Thursday, June 02, 2011

An interesting analog in the age of digital hacking

Ed.--A recent spate of cyberattacks on Google's Gmail system (originating in China) reminded me of a some similar techniques employed against Deborah Jeane Palfrey (the DC Madam), perhaps by the United States Government or non-governmental actors--contractors of one variety or another. The Chinese attacks ensnared several hundred individuals, some of them high level American government officials, presumably some working for the State Department.

Some whose Gmail accounts were breached were American military personnel as well as a few Chinese dissidents, perhaps included as a diversion or as overlap from other hacking operations originating from the same actors. Whoever they were, they were looking for specific types of people doing specific types of work for the U.S. Government; specific individuals were targeted for hacking.

Do no evil?

Google routinely cooperates with the America national security state, so it's no surprise that they've been targeted by other nations using third party actors to provide a kind of plausible deniability. In the case of the recent attack on Google, it's safe to assume that the encouragement of non-governmental actors was formulated to prevent accountability being directed at the regime in Beijing, a fair assumption. Does the U.S. do this? Certainly--one could argue that we pioneered its use--and some of this echoes the very real world attacks on American soil on September 11, 2001, ushering in a newer form of mercenary where attacks by one state against another are done indirectly by proxy, "non-governmental" agents.

21st Century Brigands?

This is perhaps going to be the Golden Age of the mercenary, with further tech-enhancements.

Mercenary hackers aren't new, but the scale of their activities is growing rapidly. Information warfare itself is an old tactic of political entities, and nation states like the United States or even Turkey are engaged in it all of the time.

...Google said Wednesday that personal Gmail accounts of several hundred people, including senior U.S. government officials, military personnel and political activists, had been exposed. Google traced the origin of the attacks to Jinan, China, the home city of a military vocational school whose computers were linked to a more sophisticated assault 17 months ago on Google's systems." ... ("US says no... ," AP, June 2, 2011)

Most modern nation states are engaging in it at some stage, but like the use of drones in recent conflicts, it remains unofficial policy, often mislabeled as "conspiracy." Cyberwarfare isn't new, but the widening scope of its use by state and "rogue" (using the term without any value judgment) actors is.

The Palfrey defense was under surveillance, period, it's inarguable and I bore witness to it directly. Some will say that it was for legitimate purposes of the enforcement of the law, but how then would any defendant get a fair trial under such scrutiny? What's arguable is who it might have been which one could speculate on endlessly with such a muddied trail. That's how it goes with hacking and cyberattacks, but with enough persistence and even some luck the origins of a hit can sometimes be uncovered. The key is to erase as much of a trail leading to the originator of the attack as possible and it's not rocket science, but not so prevalent or as easy in the
stone age days of the Internent back in the fall of 1998 when the madam's account was hacked.

Even at the time what they did wasn't especially sophisticated, but the average Internet user wouldn't have known how to do the breach and what followed from it.

Just shy of ten years later I had a productive exchange with a former attorney of the DC Madam's about the breaching of the her email account:

Jeane and I searched and searched and finally traced the insertion of a email forwarding address in her earthlink account to a email address. When I took it up with, they had no answer how anyone had hacked into Jeane's account and could not identify the owner of the email account as it was to a string of fictious email accounts. (Correspondence with the Editor, August 2008)

This was to be expected whether it was a state actor or not. It's a very good possibility that this was a former client of Pamela Martin & Associates, but that could just as well mean the arrow points to the state as well as contractors.

What raised a few flags this week for me came from this passage in an AP article on the recent breaches in Google's Gmail infrastructure that compromised some of the personal email accounts of a few high level American officials.

The modus operandi is similar if not identical to the breaches in the DC Madam's Sprynet email account back in 1998:

...While Google said last year's attack was aimed at its corporate infrastructure, the latest incident appears to have relied on tricking email users into revealing passwords, based on Google's description in its blog post.

It said the perpetrators changed the victims' email forwarding settings, presumably secretly sending the victims' personal emails to other recipients. ... ("Google reveals... ," Reuters, June 2, 2011 )

The final sentence is exactly what happened to the DC Madam's email account sometime in October 1998.

It's almost become a cliche that intelligence agencies (and similar institutions and groups) can and have used primitive forms of hacking as a cover for the activities against various actionable targets. Perhaps one day we'll find through declassifications that a government contractor created all of those phony email accounts when Palfrey began to become a "person of interest" to whoever hacked her account and changed her forwarding settings, intercepting all of her emails going in and out (I know from experience as I was receiving bouncebacks once the phony account had been closed). Most likely, she was beginning to become a liability to a privileged former client...but the truth of the case is elusive as ever.

"US says no official email hacked; FBI on case," AP, June 2, 2011):

"Google reveals Gmail hacking, says likely from China," Reuters, June 2, 2011: