courtesy of nsa.gov
Uncle Sam might be planning to wage illegal cyber warfare [1] on U.S. citizens. The federal government, it seems, has been secretly (and sometimes openly) recruiting computer hackers to engage in legal and illegal activities for years. Frighteningly enough, some of those activities apparently target US citizens and even critics of government policies.
Take the case of Bradley Manning, the US Army enlisted man who embarrassed the Pentagon and the State Department by leaking 200,000 cables to Wikileaks. You’ve probably heard of Manning, but you probably don’t know how he got caught. Manning was turned in by another computer hacker.
Basically, Manning was ratted out by well-known hacker Adrian Lamo, who was apparently working with a federal contractor called “Project Vigilant [2].” Vigilant is an organization that recruits hackers to work for US intelligence agencies, including the National Security Agency. Lamo was talked into turning in Manning by Chet Uber, the head of Project Vigilant, which is based at Fort Pierce, FL.
Project Vigilant Is Watching Your Computer
Vigilant is described as a semi-secret effort to help the federal government identify hackers. It apparently recruits volunteers, namely hackers whose job is supposedly to track down other hackers. Since Vigilant also works with intelligence agencies, it is reasonable to presume that it hacks on behalf of Uncle Sam.
What’s worrisome, though, is that it carries out politically motivated activities, such as the capture of Manning. Whether you agree with Manning’s actions or not, he did embarrass the government. That should be bothersome because Forbes reports that Vigilant engages in massive amounts of data gathering.
Among other wonderful activities, Vigilant collects data from Internet service providers much like the data about phone calls that the National Security Agency collected from Verizon. Forbes actually turned up a Vigilant press release that stated the organization tracked more than 250 million IP addresses (screen names) a day.
It can also develop portfolios on any name, screen, or IP address. In other words, Vigilant is laying the ground work for Uncle Sam to hack computers on a massive scale. Worse, some experts think that Project Vigilant has been around for as long as ten years, and it’s been operating in complete secrecy for most of that time.
Project Vigilant works closely with such companies as LinkedIn and Facebook, San Francisco Examiner writer [3] Mark Albertson reported. Albertson noted that many top cyber security experts, including some who have managed to remain secret, have worked with Vigilant. Albertson pointed out that such secret organizations as the National Security Agency and the Defense Advanced Projects Agency (DARPA), work closely with Vigilant.
Close Connections between Computer Industry and Intelligence Agencies
Frighteningly, it seems as if Vigilant works closely with some developers of cyber security products. That means it might be deliberately designing or creating firewalls and antivirus programs with holes in them to make it easier to hack. It might also be putting tapeworms and other hacking tools into widely used software.
Another bothersome comparison is that Uber has compared Project Vigilant to GhostNet, the Chinese government’s hacking program. GhostNet [4] routinely hacks those who are considered enemies of China, including the Dalai Lama.
In other words, the federal government has been applying some of the techniques it’s long been criticizing the Chinese for using. Worse, like the Chinese, it has used the hacking resources to lash out at some critics of the government. Okay, Bradley Manning certainly violated the law and his oath to the Army, but would the government have been so harsh on him if he hadn’t made it look so bad?
What this means is that there are very close connections between Internet service providers, communications companies, and social media providers and the intelligence community. Technology companies have been working closely with the intelligence community for years and giving the government the means to penetrate their security.
The NSA’s monitoring of phone calls [6] is only the tip of the iceberg; the federal government has been extensively monitoring communications of all sorts for years. Worse, communications and other companies willingly work with the government. News reports don’t say whether Project Vigilant played a role in that hacking or not, but there’s a good chance that it did. Forbes writer Andy Greenberg, who’s been reporting on hackers and Project Vigilant for years, thinks it did. Greenberg believes that Internet companies like Google and Facebook also turn data over to the NSA and Vigilant.
The National Security Agency has a program called Prism which gives its spooks direct access to the servers of Google, Apple, Facebook, Microsoft (which owns Skype) and other internet firms, Britain’s Guardian newspaper revealed [7]. The Guardian article didn’t mention hacking or Project Vigilant, nor did it reveal how the NSA gets access to that information.
Disturbingly enough, top executives at some of the companies mentioned, including Google and Facebook, denied cooperating with Prism [8]. Either the executives were lying or the NSA is illegally hacking their data, possibly through Vigilant. Details about Prism, including Power Point slides, were leaked to Guardian reporter Glenn Greenwald.
The source of the leaks was revealed to be Edward Snowden [9], a former CIA agent who has worked at a number of companies, including Dell. That indicates US intelligence agencies might have agents inside tech companies to steal their secrets and data about average Americans. There is no evidence that Snowden (who worked for the contractor Booz Allen) was involved in Project Vigilant.
Is Uncle Sam Giving Hackers Access to Your Computer and Your Data?
There are several reasons why we should worry about the federal government’s communications monitoring, but the most troubling is Uncle Sam’s past relationship with hackers. What’s to stop the hackers working with or at Project Vigilant to use its resources to steal financial information from average Americans?
It has happened before and not too long ago. One of the biggest cybercrimes in history, the theft of about 180 million credit and debit card numbers belonging to average citizens from giant retailers like Office Max and Target, was committed by Albert Gonzalez Jr [10]. At the time he was stealing average Americans’ credit card information, Gonzalez was working as an informant for the Secret Service.
Gonzalez had been recruited by a group called Operation Firewall, a Justice Department operation similar to Project Vigilant, to inform on a network of hackers called the Shadowcrew. Gonzalez turned in the Shadowcrew, but he also recruited his own gang of hackers that stole millions of dollars from businesses and citizens. Among other things, Gonzalez sold tens of thousands of credit card numbers to notorious Ukrainian cyber fence Maksym Yastremski while he was supposed to be working with the Secret Service.
It isn’t known if Gonzalez was working with Project Vigilant or not, but his actions should give us pause. Operation Firewall sounds suspiciously like Project Vigilant, doesn’t it? It is also interesting to note that Project Vigilant was based at Fort Pierce, FL, and Albert Gonzalez’s hacking operations were based in Miami.
How do we know that illegal hackers aren’t getting access to our computers, Facebook pages, bank accounts, and iPads through its resources? This is particularly bothersome because it looks like Gonzalez might have used Operation Firewall to recruit the gang of hackers he called Operation Get Rich or Die Trying.
The federal agents didn’t suspect what Gonzalez was doing, even though he was living in luxury hotels and spent $75,000 on a birthday party while working for Uncle Sam. Gonzalez was only caught after Turkish police arrested Maksym Yastremski and gave the Secret Service access to his laptop. Secret Service agents traced Gonzalez through the instant messaging the two criminal masterminds used to communicate. Albert Gonzalez is now in federal prison, but his case should show us how dangerous government approved hacking is.
Privacy Is Dead but What Can We Do?
Basically, the federal government may have access to your computer and everything on it, and it can track any communications you make over the Internet or the phone. To make matters worse, the feds may have given criminals access to its resources in exchange for better intelligence gathering tools.
Facebook CEO Mark Zuckerberg’s comment that privacy is dead might be truer than we realize. That means you need to be far more vigilant in your communications than in the past.
Average people need to take stronger efforts to guard their communications in today’s world. Keeping abreast of the news and cyber security is one method. Another is to be careful what you say online and over the phone. There’s a good chance Uncle Sam could be listening, but so could the hackers.
[11]