by BJW Nashe
High-tech journalist and activist Barrett Brown is probably the most interesting person facing criminal charges in America right now. For those of us who are troubled by recent revelations about the NSA’s secret spying program, the recent arrest and prosecution of Barrett Brown only serves as a further indication that there is something rotten deep inside our expanding security state. We can’t help but see the current, heavy-handed crackdown on whistleblowers, leakers, hackers, and online activists as a dire threat to our democratic laws and our civil rights. A stench of imperial power, corruption, and lies seems to linger over the whole affair.
Barrett Brown hasn’t murdered or raped or assaulted or fired a gun at anybody. No terrorist threats, no armed robberies, no arson. Not even any shoplifting that we know of. His alleged crimes are mainly related to his investigation of confidential information pertaining to various cyber-security firms. He himself is not charged with hacking or stealing any of this information. As a journalist and editor, he was analyzing materials that others had stolen. During his investigation, he copied and pasted a link online to a massive trove of data that included credit card information. Then, once he knew the authorities were after him, he stashed a computer at his mother’s home. Under duress, he also railed against and issued threats to an FBI agent on YouTube.
Now Barrett Brown faces over 100 years in prison if he is convicted of all charges against him. Just 32 years old, he sits in a federal prison in Texas, killing time by reading cheerful Russian literature (Crime and Punishment, The Gulag Archipelago), as he awaits trial on 17 felony charges stemming from three separate indictments. All of the charges are serious, but the majority of them, pertaining to that pasted link, are counts typically levied against cyber-terrorists and identity thieves. On top of all this, Brown has been silenced by a federal court gag order which prohibits him from speaking to any members of the press or the media.
Barrett Brown is many things: an online activist, a skilled investigative journalist, an outspoken thinker, a charismatic provocateur, an angry young man, a drug addict, a quick wit, and even at times a bit of a charlatan. The now iconic photograph of him taken by Nikki Loehr to accompany a March 2011 profile piece in D Magazine manages to capture all of these characteristics. We see him seated in his Dallas apartment — a lanky, heavy-lidded, floppy-haired youth with an insolent expression and slight sneer reminiscent of Arthur Rimbaud. He’s wearing Levis, cowboy boots, a blue Oxford shirt and tan corduroy jacket, leaning back in a worn armchair in front of his cluttered wooden desk, with his ever-present Sony computer-notebook within arm’s reach, books and magazines piled up all around, and a stuffed bobcat mounted on the wall above baring its fangs at the whole spectacle of the room below.
No doubt, Barrett Brown makes for good copy. Journalists have enjoyed detailing the exploits of the louche, chain-smoking character in the Dallas photo. Brown has reciprocated with a fair number of outlandish statements and live-streaming YouTube rants. He is a larger than life character who seems to have stepped out of some cutting edge new thriller about technology, drugs, and radical politics. Novelists live to dream up characters such as Barrett Brown. They rarely succeed, though. Real life often does a better job than fiction when it comes to creating strangely compelling human beings.
And while Barrett Brown certainly is strange and truly compelling, he is definitely not a dangerous criminal — at least not to his many supporters who see him now as a political prisoner. People unaware of the online activist controversies of the past several years are probably wondering, how did this guy end up in so much trouble?
Portrait of the Hacktivist as a Young Man
First, a quick biographical sketch. Barrett Brown was born and raised in Dallas, Texas, where his father reportedly made, and then quickly lost, a large fortune on the real estate market. Barrett’s parents divorced when he was 7 years-old. A highly intelligent but very restless student, he was apparently diagnosed with Attention Deficit Disorder at an early age. His later drug use may have been a way of self-medicating for this condition. Still, he was a voracious reader, with strong language skills, a dark sense of humor, and a pronounced rebellious streak. Like many in his generation, he became obsessed with computers and digital technology as a teenager. After graduating from the Episcopal School of Dallas, he was able to do some traveling, visiting his father in Africa, where the elder Brown was a big game hunter in Tanzania. As a young man, Barrett honed his rebel-without-a-cause act. Hen enjoyed breaking the rules; even more, he liked to joke about it afterwards using his own brand of trash-talking braggadocio. Brown’s speaking style is oddly charismatic — a distinctive kind of rapid, staccato mumbling seasoned with a vaguely Southern accent similar to Hunter S. Thompson, who just happened to be one of his favorite writers. He also used to enjoy reading Ayn Rand, but has since dismissed her as a primary influence.
