”
Anonymous and Anonymous splinter group LulzSec have said that the campaign of attacks they’re calling “AntiSec” is designed to humiliate companies and agencies that fail to adequately protect consumer and employee data. It’s already hit targets ranging from the Arizona State Police to Viacom and Universal Music.
Booz Allen has already been involved in one Anonymous hack earlier this year. When the hacker collective dumped 71,000 emails from the cybersecurity firm HBGary Federal in retaliation for what it interpreted as an attempt to unmask key figures within Anonymous, the emails revealed that HBGary had worked with Booz Allen Hamilton to develop a response plan for Bank of America based on what the bank feared might be an upcoming leak of its internal documents by WikiLeaks. The Anonymous statement also paints the contractor as a revolving door of military-related conflicts of interest, and argues that the firm has been involved in mass surveillance projects.
“You would think the words ‘Expect Us’ would have been enough to prevent another epic security fail, wouldn’t you?,” Anonymous wrote in its statement. “Well, you’d be wrong. And thanks to the gross incompetence at Booz Allen Hamilton probably all military mersonnel of the U.S. will now have to change
their passwords.”
The group ended the statement by invoicing Booz Allen Hamilton $310 for its security audit. “Trolling is our specialty,” it added. “We provide this free of charge.”
It's truly amazing how well anonymous is doing at attacking CIA and other govt. sites without nobody getting caught, truly amazing. This is a intelligence ran operation to force congress to push for stricter internet guidelines.
 
   __| || |__ _____    _____/  |_|__| ______ ____   ____        #antisec   
   \   __   / \__  \  /    \   __\  |/  ___// __ \_/ ___\       #anonops     
    |  ||  |   / __ \|   |  \  | |  |\___ \\  ___/\  \___       #laughing        
   /_  ~~  _\ (____  /___|  /__| |__/____ \ \___ \ \___  |      #at_your       
     |_||_|        \/     \/             \/     \/     \/       #security
                                                                                
/*******************************************************************************
***          MILITARY MELTDOWN MONDAY: MANGLING BOOZ ALLEN HAMILTON          ***
*******************************************************************************/


Hello Thar!

Today we want to turn our attention to Booz Allen Hamilton, whose core business 
is contractual work completed on behalf of the US federal government, foremost 
on defense and homeland security matters, and limited engagements of foreign 
governments specific to U.S. military assistance programs.

So in this line of work you'd expect them to sail the seven proxseas with a 
state- of-the-art battleship, right? Well you may be as surprised as we were 
when we found their vessel being a puny wooden barge.

We infiltrated a server on their network that basically had no security 
measures in place. We were able to run our own application, which turned out to 
be a shell and began plundering some booty. Most shiny is probably a list of 
roughly 90,000 military emails and password hashes (md5, non-salted of course!).
We also added the complete sqldump, compressed ~50mb, for a good measure.

We also were able to access their svn, grabbing 4gb of source code. But this 
was deemed insignificant and a waste of valuable space, so we merely grabbed 
it, and wiped it from their system.

Additionally we found some related datas on different servers we got access to 
after finding credentials in the Booz Allen System. We added anything which 
could be interesting.

And last but not least we found maps and keys for various other treasure chests 
buried on the islands of government agencies, federal contractors and shady 
whitehat companies. This material surely will keep our blackhat friends busy 
for a while.

A shoutout to all friendly vessels: Always remember, let it flow!
#AntiSec

/*******************************************************************************
***                BONUS ROUND: BOOZ ALLEN HAMILTON KEY FACTS                *** 
*******************************************************************************/

For the Lazy we have assembled some facts about Booz Allen. First let's take a 
quick look of who these guys are. Some key personnel:

* John Michael "Mike" McConnell, Executive Vice President of Booz Allen and 
former Director of the National Security Agency (NSA) and former Director of 
National Intelligence.

* James R. Clapper, Jr., current Director of National Intelligence, former 
Director of Defense Intelligence.

* Robert James Woolsey Jr, former Director of National Intelligence and head
of the Central Intelligence Agency (CIA).

