Vanguard Defense Industries compromised by AntiSecby Steve Ragan - Aug 19 2011, 08:17
AntiSec released the VDI emails earlier this evening, after teasing the public with an email from Merrill Lynch earlier in the day. (Read more here)
The statement with the release offered up several new bits of information, and as expected, it is presented in Torrent and Web formats.
"Richard T. Garcia is also an executive board member of InfraGard, a sinister alliance of law enforcement, military, and private security contractors dedicated to protecting the infrastructure of the very systems we aim to destroy. It is our pleasure to make a mockery of InfraGard for the third time, once again dumping their internal meeting notes, membership rosters, and other private business matters," the statement said, expanding on the reasoning given earlier.
Moreover, the statement from AntiSec included a direct message to the hacker community.
"We are doing this not only to cause embarrassment and disruption to Vanguard
Defense Industries, but to send a strong message to the hacker community. White
hat sellouts, law enforcement collaborators, and military contractors beware:
we're coming for your mail spools, bash history files, and confidential
Earlier this week, Raf Los, HP's security evangelist commented that, "My point was that your 'hacktivism' is actually causing more collateral damage than good," while debating with Anonymousabu on Twitter.
The back and forth between the two went on for a brief time, but Sabu's Twitter account went silent Wednesday, after a single message.
"The greatest trick the devil ever pulled was convincing the world he did not exist. And like that... he is gone."
Some have speculated that he too has been visited by the law. At this time, there is no confirmation on this rumor, and the DOJ did not return calls seeking comment.
AntiSec is targeting defense contractors again. Continuing their beef with law enforcement, and organizations that offer them support, they have targeted Richard Garcia, the Senior Vice President of Vanguard Defense Industries (VDI). AntiSec plans to release nearly 4,713 emails and thousands of documents taken during the breach.
VDI is the Texas-based firm responsible for ShadowHawk, an unmanned helicopter that can be tasked with aerial surveillance or equipped for military usage. At its base, the ShadowHawk comes with CCD TV optics, or an upgraded version includes CCD TV optics and FLIR optics. A third version, for military or law enforcement usage only, can be equipped with a single or multiple shot 37 mm or 40mm grenade launcher, as well as a 12g shotgun, and thermal cameras.
“Any private corporation supporting US military or law enforcement operations are legitimate targets in our eyes. InfraGard and the FBI are especially our enemies,” explained the AntiSec supporter who spoke with The Tech Herald about the release.
AntiSec targeted VDI’s website due to their relationship with several law enforcement agencies from Texas and other parts of the U.S., as well as their relationship with the FBI, the DHS, and U.S. Marshals Service.
There was another reason to target VDI, business relationships aside. AntiSec supporters have it in for the FBI, and Richard Garcia himself is the former Assistant Director in Charge of the FBI’s field office in Los Angeles. To those supporting AntiSec, this alone is reason enough to target VDI and release Garcia’s corporate email to the public.
The emails were taken after AntiSec breached VDI’s website, which is driven by WordPress, a popular blogging and development platform. If not maintained however, WordPress can leave an organization vulnerable, as it needs updated regularly.
In addition, anything added to the core WordPress installation, such as plugins or custom code, will need to be checked and kept updated as well. Currently, VDI has two outdated plugins installed on their website, which had its development outsourced to a local marketing company in Texas.
The person from AntiSec would not tell us the exact method used to access Garcia’s email, only that it was through the VDI website, and that his password was rather weak (Gloria88). The plan is to release all of the emails harvested from his account.
On Monday, AnonymousIRC tweeted that someone should “get ready to be embarrassed,” tagging the post with #AntiSec and #???, which is now understood to be #FFF, or F**k FBI Friday.
The VDI data leak will have a searchable index, and its own website. Within the leaked messages, there were emails to several government agencies, as well as law enforcement agencies in Arizona, Illinois, and Ohio, each one wanting to purchase or gather information on VDI's unmanned vehicle.
There were several memos, some Confidential, most classified as For Official Use Only, related to intelligence gathering for various business sectors. One such memo, several months old, warned that a group calling itself Rising Tide were planning “protest and possibly civil disobedience” activities against oil and natural gas interests in Pennsylvania and Texas.
The most interesting thing in the leaked emails however, had nothing to do with defense. They were centered on Hollywood. An email, with an attachment called “Egg and I”, outlines what is later described by Garcia as a mini series.
“Mike [VDI’s CEO] and I see the project as a mini series where Mike's current govt character is the person traveling to handle issues developed or discussed during the weekly or bi-weekly breakfast meetings with my character, a former govt type now in the private sector with a global oil company,” an email from April of this year explains.
In addition to working with the FBI, Garcia was the Global Security Manager for Shell Oil Company for five years. So using his past to craft a story is creative. However, Hollywood is nothing new it seems.
“I retired from the FBI in 2005 and have assisted and had a character play a role in a movie from previous cases I was involved with. One movie where I assisted was "Blow" with the late Ted Demme was the director. Johnny Depp played the role of the lead as George Jung, a drug trafficker tied to the Colombian Cartels,” Garcia wrote in an email to a film producer.
“I developed Jung as a criminal source in the 1980's and he is currently still working with me while he finishes his prison term in 18 months. The second movie was "Breach" where Robert Hanssen was arrested (former FBI agent) for spying for the Russians. The actor Gary Cole played my role in the movie and Hanssen was assigned to me while at FBI Headquarters while we gather evidence against him.”
The same email also covers using ShadowHawk for aerial shots within the film industry. So there is nothing earth shattering in the emails. There are no proposals calling for smear campaigns on unions or journalists, or anything remotely close to it.
However, there are scores of email addresses, passwords, resumes, contracts (NDAs), and financial details mixed in, so there is nothing harmless in the data leak either.
Previously, AntiSec released nearly 10GB of law enforcement communications. Further details on that raid and data leak are here. We’ve reached out to Mr. Garcia for comments. We’ll update if he responds.