Themis Applies JSOC Techniques to Citizens “Extorting” from Corporate Clients
I have a feeling I’ll be doing a lot of these posts, showing how Hunton & Williams asked “Themis” (the three firm team of HBGary, Palantir, and Berico Technologies) to apply counterterrorism approaches to combat First Amendment activities.
This particular installment comes from an early presentation and accompanying proposal Themis prepared for Hunton & Williams. These documents were attached to an email dated November 2, 2010 sent out by Berico Technologies’ Deputy Director. He explains that the presentation and proposal would be briefed to H&W the following day.
The Powerpoint includes a slide describing the purpose of Themis’ pitch to H&W.
Purpose: Develop a corporate information reconnaissance service to aid legal investigations through the open source collection of information on target groups and individuals that appear organized to extort specific concessions through online slander campaigns.
Now, this is in the period when H&W was only beginning to discuss the Chamber of Commerce project with Themis, long before the BoA pitch. That is, this is the period when they were discussing generalized opposition to Chamber of Commerce.
And of that they got “extortion”? “slander”?
Apparently the team members of Themis–several of whom, as veterans, would have sworn an oath to our Constitution–accepted the premise that union members and poorly financed liberals opposing the wholesale sellout of our politics to private corporations constituted “extortion” and “slander.”
These firms, two of which deny any ill will, were willing to describe political speech–the opposition of working people to the Chamber’s hijacking of our politics–as “extortion” and “slander.”
More shocking to me, though, is where the proposal uses a Special Operations model to describe what Themis planned to do for H&W. On a proposal bearing Berico Technologies’ document header, Themis places their proposed “Corporate Information Reconnaissance Cell” next to a Joint Special Operations Command F3EA “targeting cycle” with this explanation:
Team Themis will draw on our extensive operational and intelligence experience to rapidly make sense of the volumes of data we’ve collected through the application of proven analytical/targeting methodologies. Drawing on the principles and processes developed and refined by JSOC in the “Find, Fix, Finish, Exploit, Analyze” (F3EA) targeting cycle, we will develop and execute a tailored CIRC intelligence cycle suited to enable rapid identification/understanding, refined collection/detection, focused application of effects, exploitation, and analysis/assessment.
Mind you, this is just a fancy graphic for “analysis”–the kind of stuff civilians do all the time. But Themis–led by Berico Technologies in this case–decided to brand it as a JSOC (Joint Special Operations Command) product, applying an American unconventional warfare model to targeting political opponents engaging in free speech.
This is a bunch of veterans proposing to go to war against citizen activism on behalf the Chamber of Commerce and other corporations.
The proposal also highlights the JSOC experience of one Palantir team member.
He commanded multiple Joint Special Operations Command outstations in support of the global war on terror. Doug ran the foreign fighter campaign on the Syrian border in 2005 to stop the flow of suicide bombers into Baghdad and helped to ensure a successful Iraqi election. As a commander, Doug ran the entire intelligence cycle: identified high-level terrorists, planned missions to kill or capture them, led the missions personally, then exploited the intelligence and evidence gathered on target to defeat broader enemy networks.
Berico’s statement (from their CEO, Guy Filippelli, whose experience as Special Assistant to the Director of National Intelligence was also highlighted in the proposal) denied they would proactively target any Americans and spun the project itself as “consistent with industry standards for this type of work.”
Berico Technologies is a technical and analytic services firm that helps organizations better understand information critical to their core operating objectives. Our leadership does not condone or support any effort that proactively targets American firms, organizations or individuals.
[snip]
Late last year, we were asked to develop a proposal to support a law firm. Our corporate understanding was that Berico would support the firm’s efforts on behalf of American companies to help them analyze potential internal information security and public relations challenges. Consistent with industry standards for this type of work, we proposed analyzing publicly available information and identifying patterns and data flows relevant to our client’s information needs.
Yet it was Berico Technologies’ Deputy Director who sent out these documents adopting a military targeting approach for responding to citizens engaging in free speech.
Ahh, the magic of purporting to hide this defaming conduct under the umbrella of attorney-client privilege. It’s enough to sour wine, and to cast doubt on the utility of BofA and other client claims that they didn’t authorize such programs. Of course not, their lawyers did. But one can’t challenge the lawyers to divulge information because this was only research or background work, prepared in connection with rendering legal advice to clients.
That’s a perversion. But I’d love to know how closely such programs are monitored so as not to violate civil rights, computer security, data protection and privacy laws at home and abroad. We wouldn’t want clients, lawyers and “service” providers inadvertently to break the law or put themselves in a position where an unfriendly prosecutor might call their cooperation a conspiracy to violate it.
This still has the power to shock me. I hope others still can be appalled by this, after all we have been exposed to.
I’m appalled. I used to work in the defense industry. I’m not appalled that there is someone in that community who is willing to do this sort of thing. That’s pretty much a given. It’s appalling that there seem to be so few who are willing to set these people straight when they start doing things like this.
But jargon sounds so coool, and might keep the odd Virginia judge off their backs by affirming this crap somehow relates to “national security” or that enforcing civil discovery or allowing criminal prosecutions might “inescapably” require divulging state secrets.
That smacks of an attempt to make these programs legally invisible or give them and their perpetrators de facto immunity. Poorly conceived, researched or executed, however, and such programs could easily run afoul of the law here and abroad.
And that seems like nothing more than the logical extension of Obama’s misconceived “look forward, not back” attitude toward high-powered lawbreakers. Depressingly, that’s only an extension of Bush’s earlier non-enforcement of laws against excesses committed by corporations and his own administration.
I dunno, to me this smacks of a bunch of hacks desperate to land a contract — kinda like the way a certain kind of guy will puff up blowing all kinds of smoke to try to get a cute girl in the sack ; )
From what I’ve read, Chet Uber, his friend strandedwind (who wrote a few diaries at myfdl) and Aaron Barr sound like con men or oversold poseurs desperate for startup capital for their hollow companies and are willing to do anything to get it.
Just get a real job, guys. You’ll feel so much better about yourselves and you won’t need so many showers. That patriotic patina wears thin when you’re selling out those who actually do sacrifice themselves for the betterment of their countrymen or mankind.
My guess is that the reason that Palantir’s CEO practically fell out of his chair in his rush to apologize to Glenn was to prevent exactly this. He didn’t want Glenn or anyone else to take a closer look. These guys really are idiots.
If this really is the best intelligence money can buy and if these guys really are former veteran intel guys, it’s hardly any wonder that the Washington chorus of Who Could Have Ever Imagined has become as endless as 100 Bottles of Beer on The Wall…
They may be idiots, but they are also dangerous. The program was rolled out, or rather revealed, too early. The product is not ready for prime-time. But give it time. Soon it will be considered “necessary” to combat the “enemies” within.
The appearance of JSOC tactics used against domestic critics of the government is inevitable blowback from the imperialist campaigns undertaken abroad. What is not inevitable is their success. But if there is not strong and consistent fight-back on this soon, politically, then the success and spread of these programs (already underway in one form or another, secretly) will be ensured.
Thanks, EW, for reporting on this crucial issue.
In other words, bloggers with a loyal following who demand accountability for corporate criminals.
Nice analysis.
Propose this case to the Directors of Good Wife…
They’ve got some sleazy law firms
For now, I’m putting aside the, I don’t know, ten comments I’d like to make on specific points in order to just say these two things:
So, because the “Joint Special Operations Command outstations in support of the global war on terror” has been so f’ing successful, they’re selling their techniques to Corporate America? Really? If JSOC is so f’ing glorious, why are we still in Iraq
And second, these people are out of their f’ing minds, and people from our government spend our money to hire them for contracts. They’re government contractors.
” If JSOC is so f’ing glorious, why are we still in Iraq”
Because winning is to be avoided at all costs. Such an end state abrogates the rationale for the MIC and perpetual war. How can all that be justified if victory is achieved? If the JSOC’s business model keeps them employed and in demand, it works. Why not follow this proven approach if you are looking to cash in on the GWOT and get your filthy snout in the trough? Why would the JSOC or criminal narcs want to work themselves out of a job?
So our own government is paying outsiders to commit espionage on it’s own citizens!
For political reasons!
This is not MY COUNTRY!
oops. I gotta tone it down. Uber may show up to post a chat log and tell me off after I’ve shut down for the day.
Actually, not the government (unless you’re arguing that the Chamber, in the wake of Citizens United, is the government, which I guess is plausible).
It’s all laundered through, first, a law firm that offers attorney client privilege, and then through the businesses themselves.
Ugh, both the actions of Themis and this post are crap. Themis used military jargon in order to make a sale, that is all. This stuff is obviously targeted at male buyers of their services.
Trying to tie in “free speech” rights (and the oath that military members swear) doesn’t add anything to the fact that what these firms were trying to do is sleezy. Since these are private firms, nothing the veterans could do would in any way infringe on a person’s constitutional rights.
What was it “Chet” said, never assume. It’s quite possible for private actors as well as governments to violate one’s civil rights. I seem to recall Bobby Kennedy successfully making that argument in more than one “murder” case in the Deep South. I fail to see how gender and prior military service relate to that at all.
Your argument also fails to address that what these vendors propose could well violate a host of other computer, data protection and privacy laws. Since their actions were not limited to the US, indeed were specifically targeted at US and non-US actors alike, that risk is multiplied. These documents evidence not the slightest awareness of that problem. Rather, they imply a disdain for it.
Sorry, this was a program initiated by a law firm.
If the anti-chamber groups indeed were “slandering” or “extorting” the Chamber, then the law firm had all the obvious legal remedies.
Instead, they solicited spying and info ops to combat the legally protected political activities of people doing little more than exposing what the Chamber does. Those proposed activities may or may not have violated the law (we don’t know what they would have done). But it is clear the actions were a despicable response to political speech.
You mean could do legally, right?
This is arrant nonsense. Firms that can afford to hire this kind of service are able to extort or blackmail people into keeping silent. That’s what they’re doing. With that kind of power, they might as well be a government. Plus, as has been pointed out both here and in previous articles, this proposal came from firms that are associated with the defense industry, using methods and systems that have been used to hunt terrorists to frighten people into staying silent.
If people are afraid to speak, and have good reason to, then there’s a freedom of speech problem.
I’ve been trying all morning to figure out how this story about the FBI’s Going Dark program relates to our current topic.
The part that makes me wonder is
The crossover is making me suspicious.
The citizens of a nation conducting an endless war must expect that war terms and procedures will be used against them.
from War Is the Health of the State
by Randolph Bourne
So the basic problem is the endless war which by its inherent nature limits and even prohibits the funding, conduct and/or support of normal peaceful activities, while the government employs war techniques against citizens. It’s why a lot of people wear cammies, too.
This is the thread on the sweater.
The perps were hoping that if they just tossed HBGary over the side, the problem would go away. It hasn’t and it won’t.
Well, I think the ‘semin on the blue dress’ analogy is probably pretty apt here.
I just happened to spot this headline in the UK Financial Times edition, and popped over to leave a note as cybercrime has been a theme here at EW’s since… at least 2007, IIRC.
(The US FT has Bahrain military crackdown as the lead headline as I type this; the UK FT has the issue of Cybercrime costing the economy 27 Bn pounds/year as the main headline as I type. The link to the article is too ideosyncratic to leave here; this link goes to main page so anyone who uses it may have to shop around a bit for the Cybercrime article.)
But after scanning this thread, it leads to a question: how many of the articles about the risk of cybercrime are planted by the friends and acolytes of HBGary? And how many are actually ‘real’.
As far as I’m concerned, HBGary **is** cybercrime. But it sure appears there’s a social psychology piece in the mix, all about personal identity and being a keyboard warrior. That’s a powerful, powerful mix; add in a nice salary plus benefits, and this thing looks very, very dangerous to me.
When the criminals believe they are acting as cops, we’ve got very serious problems. And when they are given status, a salary, and perks to believe they are acting as cops, we are in a whole new kind of Erik Prince spawned kinds of trouble.
is that Hummingbird looking at ya funny?
(emphasis mine)
Oh, goody. And let’s check out the corporate boards of some of these companies developing these sorts of technologies.
Rosneft, for instance, is wheedling itself right into BP. So how many of these little ‘defense contractor’ companies are loaded with ex-KGB types, or others who may not be… well… fond of things like the Pilgrim stories and the Founding Fathers stories and City Council meetings that someone like myself grew up with…?
Just askin’.
Ooh, ooh. *waves raised hand* Do we get to use Palantir software to find linkage patterns among corporate boards?
;-)))))))))))))))))))))))
I’m loving the way your mind is working ;-)))))))))))))
u2funny.
That would be like using a supercomputer to swat a fly; in many instances, the interconnections and the comfy culture are obvious. Board members too critical of management, or too incisive in their knowledge and questioning of management, don’t stay long. The jungle drums forewarn other CEO’s that might hire them before the mahogany door hits them in the bum on the way out.
Apologies, EOF. I’d read BTF’s comment as humor ;-)
Anything that hovers is pretty uncommon in a city. I suppose they could try for a fake kestrel.