* Melissa Hathaway, Current Acting Senior Director for Cyberspace for the 
National Security and Homeland Security Councils

Now let's check out what these guys have been doing:

* Questionable involvement in the U.S. government's SWIFT surveillance program; 
acting as auditors of a government program, when that contractor is heavily 
involved with those same agencies on other contracts. Beyond that, the 
implication was also made that Booz Allen may be complicit in a program 
(electronic surveillance of SWIFT) that may be deemed illegal by the EC.
 
http://www.aclu.org/national-security/booz-allens-extensive-ties-government
-raise-more-questions-about-swift-surveillanc
 
https://www.privacyinternational.org/article/pi-and-aclu-show-swift-auditor-
has-extensive-ties-us-government
 
* Through investigation of Booz Allen employees, Tim Shorrock of Democracy Now! 
asserts that there is a sort of revolving-door conflict of interest between 
Booz Allen and the U.S. government, and between multiple other contractors and 
the U.S. government in general. Regarding Booz Allen, Shorrock referred to such 
people as John M. McConnell, R. James Woolsey, Jr., and James R. Clapper, all 
of whom have gone back and forth between government and industry (Booz Allen in 
particular), and who may present the appearance that certain government 
contractors receive undue or unlawful business from the government, and that 
certain government contractors may exert undue or unlawful influence on 
government. Shorrock further relates that Booz Allen was a sub-contractor with 
two programs at the U.S. National Security Agency (NSA), called Trailblazer and 
Pioneer Groundbreaker.
 
http://www.democracynow.org/article.pl?sid=07/01/12/151224

If you haven't heard about Pioneer Groundbreaker, we recommend the following 
Wikipedia article:

"The NSA warrantless surveillance controversy (AKA "Warrantless Wiretapping") 
concerns surveillance of persons within the United States during the collection 
of foreign intelligence by the U.S. National Security Agency (NSA) as part of 
the war on terror."
 
http://en.wikipedia.org/wiki/Pioneer_Groundbreaker

* A June 28, 2007 Washington Post article related how a U.S. Department of 
Homeland Security contract with Booz Allen increased from $2 million to more 
than $70 million through two no-bid contracts, one occurring after the DHS's 
legal office had advised DHS not to continue the contract until after a review. 
A Government Accountability Office (GAO) report on the contract characterized 
it as not well-planned and lacking any measure for assuring valuable work to be 
completed.
 
http://www.washingtonpost.com/wp-dyn/content/article/2007/06/27/
AR2007062702988.html   
 
* Known as PISCES (Personal Identification Secure Comparison and Evaluation 
System), the ΓΓé¼┼ôterrorist interdiction systemΓΓé¼┬¥ matches passengers inbound for the 
United States against facial images, fingerprints and biographical information 
at airports in high-risk countries. A high-speed data network permits U.S. 
authorities to be informed of problems with inbound passengers. Although PISCES 
was operational in the months prior to September 11, it apparently failed to 
detect any of the terrorists involved in the attack.

Privacy advocates have alleged that the PISCES system is deployed in various 
countries that are known for human rights abuses (ie Pakistan and Iraq) and 
that facilitating them with an advanced database system capable of storing 
biometric details of travelers (often without consent of their own nationals) 
poses a danger to human rights activists and government opponents.
 
http://multinationalmonitor.org/mm2002/02march/march02corp3.html

/*******************************************************************************
***                   BONUS ROUND TWO: ANONYMOUS INTERESTS                   *** 
*******************************************************************************/

Back in February, as many may recall, Anonymous was challenged by security 
company HBGary. One month later - after many grandiose claims and several pages 
of dox on "members" of Anonymous which were factually accurate in no way 
whatsoever - HBGary and its leadership were busy ruing the day they ever 
tangled with Anonymous, and Anonymous was busy toasting another epic trolling. 
And there was much rejoicing. However, celebration soon gave way to 
fascination, followed by horror, as scandal after scandal radiated from the 
company's internal files, scandals spanning the government, corporate and 
financial spheres. This was no mere trolling. Anonymous had uncovered a 
monster.

