copyright notice
link to published version: IEEE Computer, November, 2012

accesses since October 9, 2012

Stratfor or Stratagainst

Hal Berghel


Based on what you know about Wikileaks and Stratfor, which group seems to be the greater threat to society?


Nearly one year has passed since Wikileaks released Stratfor internal email provided by the hactivist group, Anonymous. There is no shortage of controversy surrounding these events. The current crop of thought leaders appear to be avoiding any potentially important policy issues that might underlie this incident. By now, this story should have inspired public discussions on any number of fronts: journalistic ethics, whether private intelligence gathering companies that use bribery to gain privileged information from politically exposed persons (PEPs) should fall under the Foreign Corrupt Practices Act, whether governments and their employees should be held accountable for supporting such activities, to name but a few.

Stratfor is a token of the post-9/11 wave of private cyber-mercenaries – for profit organizations that sell cyber-services to risk-averse and fearful businesses and governments. Though the psychology behind this mindset may be the more interesting topic and will likely be the subject of social science treatises, essays and monographs for decades, we'll limit our present discussion to the cyber-side of things.

The missions behind the crop of cyber-mercenaries seem to fit within the continuum below:

  1. intelligence gathering – basically the same investigation + analysis activities that one associates with law enforcement, perhaps with an increased level of sophistication in real-time reporting and analysis, just-in-time briefings of impending events, back-end data mining, and so forth. This activity may involve illegal behavior such as the bribery, extortion, and blackmail of PEPs.
  2. cyber-espionage and cyber-surveillance – again basically what law enforcement does, only done privately, but with neither oversight nor court orders.
  3. Cyber-weapons manufacturing and/or deployment – either licensed to clients or used offensively by developer. the user-defined return email address domain name is uninformative

From what I can tell from the Wikileaked documents, Stratfor is primarily in the first group - along with H.B. Gary and Palantir on their best behaviors. The third group is also pretty easy to populate (thanks again to the Anonymous folks). Players in this space include H.B. Gary Federal (now part of ManTech) and the Gamma Group. The middle group is harder to define because it draws talent from the other groups. For example, some of the software developed by H.B. Gary Federal and the Gamma Group were designed for cyber-espionage and cyber-surveillance (see references, below), and some of the activities of Stratfor, H.B. Gary and Palantir under such innocuous-sounding rubrics as “predictive policing,” involve surveillance. It should be noted that the activities in 1. and 2. fall within the domain of statutory investigative agencies such as police, the FBI, etc. I note here that accurate classification of cyber-mercenaries is difficult for outsiders because of the secrecy under which they operate – well outside of the sphere of statutory authority, and beyond the reach of the media – kind of like a National Security Agency without tax support.

This parallels the proliferation of corporate mercenaries (aka private armies, private military contractors, private security contractors) like Academi (formerly, Xe Services, Blackwater) and Triple Canopy. I predict that in time these interests will all converge into one-size-fits-all, general-purpose private army/police/intelligence-for-hire concerns. But for the moment, the cyber side seems to largely remain decoupled. We note that experiments at such integration have already occurred (e.g., Computer Sciences Corporation owned the private military contractor DynCorp from 2003-2005.) Not surprisingly, some of these companies have been known to target Wikileaks (see Figure 1).


Figure 1: A Slide taken from Palantir’s Slide Presentation “The Wikileaks Threat"


The Stratfor website reports “Stratfor is a subscription-based provider of geopolitical analysis….Unlike traditional news outlets, Stratfor uses a unique, intelligence-based approach to gathering information via rigorous open-source monitoring and a global network of human sources.” Founded in 1996 by George Friedman, this Austin, TX company “publishes analysis via … website and customized email updates.” It isn’t clear that much of what Stratfor does with their “intelligence” is particularly interesting or controversial but the way they get their “intelligence” is both interesting and controversial, as is evident from the Wikileaks revelations.

As on can see from the press release from Stratfor’s founder (Figure 2), Stratfor’s expressed objection to the Anonymous/Wikileaks expose is that it was “illegal” and a “breach of privacy.” Let’s see if we have this right: Stratfor is claiming that there’s something wrong with illegal breaches of privacy or the dissemination of information that has been obtained without permission of the owner. Let’s ponder this awhile. This seems to me to be a clear case of pots and kettles, snakes and crabs, and/or brambles and pomegranites. Let’s try to put this in some sort of meaningful perspective.


Figure 2: Stratfor CEO’s Announcement of the Wikileaks Revelations


Where Wikileaks has been extensively covered by the mainstream press for several years, Stratfor has operated largely in the dark. Many of us had never heard of Stratfor before the Anonymous hack of December, 2011. I offer the following short review for the benefit of the uninitiated.

Stratfor's avowed goal is to become “the world's leading private intelligence organization.” This is expressly stated in one of CEO George Friedman's leaked emails (September 5, 2011 with the subject line “Labor Day Review of Where We Are.”) This is also the email where Friedman announces to Stratfor employees the StratCAP partnership with Shea Morentz, then Managing Director of Goldman Sachs, who invested several million dollars in Stratfor to create actionable intelligence useful to investors in exchange for a Stratfor board seat. Apparently this deal soured.

Stratfor uses global informants. According to some media reports, at least some of these informants are paid via Swiss bank accounts and pre-paid credit cards.

