UPDATE: Wikileaks Dumps First of 5 Million Stratfor E-Mails

The whistle-blower Web site Wikileaks has published what it claims are the first of millions of internal e-mails taken from the Texas based strategic intelligence firm Stratfor. 

The whistle-blower Web site Wikileaks has published what it claims are the first of millions of internal e-mails taken from the Texas based strategic intelligence firm Stratfor

In a statement on the Web site of Wikileaks, the organization published links to 167 email messages – a first installment on what it claims is a trove of5 million Stratfor e-mails stolen in a hack in December, 2011.The messages in question “reveal the inner workings of a company that fronts as an intelligence publisher, but provides confidential intelligence services to large corporations, such as Bhopal’s Dow Chemical Co., Lockheed Martin, Northrop Grumman, Raytheon and government agencies, including the US Department of Homeland Security, the US Marines and the US Defence Intelligence Agency,” the Wikileaks page states. Wikileaks coordinated its release with dozens of publications around the globe including Rolling Stone Magazine, McClatchy News, The Hindu Times and La Republica. 

In a statement released Monday, Stratfor called the publication by Wikileaks a “deplorable, unfortunate — and illegal — breach of privacy.” Echoing firms like Anonymous target HBGary Federal, it also warned that some of the leaked e-mails may be forged, but said it would not make any effort to sort out legitimate from illegitimate communications.

“Having had our property stolen, we will not be victimized twice by submitting to questioning about them,” the company said.

Though Wikileaks promotes itself as a whistleblower Web site, the e-mail messages from Stratfor were taken in an illegal hack by members of the anarchic hacking collective Anonymous. Anonymous has accused the company of being engaged in spying on behalf of, and in cahoots with the U.S. government, defense contractors and the media – charges that Friedman has strenuously denied. In an e-mail to customers, Friedman claimed the attack was an attempt by Anonymous and its followers to silence his firm.

Anonymous used a Twitter account affiliated with the group to take credit for passing the e-mails to Wikileaks on December 29, shortly after the Christmas Eve hack. Wikileaks .

Data stolen by the group has been dribbling out in the weeks since the comrpomise. On December 31, Anonymous released 75,000 names, addresses, credit card numbers and md5 hashed passwords for Stratfor’s customers, as well as more than 800,000 usernames, email addresses, and md5 hashed passwords for individuals who registered on Stratfor’s Web site.

Following the hack, a number of security problems were identified on Stratfor’s network. Among other things, account information and passwords were stored in clear text on Stratfor’s servers, or weakly protected with encryption.

The organization’s Web page also allowed account holders to create passwords as short as one character to secure their account

With the e-mails released, focus now shifts to the information contained in them. That could prove to be embarrassing both for Stratfor employees and their many private- and public sector correspondences, just as leaked e-mail from the D.C. firm HBGary Federal did a year ago.

Among the e-mail exchanges released is one between Friedman and former senior Bush Administration tactician Karl Rove concerning an effort to arrange a meeting between the Indonesian Ambassador to the United States, Dino Djalal, and the former President. Other e-mail messages include sensitve information on Stratfor customers paying the firm for “Protective Intelligence” services, and capture open-source intelligence sharing between Stratfor’s various regional operatives and headquarters.

In its statement, Stratfor said that the disclosure of the emails “does not mean that there has been another hack of Stratfor’s computer and data systems,” and that its data systems”remain secure and protected.”

The Stratfor publication comes almost exactly a year after the breach and at security firm HBGary Federal and the publication of tens of thousands of internal e-mail messages. Those e-mails revealed troubling collaborations on behalf of HBGary Federal and other security firms on behalf of organizations like the U.S. Chamber of Commerce. They ultimately led to the resignation of its chief, Aaron Barr

 

Suggested articles

Hey Alexa, Who Am I Messaging?

Research shows that microphones on digital assistants are sensitive enough to record what someone is typing on a smartphone to steal PINs and other sensitive info.

Cybersecurity for your growing business
Cybersecurity for your growing business