You may recall our previous post
on "Sabu," a.k.a. Hector Xavier Monsegur, leader of a group of cyber anarchists called AntiSec. (AntiSec's symbol is a picture of Guy Fawkes wearing a top hat and monocle.) Sabu was turned by the FBI early on and tasked to snitch on his fellow hackers.
Someone recently posted this timeline to Scribd
. The writer's purport is to show that AntiSec was an FBI sting operation all along. Here are the first few entries in the timeline...
4 June 2011 - First passing mention of ANTISEC in relation to Anonymous is made on LulzSec twitter (http://goo.gl/cwO2G)
7 June 2011 - SABU visited by FBI and arrested quietly
8 June 2011 - By 10AM this day, SABU was fully cooperating with feds
19 June 2011 - AFTER arrest, SABU resumes tweeting after a prolonged break (last recorded tweets being random in March and May of 2011 -- http://goo.gl/frJpR).
His ﬁrst tweet is to announce the formation of ANTISEC (http://goo.gl/725mr). He announces ANTISEC as "The biggest, uniﬁed operation amongst hackers in history." <-- Does "uniﬁed" = conspiracy? Original ANTISEC Release Statement - http://pastebin.com/9KyA0E5v
So there was all of ONE reference to AntiSec before Sabu's arrest. The formal announcement did not come until Sabu was working for Uncle.
As I mentioned earlier, the Stratfor documents liberated by Antisec were stored on FBI servers. Those documents show that Stratfor made no secret of their low opinion of the FBI. Someone at the Bureau has shown genuine wit.
If the FBI really was running AntiSec -- if the group was nothing but an entrapment operation -- then what are we to make of some of the group's activities during its brief career? AntiSec briefly shut down the Vatican's website
a short while ago.
"It's not a personal attack on Christians, just on the Vatican itself," said the source, who asked to remain anonymous to protect their identity from the group.
What did the website attack accomplish? Not one thing -- except to make Catholics hate hackers. And to make other religious folk worry about whether they were next on the hit list.
Also see here
This time around, AntiSec went after the email systems for New York State police chiefs and the website for the California Statewide Law Enforcement Association (CSLEA).
News of an AntiSec hack of law enforcement associations on both coasts earlier this week showed that while it might be a new year, we can pretty much expect lots of the same with respect to database security in 2012. The same insecure configurations. The same cleartext storage of passwords and sensitive information in unprotected databases. The same abysmal access control and password management practices.
So maybe AntiSec is just the Bureau's way of telling the cops to improve their system.
Here's another nugget from the timeline...
6 August 2011 - Syrian MOD hacker solicited by SABU to join ANTISEC to "disrupt govt communication systems" (direct quote).
The FBI wouldn't be behind something like that. The CIA, on the other hand...
Here's a bit that will be of interest to Occupy Wall Street supporters:
21 September 2011 - SABU uses inﬂuence to kill Anonymous attempts to DDoS Wall Street ﬁrms (http://goo.gl/kDRxS | http://goo.gl/oU9ur).
Here's the one that I find particularly noteworthy...
22 August 2011 - ANTISEC releases 1GB of personal data from Vanguard Defense Industries, a Texas-based aerospace and defense ﬁrm (http://pastebin.com/PjiXmwNk).
We mentioned that leak in a previous Cannonfire post
. Vanguard makes UAV killer drones. That particular leak included the revelation that a VP at Vanguard named Richard Garcia had known about the Standard & Poors downgrade of the U.S. four months before it happened
All in all, I would posit that the real purpose of AntiSec was not to release information but to help various DoD contractors and police departments harden their security. Since the feds were in control the whole time, they could make sure nothing really earth-shattering ever emerged.