Stratfor serves global corporations and agencies. A quick review of the “GB Master Client List” spreadsheet dated 3-15-07 is a Who's Who of financial institutions, government contractors, technology companies, Forbes 1000 companies (e.g., Coke, Wexford Capital, Perot Systems, Dow Chemical, Northrup Grumman), etc.

According to Friedman, Stratfor is not above innovative means to control their sources: “ If this is a source you suspect may have value, you have to take control od [sic] him. Control means financial, sexual or psychological control to the point where he would reveal his sourcing and be tasked.” George Friedman email of December 6, 2011 to a Stratfor intelligence analyst regarding an informant's report on the health of Hugo Chavez.

Regarding relationships with the media, Stratfor works with media organizations and journalists whom they refer to as (among other things) “Confederation Partners.” It's not at all obvious that a private intelligence organizations close relations with the media satisfies the standards of journalistic ethics taught in the academy.

With those few clarifications in mind, I offer the following modest comparison between Stratfor and Wikileaks in terms of their operations and objectives for your consideration,


Activity Wikileaks Stratfor
Revenue Model

Not for profit

For profit

Primary constituency served

Media/ individuals

Corporations/ agencies

Seek access to non-public, proprietary or classified information, for which they are not authorized access by the owner

Under Dispute

Yes
Relies on a leak-centric communication network Yes Yes
Build a system on paid informants No Yes
Uses active intelligence system: leakers, spies and whistle blowers Yes Yes
Willing to corrupt media resources Perhaps Yes
Partner with media to inform public Yes No

Provide intelligence to media/public

Yes Limited

Provide actionable intelligence to partners in military industrial complex

No Yes
Black OPS No Yes
Use of 3 rd party contractors (spies) No Yes
Control sources: money, sex, blackmail, extortion No Yes
Nature of risks to society Overt Covert

TABLE 1: One Comparison of Wikileaks and Stratfor Operations


I’ve tried to base Table 1 on information available from mainstream media reports and analysis of the Wikileaked documents. Assuming that this is a fair characterization, and based on what you know about Wikileaks and Stratfor, which group seems to you to be the greater threat to society?

THE BRIGHT SIDE

Good journalists are always concerned about the possibility of accidentally disseminating erroneous information. At this point, I haven’t seen a single report from any source that I deem credible that claims the Wikileaked Stratfor emails are bogus. I encourage everyone to look into these leaked documents, and the concomitant media coverage, and come to their own conclusion.

The Stratfor revelations are alarming for at least two reasons. First, I am not convinced that Stratfor's approach to intelligence analytics will lead to significantly better decision making than we've come to expect from the military industrial complex, and I am fearful that unenlightened leadership may be lulled into over-reliance on such analyses. That might in turn lead to even more ill-advised decisions. Second, I am bothered by the lack of oversight and transparency in the process. From the email, it appears that Stratfor has introduced a corrupting influence on the process of intelligence gathering. The question that informed world citizens should ask is whether they feel comfortable with their governments supporting such things. It should be emphasized that there is a reason why governments and businesses outsource this kind of work! Is it due to the fact that dedicated private companies are so much better at it? Or do the customers and clients want to maintain distance from, and deniability of, putatively illegal activity.

There is no obvious fourth amendment protection against private shadow intelligence agencies, just as there is no first amendment protection against PayPal banning books. While the constitutional lawyers argue the legality, the public should be discussing whether or to what extent Stratfor's activities are consistent with democratic values and the rule of law, and whether government agencies should be tolerating it much less encouraging it. I'm not sure that a “trust us” defense should be any more compelling to society in this case than when it was used to defend flawless efficient markets before the last economic meltdown.

One final observation: it is unlikely that any of this would have become public were it for Anonymous. But that's a topic for another column.


OOB URL Pearls

Bruce Schneier refers to H.B. Gary Federal as a “cyberweapons arms manufacturer.” ( http://gizmodo.com/5888440/wikileaks-reveals-private-cias-dirty-laundry-updating-live .) H.B. Gary Federal has been associated with a variety of software that would qualify as either. These would include FastDump and FDPro Windows memory capturing utilities and the Windows rootkit project, Magenta (c.f. http://cyberwarzone.com/cyberwarfare/hbgarys-rootkit-project-magenta?page=4 ) .Gamma Group is associated with FinFisher, a general-purpose snoop tool that offers screen scraping, Skype session capture, keylogging, decryption and rootkit capabilities ( c.f - bits.blogs.nytimes.com/2012/08/13/elusive-finspy-spyware-pops-up-in-10-countries/ ). Some interesting analysis of the FInFisher product may be found via https://citizenlab.org/2012/07/from-bahrain-with-love-finfishers-spy-kit-exposed/ .

Wikileaks refers to the 5 million or so Stratfor email messages that it released as “The Global Intelligence Files” ( wikileaks.org/gifiles/releases.html ). Wikileaks has a the entire Palantir/HB Gary Federal/Berico slide presentation in PDF format online at http://wikileaks.org/IMG/pdf/WikiLeaks_Response_v6.pdf . Forbes.com has the complete statement from Palantir CEO Alex Carp online at http://www.forbes.com/sites/andygreenberg/2011/02/11/palantir-apologizes-for-wikileaks-attack-proposal-cuts-ties-with-hbgary/ .

The PayPal book-banning story has been well covered ( http://www.huffingtonpost.co.uk/bernard-oleary/paypal-banned-books-the-books-banned-by-paypa_b_1314953.html ). In reaction to the outcry from anti-censorship groups, PayPal has since lifted the ban ( http://www.abffe.org/news/86299/ ).