One of the more interesting, and sadly overlooked, stories to emerge from 
HBGary's email server (a fine example to its customers of how NOT to secure 
their own email systems) was a military project - dubbed Operation Metal Gear 
by Anonymous for lack of an official title - designed to manipulate social 
media. The main aims of the project were two fold: Firstly, to allow a lone 
operator to control multiple false virtual identities, or "sockpuppets". This 
would allow them to infiltrate discussions groups, online polls, activist 
forums, etc and attempt to influence discussions or paint a false 
representation of public opinion using the highly sophisticated sockpuppet 
software. The second aspect of the project was to destroy the concept of online 
anonymity, essentially attempting to match various personas and accounts to a 
single person through recognition shared of writing styles, timing of online 
posts, and other factors. This, again, would be used presumably against any 
perceived online opponent or activist. 

HBGary Federal was just one of several companies involved in proposing software 
solutions for this project. Another company involved was Booz Allen Hamilton. 
Anonymous has been investigating them for some time, and has uncovered all 
sorts of other shady practices by the company, including potentially illegal 
surveillance systems, corruption between company and government officials, 
warrantless wiretapping, and several other questionable surveillance projects. 
All of this, of course, taking place behind closed doors, free from any public 
knowledge or scrutiny.

You would think the words "Expect Us" would have been enough to prevent another 
epic security fail, wouldn't you? 

Well, you'd be wrong. And thanks to the gross incompetence at Booz Allen 
Hamilton probably all military mersonnel of the U.S. will now have to change 
their passwords. 

Let it flow!


/*******************************************************************************
***                                 INVOICE                                  *** 
*******************************************************************************/

Enclosed is the invoice for our audit of your security systems, as well as the 
auditor's conclusion.

4 hours of man power: $40.00
Network auditing: $35.00
Web-app auditing: $35.00
Network infiltration*: $0.00
Password and SQL dumping**: $200.00
Decryption of data***: $0.00
Media and press****: $0.00

Total bill: $310.00

*Price is based on the amount of effort required. 
**Price is based on the amount of badly secured data to be dumped, which in 
this case was a substantial figure. 
***No security in place, no effort for intrusion needed. 
****Trolling is our specialty, we provide this service free of charge.

Auditor's closing remarks: Pwned. U mad, bro?

We are Anonymous.
We are Legion.
We are Antisec.
We do not forgive.
We do not forget.
Expect us.



This release is all of the emails and passwords available to Booz Allen Hamilton, a large military contractor. The next release is the research done so far using the other information available to them on BAH's servers.

Right now, it's a bunch of email passwords for accounts from various military services.

It looks legit. The people working on this are the same that ousted the HB Gary files (google "HB Gary Anonymous")

And finally, no this is not "useless" and "fake." These are real passwords with real email accounts. Whether or not this is a "psyop" as some have suggested is still to be determined. I like to think that there are some hackers out there who really want this information, that wouldn't normally be available, out to the public in order to get the truth known.

The data that is contained in the emails can (and likely will) be posted somehow, but not in the way you might think. Consider it like the Wikileaks leaks - there will be a release of the data eventually, but you will only see the really juicy information in news articles unless you search for it yourself. Expect to see some news articles will point to vast corruption and conspiracies in the highest circles of the intelligence community. There will likely be a few more companies hacked as a result of this too.

This is a hack of the intelligence community. The stuff they have been hiding for years. Anyone who says this is fake or just a psyop needs to rethink their priorities - so what? It's the truth. Who cares how it comes about? Julian Assange might be with the CIA but he still helped cause the Revolutions you all followed in the Middle East.

If there are conspiracies against us, why can't there be conspiracies FOR us? Who says only the bad guys work in secret?


Bottom line though, is stick to the news articles that you will see. If you're interested in finding the information yourself, do so with EXTREME CAUTION! Do NOT post the data directly here - instead, write a blog post or a news article and then submit the link - that way, it's the same as posting a link to "Roosters" (teehee) without posting the content.


------------

anonymouSabu's twitter feed as of 7/11/11 2:30PM:

@VinceintheBay Have you downloaded the archive and seen the people listed? The IC officers and their passwords?
3 minutes ago

@Narganon You think owning 90k members of the IC is not exposing the military? Stop being mad. Accept you can not stop us.
4 minutes ago

@yasmineryan We have gigs of emails from the royal families, including, their SCADA oil pipeline access and their exploitation of money.
4 minutes ago

@tracesofjupiter Thanks.
7 minutes ago

QUESTION: What do you think owning members of the Intelligence community give us? Use your imaginations :)
8 minutes ago

BAH: BASE64(SHA1(pass)) Really, bro?
10 minutes ago

@tracesofjupiter We just penetrated a chunk of the military, we exposed 90k members of the intelligence community and you are unsurprized?
15 minutes ago

@yasmineryan If AL-Jazeera reports our exposure of the Royal Families we will give you free reign with data research one day before we dump.
15 minutes ago

@yasmineryan Yes we do. We have infiltrated the three major royal families and have evidence proving a lot. Will you report it?


