Christmas attack targets minor intelligence firm. (IMG: AntiSec)
In an email to clients shortly after the attacks, Stratfor’s CEO, George Friedman addressed the attacks.
He said that Stratfor's servers and email have been suspended, due to the AntiSec hack, and that they are taking “this incident very seriously.”
“Stratfor and I take this incident very seriously. Stratfor's relationship with its members and, in particular, the confidentiality of their subscriber information, are very important to Stratfor and me. We are working closely with law enforcement in their investigation and will assist them with the identification of the individual(s) who are responsible. Although we are still learning more and the law enforcement investigation is active and ongoing, we wanted to provide you with notice of this incident as quickly as possible. We will keep you updated regarding these matters.”
In response to the letter, an associate of Anonymous commented:
If #Stratfor would give a shit about their subscriber info they wouldn't store CC/CCV numbers in cleartext, with corresponding addresses.— AnonymousIRC (@AnonymousIRC) December 25, 2011
Moreover, the Stratfor attack was once again referenced as only the start.
We’ll update with additional data as it is available.
Strategic Forecasting Inc., which is better known as Stratfor, is an intelligence gathering firm located in Austin, Texas. On Christmas Eve, they were wiped from the Internet by supporters of the AntiSec movement. Allegedly the actions was taken due to their status as a law enforcement friendly organization, and commentary condemning Anonymous’ OpCartel campaign.
Not too long ago, Anonymous gained some media attention for their promise to release sensitive information related to Los Zetas, a Mexican cartel known for brutal tactics, weapons dealing, drug running, and human trafficking. As part of the news cycle, reporters looked for comments from organizations and experts in the field.
Stratfor gained mass attention from the media when they issued a warning to Anonymous, and offered public commentary on what was known at the time as OpCartel. However, while the attention given to Anonymous’ Los Zetas focused campaign faded, Stratfor earned their fifteen minutes of fame from the technical press for their comments on the operation.
“Anonymous has taken on many powerful entities in the past, such as major transnational corporations and governments. But the repercussions from participating in such operations were never as grave for online activists as they are in this case. Being identified and detained by Scotland Yard or the FBI is a far different situation than being identified and detained by Los Zetas,” a note from Stratfor outlined.
Staffers representing Stratfor appeared on broadcast media offering commentary on Anonymous, the Los Zetas operation specifically, several times during the campaign’s run. Those comments, and the Los Zetas campaign itself were already out of the media’s attention by the second week of November. However, on Christmas Eve, Stratfor’s clock had stopped ticking. Their domain, and all of the contents hosted on the webserver, were wiped from the Internet.
Over 90,000 Credit cards from LEA, journalists, intelligence community and whitehats leaked and used for over a million dollars in donations— The Real Sabu (@anonymouSabu) December 24, 2011
For the last week or so, talk on Twitter centered on an upcoming LulzXmas release, which has been said to be large enough now to last until the end of the year. The initial release for LulzXmas centered on Stratfor and consisted of two parts.
The first part was the removal of the Stratfor domain. However, before the webserver was wiped completely, nearly 200GB of emails were taken. These actions was preceded by the reported snatching of 90,000 credit cards from a database maintained by Stratfor, and using them to make donations and other purchases.
Frank Ginac, Stratfor’s CTO, was singled out during the aftermath of the breach. In addition to having snippets of his internal communications leaked, his personal information (including credit card details) was published as well.
The second part of the LulzXmas attack was the leaking of Stratfor’s customer list, which includes current and past clients.
It is unknown what other releases are planned, or if the hijacked emails will be published by AntiSec.
Likewise, considering the clients involved and the amount of data taken from Stratfor, the breach itself could expand even further. If that’s the case, the final week of 2011 promises to be a damning one for law enforcement and supportive firms.
A G Edwards
Al Jazeera English
Bank of America
Booz Allen Hamilton
Defense Intelligence Agency
Dept. of Defense
Dept. of Energy
Dept. of Justice
Dept. of State
Fox News Channel
The LA Times