Last year, I was bit by the idea of intel as a research project. I presented at BSidesDetroit on the topic of corporate espionage and the contrast between HUMINT and TECHINT. My Defcon Skytalk was titled “Bringin Intelligence Back To The Hacker Community” and I did a GRRConCon talk on the capabilities and structure of a normal private intelligence campaign. The research had a side-affect of replacing a generally apathetic outlook on the topic, with a more specific abhorrence toward the intelligence community as a whole — specifically private intelligence groups working under the auspices of the U.S government and other nation states.
Of course this research project came at an opportune time with the recent NSA revelations substantiating many of the claims, the recent articles about the JTRIG program really has hit home.
Each of these articles released by Glen Greenwald and NBC News reference JTRIG – a program designed to manipulate the hearts and minds of Internet users. Targeting individuals, organizations, and in some cases just the general ideas with the goal of destroying them. Programs like SQUEAKY DOLPHIN, for example, were designed to analyze social networking patterns of all users be it Youtube or Blogger or Facebook. We can all agree that the use-case of this capability has some positive implications like infiltrating Al-Qaeda training forums or the like.
There’s definitely part of me that can sit back and just say “I’m not even mad. That’s amazing” from a purely technological standpoint. Part of my presentations on the subject of OSINT came to the conclusion that small-time intel groups pale in comparison to well funded private organizations like HBGary and Palantir. I talked about how HBGary would pull stunts on forums and IRC, specifically targeting ideas and individuals that they were hired to attack — protesters for a large company in one example. JTRIG and the other programs above, are examples that this is not just HBGary or Palantir but the entire intelligence community.
I even found myself, falling down the rationalization stairs, convincing myself that this is what’s expected. They’re the U.S., and they’ve realized that the Internet is powerful, and they want to use it as a weapon. In fact, the U.S has realized a gap in their capabilities to collect information on the Internet in a paper from 1998 which first defined the problem of the “Intelligence Gap” — the increasing ratio of the number collection sources to actionable intel. And you can see my disillusionment in my presentations. The Defcon Skytalks version of “Bringing Intelligence Back To The Hacker Community” was generally a fun, optimistic look at intelligence capabilities and even a structure for collection and analysis. Where the GRRCon talk generally had a conclusion of “Yeah that was nice, but you are all fucked in comparison to private intel groups.”
The most depressing result that all of this new information has had on the public and the Information Security community is… nothing. Either the Infosec professionals I’ve talked to lately have withdrawn themselves from the situation out of hopelessness, they’ve generally become jaded, or they actually work in the intelligence community. I’ve heard the tongue-in-cheek comments of “Well it’s good for us” in that it’s our job to now provide security solutions to a the new reasonable threat of a global adversary. I know people who are now signing up to become military intelligence operatives, seeing the career path of working for the government and then leaving to a private-sector, high-paying, intelligence career. People have even admitted to me that the government has called them up and asked to snatch their idea stating they would pay him millions of dollars. And how can you blame him? Morality, ethics, and not-being-a-dick-ism is difficult to maintain when faced with piles of money. Maybe this is where Info-Sec and Hacker will further fraction off. Maybe I’m just being naive.