There's more news about the Chamber of Commerce's planned attempt to harass and smear critics. The best one-stop source of info is this BradBlog investigation
. Here's the part that really hits home, for reasons which we will explain presently:
Last night, ThinkProgress' Lee Fang reported the plan being solicited by the Chamber's law firm Hunton & Williams included plans "to use exploits to steal information from the Chamber's opponents, or worse." The Team Themis proposal "boasted of HBGary Federal's capabilities in 'Information Operations,' a military contractor term for offensive data extraction techniques typically reserved for use against terrorist groups. The slide [from one of their Power Point presentations] includes sections on 'Vulnerability Research/Exploit Development' and 'Malware Analysis and Reverse Engineering.'"
From the Fang
HBGary, the parent company of HBGary Federal, specializes in analyzing “malware,” computer viruses that are used to maliciously steal data from computers or networks. In other presentations, Barr makes clear that his expertise in “Information Operations” covers forms of hacking like a “computer network attack,” “custom malware development,” and “persistent software implants.” The presentation shows Barr boasting that he had knowledge of using “zero day” attacks to exploit vulnerabilities in Flash, Java, Windows 2000 and other programs to steal data from a target’s computer.
Indeed, malware hacking appears to be a key service sold by HBGary Federal. Describing a “spear phishing” strategy (an illegal form of hacking), Barr advised his colleague Greg Hoglund that “We should have a capability to do this to our adversaries.” In another e-mail chain, HBGary Federal executives discuss using a fake “patriotic video of our soldiers overseas” to induce military officials to open malicious data extraction viruses. In September, HBGary Federal executives again contemplate their success of a dummy “evite” e-mail used to maliciously hack target computers.
Some of the initial e-mails discussing the Chamber deal with Team Themis stress the fact that HBGary Federal would provide “expertise on ‘digital intellgence collection’ and social media exploitation.’”
Barr also sent another document to the Chamber’s attorney describing in greater detail Team Themis’ hacking abilities (download a copy here). In one section, Team Themis claims that “if/when Hunton & Williams LLP needs or desire,” they can use “direct engagement” to “provide valuable information that cannot be acquired through other means.”
Aaran Barr, head honcho of spy firm HBGary, demonstrated what he could do by hacking into a computer used by the wife of a Chamber of Commerce attorney.
“If I can exploit her account through one of her social connections I can exploit the home network/system,” he wrote. This explains why Team Themis devoted so much time to researching the families and children of progressive activists, to find vulnerabilities in their computer systems.
Here's where it gets personal.
Long-time readers may know that, during the 2008 campaign, I did everything in my humble power to help publicize the investigative journalism of Evelyn Pringle, who had uncovered Obama's trail of corruption in Illinois. There was an unnerving follow-up.
Forgive a bit of self-quotation:
I received an email message allegedly from Evelyn Pringle, the author whose investigative pieces on Tony Rezko and Barack Obama I discussed in several posts published in 2008. I corresponded with Pringle a few times, though the messages were never substantive or sensitive. Her email address was lodged somewhere in my Yahoo email account -- and presumably my address was in her account.
The new message from "Pringle" contained nothing but a link. The link went to a web page selling consumer items. I had never seen that particular site before, although we have all seen that kind of site. I closed the page within a few seconds, then studied the Pringle message more carefully.
It did not come from the account of the real Evelyn Pringle. Someone was pretending to be her.
After that odd incident, my computer began to act very strangely. Among the strange happenings: I had to press "publish" or "reject" twice when moderating comments. I got the hinky, uncanny feeling that someone else was reading those comments, even the ones that were never published. (The vast majority of these are spam.)
As you know, I also received a message informing me that other people were logged onto this computer.
Thus, a total re-install on a new HD.
That solved the problem -- but it's not something anyone cares to do on a regular basis.
In these realms, paranoia is our friend. I do a complete malware scan on my system nearly every day. I use every free, well-reviewed anti-malware program available -- including (but not limited to) Ad-Aware, PrevX, Emsisoft, Sophos, and Malwarebytes. Although the primary anti-virus software used on this system will go unnamed, I can mention that I have tried pretty much every vendor out there, because they all offer free 30-day try-outs period. Re-imaging the disc allows one to restart the trials all over again.
(Incidentally, if you are looking for a recommendation, you may want to consider ESET NOD32
, which you can use free for a month, and Trend Micro's HouseCall
, which is free.)
Of course, one should steer clear of Facebook and other social networking systems. Facebook is unnecessary and intrusive -- yet another disguise for Big Brother. Fortunately, an increasing number of people have wised up
to the Facebook scam.
Here's the problem: An individual blogger can stock up on anti-malware software and re-image the C drive and change passwords and play with proxies and do all of that other security stuff -- but other people sharing the broadband connection may find that level of paranoia tiresome.
That's why the bad guys want to know about any friends or family members who share a domicile with a targeted blogger.
So please keep in mind -- if your favorite blogger starts to act as if "they" are out to get him or her, don't smirk at his or her irrational fears. "They" really are
out to get bloggers. I'm small potatoes, so there probably won't be a smear campaign directed against yours truly. But if you wake up one day to see "evidence" that a popular and influential writer used the word "nigger" or committed bigamy or downloaded kiddie porn or solicited a hit man or said nice things about Osama Bin Laden...
...don't buy it.By the way:
Notice that no-one is spying on the teabaggers. What more evidence do we need that the Tea Party represents no threat to the Establishment -- that, in fact, the teabagger movement is a creation of the Establishment?