Funny how in the mindset of these players telling the truth about corporate conduct becomes “slander”. Likewise, advocating that corporations pay their fair share of taxes – or pay for the damages to others caused by their heedless, headlong pursuit of profits at any cost – becomes “extortion”. Even the Chicago School would call that “internalizing” the costs of an enterprise by making those most responsible for and able to control them liable for them.
Outside of such Orwellian misdefinitions, “slander” colloquially means a spoken statement that claims to be a fact, not opion, that harms another’s reputation, business or livelihood. The key issue is that it be false, inaccurate, seriously misleading. For public figures such as actors, political figures and large corporations, the falsehood must also be knowing and intentional. Outside of dictatorial regimes usually located in Africa, the ME and Asia, truth is an absolute defense. A tort, or private wrong in common law countries, it’s often a crime in civil law countries.
“Extortion” is explicitly a criminal offense. It involves unlawfully obtaining something of value through threats, abuse of authority, and the like. “Nice shop; it’d be a shame if it burnt down tonight….” “The prosecution’s case is rock solid, but for a small fee, the prosecutor might forget to pursue it….” It’s use here is an attempt to defame critics of corporate behavior.
These players are pandering to clients by using Rovian inversions of what words actually mean in order to make money. Standard American business practice, it seems.
One has to ask, how for were these people will to go in copying the JSOC model?
Killing the opposition? Once one breaks the law, and decides to break it in a conspiracy, and the objective is to silence unpleasant voices, is there any limit to their actions?
These people are using their skills, counter insurgency (aka: killing people), to achieve commercial ends, under the legal shield of client/lawyer privilege.
What else have they done?
Because nothing says “terrorism” like free expression…
“This is a bunch of veterans proposing to go to war against citizen activism on behalf the Chamber of Commerce and other corporations.”
The GWOT has always been, first and foremost, about domestic control, which is the primary job of any government.
And this is nothing more than what the US military has been doing to folks in the Middle East for the past 20 years, their “oath” to the Constitution not withstanding.
Thanks for fleshing out some of the details, EW.
WTF is “our corporate understanding…?
Today’s posting that included JSOC in the title reminded me of a something that had been swirling in the back of my mind since we first learned of Aaron Barr. In his emails his truncated use of language and overuse of military jargon suggested someone who doesn’t think in complete sentences, let alone coherent paragraphs; yet nevertheless has an agenda. It all seemed familiar; then I remembered another contractor wannabe, who wamted to make money applying technical force to “enemies”: the infamous “Dr” Mitchell.
I’m actually a big fan of a strong military, and a bigger fan yet of a smart military. (Must be all those history classes I took…) But I’m an even bigger fan of things like Bacevitch’s “The Limits of Power”, and Lao Tzu: the ultimate warrior creates conditions that make war unnecessary.
With that said, you make a good point.
I impute it to too many Powerpoint presentations, in part.
Orwell4pictures.
Persona Management Software.
Solicitation Number: RTB220610
Agency: Department of the Air Force
Office: Air Mobility Command
Location: 6th Contracting Squadron
0001- Online Persona Management Service. 50 User Licenses, 10 Personas per user.
Software will allow 10 personas per user, replete with background , history, supporting details, and cyber presences that are technically, culturally and geographacilly consistent. Individual applications will enable an operator to exercise a number of different online persons from the same workstation and without fear of being discovered by sophisticated adversaries. Personas must be able to appear to originate in nearly any part of the world and can interact through conventional online services and social media platforms. The service includes a user friendly application environment to maximize the user’s situational awareness by displaying real-time local information.