------------


Booz Allen Hamilton

"Melissa Hathaway was named the Acting Senior Director for Cyberspace for the National Security and Homeland Security Councils on 9 February 2009, and placed in charge of a 60-day interagency review of the plan, programs, and activities underway throughout the government dedicated to cyber security.[1]

"Ms. Hathaway was expected[2] to be offered the post of National Cyber Advisor or "Cyber Czar."

[link to en.wikipedia.org

anonymouSabu's twitter feed as of now:

@VinceintheBay Have you downloaded the archive and seen the people listed? The IC officers and their passwords?
3 minutes ago

@Narganon You think owning 90k members of the IC is not exposing the military? Stop being mad. Accept you can not stop us.
4 minutes ago

@yasmineryan We have gigs of emails from the royal families, including, their SCADA oil pipeline access and their exploitation of money.
4 minutes ago

@tracesofjupiter Thanks.
7 minutes ago

QUESTION: What do you think owning members of the Intelligence community give us? Use your imaginations :)
8 minutes ago

BAH: BASE64(SHA1(pass)) Really, bro?
10 minutes ago

@tracesofjupiter We just penetrated a chunk of the military, we exposed 90k members of the intelligence community and you are unsurprized?
15 minutes ago

@yasmineryan If AL-Jazeera reports our exposure of the Royal Families we will give you free reign with data research one day before we dump.
15 minutes ago

@yasmineryan Yes we do. We have infiltrated the three major royal families and have evidence proving a lot. Will you report it?
16 minutes ago





This is only the beginning.

There's another release coming, supposedly bigger than this one. However, there's no way that the ones running this show have gone through all of the military emails now available to them, so the information found in those emails are part of this release as well... they just haven't been discovered yet. The access is there for anyone willing to download the password files, however.

This is freakin huge. The entire MILITARY has been compromised!

Right now, it's a bunch of email passwords for accounts from various military services.

It looks legit. The people working on this are the same that ousted the HB Gary files (google "HB Gary Anonymous")

And finally, no this is not "useless" and "fake." These are real passwords with real email accounts. Whether or not this is a "psyop" as some have suggested is still to be determined. I like to think that there are some hackers out there who really want this information, that wouldn't normally be available, out to the public in order to get the truth known.

The data that is contained in the emails can (and likely will) be posted somehow. Expect to see a few more companies hacked as a result of this and some news articles will point to vast corruption and conspiracies in the highest circles of the intelligence community.

This is a hack of the intelligence community. The stuff they have been hiding for years. Anyone who says this is fake or just a psyop needs to rethink their priorities - so what? It's the truth. Who cares how it comes about? Julian Assange might be with the CIA but he still helped cause the Revolutions you all followed in the Middle East.

If there are conspiracies against us, why can't there be conspiracies FOR us? Who says only the bad guys work in secret?



"One of the more interesting, and sadly overlooked, stories to emerge from
HBGary's email server (a fine example to its customers of how NOT to secure
their own email systems) was a military project - dubbed Operation Metal Gear
by Anonymous for lack of an official title - designed to manipulate social
media. The main aims of the project were two fold: Firstly, to allow a lone
operator to control multiple false virtual identities, or "sockpuppets". This
would allow them to infiltrate discussions groups
, online polls, activist
forums, etc and attempt to influence discussions or paint a false
representation of public opinion using the highly sophisticated sockpuppet
software. The second aspect of the project was to destroy the concept of online
anonymity
, essentially attempting to match various personas and accounts to a
single person through recognition shared of writing styles, timing of online
posts, and other factors. This, again, would be used presumably against any
perceived online opponent or activist. "





http://www.godlikeproductions.com/forum1/message1558396/pg1

Hardcore News Is Brought To You By...

Facebook Social & Comments

Hardcore Links