“I, sitting at my desk, certainly had the authorities to wiretap anyone, from you, or your accountant, to a federal judge, to even the president if I had a personal email.” —Edward Snowden, Booz Allen Hamilton whistleblower, during his interview with The Guardian.
Could the sprawling surveillance state enable government or its legion of private contractors to abuse their technology and spy upon domestic political targets or judges?
This is not a far off possibility. Two years ago, a batch of stolen e-mails revealed a plot by a set of three defense contractors (Palantir Technologies, Berico Technologies and HBGary Federal) to target activists, reporters, labor unions and political organizations. The plans— one concocted in concert with lawyers for the US Chamber of Commerce to sabotage left-leaning critics, like the Center for American Progress and the SEIU, and a separate proposal to “combat” WikiLeaks and its supporters, including Glenn Greenwald, on behalf of Bank of America— fell apart after reports of their existence were published online. But the episode serves as a reminder that the expanding spy industry could use its government-backed cybertools to harm ordinary Americans and political dissident groups.
The episode also shows that Greenwald, who helped Snowden expose massive spying efforts in the United States, had been targetted by spy agency contractors in the past for supporting whistleblowers and WikiLeaks.
Firms like Palantir—a Palo Alto–based business that helps intelligence agencies analyze large sets of data—exist because of the government’s post-9/11 rush to develop a “terror-detection leviathan” of high-tech companies. Named after a stone in the Lord of the Rings that helps both villains and do-gooders see over great distances, the company is well-known within Silicon Valley for attracting support from a venture capital group led by libertarian billionaire Peter Thiel and Facebook’s Sean Parker. But Palantir’s rise to prominence, now reportedly valued at $8 billion, came from initial investment from In-Q-Tel, the venture capital arm of the CIA, and close consultation with officials from the intelligence-gathering community, including disgraced retired admiral John Poindexter and Bryan Cunningham, a former adviser to Condoleezza Rice.
While Palantir boasts that its government-backed technology is geared towards helping the military track terrorists, stolen e-mails from HBGary Federal show the firm and its senior executives were eager to use its platform on behalf of the Chamber, one of the largest corporate lobbying associations. In the fall of 2010, the Chamber had received unflattering attention, first from a New York Times piece about allegedly laundered money from AIG, and then from my reporting at the Center for American Progress’ ThinkProgress blog about foreign funds flowing to the Chamber’s 501(c)(6) entity used to run campaign advertisements. The Chamber’s attorneys at the firm Hunton & Williams, at the time already busy prosecuting a group of activists for impersonating the Chamber, sought out the help of Palantir to develop a team to go after the Chamber’s critics. As I reported later for TheNation.com, Palantir eventually connected with Berico and HBGary Federal, and along with the Chamber’s attorneys, the group began plotting a campaign of snooping on activists’ families and even using sophisticated hacking tools to break into computers:
The presentations, which were also leaked by Anonymous, contained ethically questionable tactics, like creating a “false document, perhaps highlighting periodical financial information,” to give to a progressive group opposing the Chamber, and then subsequently exposing the document as a fake to undermine the credibility of the Chamber’s opponents. In addition, the group proposed creating a “fake insider persona” to “generate communications” with Change to Win, a federation of labor unions that sponsored the watchdog site, US Chamber Watch.
Even more troubling, however, were plans by the three contractors to use malware and other forms of malicious software to hack into computers owned by the Chamber’s opponents and their families. Boasting that they could develop a “fusion cell” of the kind “developed and utilized by Joint Special Operations Command (JSOC),” the contractors discussed how they could use “custom malware development” and “zero day” exploits to gain control of a target’s computer network. These types of hacks can allow an attacker not only to snoop but to delete files, monitor keystrokes and manipulate websites, e-mail archives and any database connected to the target computer.
In January of 2011, Hunton and Williams, which had met with the Chamber to discuss the proposals, sent by courier a CD with target data to the contractors. The targets discussed in e-mails included labor unions SEIU, IBT, UFW, UFCW, AFL-CIO, Change to Win, as well as progressive organizations like the Center for American Progress, MoveOn.org, Courage Campaign, the Ruckus Society, Agit-Pop, Brave New Films and others. […]
The tactics described in the proposals are illegal. However, there were no discussions in the leaked e-mails about the legality of using such tactics. Rather, the Chamber’s attorneys and the three contractors quibbled for weeks about how much to charge the Chamber for these hacking services. At one point, they demanded $2 million a month.
By December in 2010, the attorneys from Hunton & Williams approached the three contractors about developing a similar plan to go after WikiLeaks on behalf of Bank of America, which was concerned that many of their private documents were about to be published by the whistleblower website. HBGary Federal’s Aaron Barr discussed his reasoning on why it was especially critical to take down Glenn Greenwald, noting in one e-mail: “I think we need to highlight people like Glenn Greenwald. Glenn was critical in the Amazon to OVH [data center] transition and helped WikiLeaks provide access to information during the transition. It is this level of support we need to attack. These are established professionals that have a liberal bent, but ultimately most of them if pushed will choose professional preservation over cause, such is the mentality of most business professionals. Without the support of people like Glenn WikiLeaks would fold.” The team of contractors created a similar proposal for Hunton & Williams, again suggesting the idea of planting a false document and launching cyber attacks.
The contractors looked forward to the private sector money. One Palantir official wrote: “We are the best money can buy! Dam it feels good to be a gangsta.” However, they never had a chance to launch either attack plan.
The proposal fell apart when HBGary Federal’s Barr attracted the attention of LulzSec, a splinter group of Anonymous hactivists. LulzSec hacked into HBGary’s e-mail system and dumped thousands of private messages online, including the e-mails detailing the plan to go after both the Chamber’s perceived opponents and supporters of WikiLeaks. (A timeline of the scandal can be found here.)
Twenty House Democrats called for an investigation into the scandal, but the Republican-held chamber did little to look into the story. However, Congressman Hank Johnson did manage to briefly question NSA officials about the three defense contractors.
In the wake of the scandal, HBGary Federal shut down, but its sister firm, HBGary, was later sold to another military contractor, ManTech International for $23.8 million. Berico retained an influential DC lobbyist; Palantir increased their spending on lobbyists. Both companies managed to escape much scrutiny.
Although some media outlets have reacted to the Snowden story with apprehension that such a young employee of a government contractor would have such wide-ranging spy capabilities, the disclosure presents other questions. Journalist Tim Shorrock, who also blogged recently about the rise of Palantir, reported that some 70 percent of the nation’s intelligence gathering budget is spent on private contractors. Could any of these firms, which number in the hundreds, use their terrorist-seeking espionage weapons against their fellow Americans? If what Snowden claimed is true, he could have spied upon judges and journalists and sold that information to powerful domestic or foreign interests. At one point during the discussions about how to use their technologies to attack activists, Barr had met with Booz Allen Hamilton senior vice president Bill Wansley. The disclosure of the Palantir-Berico-HBGary proposals suggest other abuses could be lurking out there, from a rogue employee to a carefully planned effort to spy on activists.