0002- Secure Virtual Private Network (VPN). 1 each
VPN provides the ability for users to daily and automatically obtain randomly selected IP addresses through which they can access the internet. The daily rotation of the user s IP address prevents compromise during observation of likely or targeted web sites or services, while hiding the existence of the operation. In addition, may provide traffic mixing, blending the user s traffic with traffic from multitudes of users from outside the organization. This traffic blending provides excellent cover and powerful deniability. Anonymizer Enterprise Chameleon or equal
0003- Static IP Address Management. 50 each
Licence protects the identity of government agencies and enterprise
organizations. Enables organizations to manage their persistent online personas by assigning static IP addresses to each persona. Individuals can perform static impersonations, which allow them to look like the same person over time. Also allows organizations that frequent same site/service often to easily switch IP addresses to look like ordinary users as opposed to one organization. Anonymizer IP Mapper License or equal
0004- Virtual Private Servers, CONUS. 1 each
Provides CONUS or OCONUS points of presence locations that are setup for
each customer based on the geographic area of operations the customer is
operating within and which allow a customer?s online persona(s) to appear to originate from. Ability to provide virtual private servers that are procured using commercial hosting centers around the world and which are established anonymously. Once procured, the geosite is incorporated into the network and integrated within the customers environment and ready for use by the customer. Unless specifically designated as shared, locations are dedicated for use by each customer and never shared among other customers. Anonymizer Annual Dedicated CONUS Light Geosite or equal
0005- Virtual Private Servers, OCONUS. 8 Each
Provides CONUS or OCONUS points of presence locations that are setup for
each customer based on the geographic area of operations the customer is
operating within and which allow a customer?s online persona(s) to appear to originate from. Ability to provide virtual private servers that are procured using commercial hosting centers around the world and which are established anonymously. Once procured, the geosite is incorporated into the network and integrated within the customers environment and ready for use by the customer. Unless specifically designated as shared, locations are dedicated for use by each customer and never shared among other customers. Anonymizer Annual Dedicated OCONUS Light Geosite or equal
0006- Remote Access Secure Virtual Private Network. 1 each
Secure Operating Environment provides a reliable and protected computing
environment from which to stage and conduct operations. Every session uses a clean Virtual Machine (VM) image. The solution is accessed through sets of Virtual Private Network (VPN) devices located at each Customer facility. The fully-managed VDI (Virtual Desktop Infrastructure) is an environment that allows users remote access from their desktop into a VM. Upon session termination, the VM is deleted and any virus, worm, or malicious software that the user inadvertently downloaded is destroyed. Anonymizer Virtual Desktop Infrastructure (VDI) Solution or equal.
Contracting Office Address:
2606 Brown Pelican Ave.
MacDill AFB, Florida 33621-5000
United States
Place of Performance:
Performance will be at MacDIll AFB, Kabul, Afghanistan and Baghdad, Iraq.
MacDill AFB , Florida 33679
United States
https://www.fbo.gov/index?s=opportunity&mode=form&id=d88e9d660336be91552fe8c1a51bacb2&tab=core&tabmode=list&=
You can still track some of these folks by IP address, or by machine/software type, but it’s getting to be more rare to be able to do that. In theory, you could build such a system with a couple of dozen different software profiles, all inside one box that fits in a rack somewhere. It’s a pain in the ass to administer if you care about security and reliability, but I suspect these guys don’t worry about that so much in this kind of “operation”.
Oh how history repeats itself…
I read these articles this summer. I thought they were creepy then. In light of this post series, I must write, I underestimated the creepiness.
Oh, more creepiness today at the guardian.uk, but about Bahrain’s security services:
So this is a global kind of pseudo securitization ‘services’ mumboJumboNuttiness.
Whee!
But the Bahrainians probably don’t have to launder these services through law firms.
Absolutely amazing…and not in a good way.
Hmm…
Interesting… I wonder if the importance of Twitter and FB are about the ability to spoof and game those systems?
I thought it was just marketing, but perhaps it’s a bit more nefarious than that.
Read this too if you have the time :
“The HB Gary Email That Should Concern Us All”
http://bit.ly/hyYMn5
Yes, this is how they work. Thanks for linking to that excellent DKos diary by “Happy Rockefeller”.
Thanks for the excerpt.
In re control, the illusion of consensus and time it is helpful to read “Ah Pook Is Here” by William Burroughs.
“Question: Is Control controlled by its need to control? Answer: Yes . . . Mr. Hart is building up his control machine. He knows that DEATH is the picture of Death . . . But he needs more and more stinking humans for making stuff. And what’s that wonderful stuff? Well it’s just feeling safer and safer. And what he digs the safest is taking care of some human cur that threatens his gilt-edge fear stock. Blue note fixes him right, just swim in it forever . . . Mr. Hart sits there wrapped in an orange flesh robe in a blue mist of vaporized bank notes. In order to enjoy this particular form of junk he must control others because this blue junk is made of fear and control. Mr. Hart has a burning down habit and he will burn down the planet. Because the more control you exercise the less time you have in which to exercise it . . .”
An accurate description of most Neocons.
http://www.users.muohio.edu/hergerbk/ahpook.pdf
Welcome to the “War on Terror”, Marcy Wheeler!
Chickenshit chickenhawks pretending to be Delta-Force type recon counterterrorism experts. Pathetic wanna-be computer console soldiers in the wrong damn war against the wrong damn people.
I effing luv the Internet. Long live ‘Anonymous’!