By the time Brown was in his mid-twenties, he was spending most of his free time online — playing games, screwing around in chat groups, and stirring up mischief. The laissez-faire 4chan web site became a regular online haunt. Here, on several different anonymous message boards, visitors could post uncensored items, as well as plan various hoaxes and pranks. A former girlfriend has described Brown in pseudo-naked lunch terms, as spending hours and days on end shooting heroin, smoking cigarettes, and working/playing on his computer. He enrolled in the University of Texas at Austin, but eventually dropped out, then bounced around between Texas, New York, and Africa. As some of the 4chan users evolved into more serious online activists, Brown formed ties with the crowd that would eventually become known as Anonymous. Using some New York City contacts, he began working as a freelance writer in order to formulate his strong views regarding online freedom and the culture of hacking.
In 2008-09, when Anonymous emerged as an international force, Barrett Brown started to gain fame as a “spokesman” for the group. This tag line was not entirely accurate, however. The group has never had any real leadership, let alone official spokespersons. And even though Brown most likely participated in some of the group’s early activities, he chose not to remain anonymous. He viewed himself as a combination of political philosopher and renegade PR man for the movement, rather than just a hacker. He published several articles in The Guardian, Vanity Fair, the Huffington Post, and Business Week. He was hoping to complete and publish a book about Anonymous. By the time he was speaking regularly to the press and media — or, as some would argue, making a spectacle of himself as a kind of celebrity hacktivist — Brown’s journalism had taken a more serious turn, along the lines of Julian Assange at WikiLeaks. He formed an innovative research outfit called Project PM, which worked collectively — using online crowd-sourcing techniques — to analyze leaked or hacked information. In particular, Brown and Project PM liked to focus on internet surveillance and the shadowy brave new world of intelligence security (or “IntelSec”) that was mainly kept hidden from the public. It is for daring to investigate the secret workings of the IntelSec world that Barrett Brown became a prized target of the U.S. Department of Justice.
Anonymous Actions
To clearly grasp the scope of Brown’s activities and alleged crimes, it’s important to understand the hacktivist ethos, the achievements of Anonymous, and the threat they posed to the IntelSec establishment.
Anonymous became newsworthy when they shifted away from being just a group of pranksters or “trolls” associated with the 4chan web site, and turned into a formidable activist network.The turning point was the group’s coordinated attacks against the Church of Scientology in 2008. Anonymous were aware that the Church of Scientology had a long history of suppressing any information or coverage that it considered damaging. When the Church, which had a long history of suppressing unfavorable media coverage, tried to get some embarrassing Tom Cruise footage removed from YouTube, they ran afoul of Anonymous’s fanatical adherence to online freedom of information. So Anonymous went on the offensive, organizing worldwide protests at Church buildings and offices, and mounting a cyber-attack — or distributed denial of service (DDoS) — that crashed the Church’s website. A DDoS is achieved when significant numbers of activists simultaneously employ a certain type of software (“Low Orbit Ion Cannon”) to overload and disable the targeted site. Since these attacks cause no permanent damage to any persons or property, but rather, serve to temporarily disrupt normal operations, they can be seen as the digital equivalent of a sit-in at a bank or a university. Though illegal to some degree, the DDoS is most accurately characterized as a protest tool, rather than a weapon or an instrument of vandalism.
The success of the DDoS attack on the Church of Scientology served as a template for future actions — the most famous being Operation Payback, which targeted MasterCard, Visa, and PayPal in retaliation for these firms’ refusal to handle contributions to WikiLeaks. On December 8, 2010, Anonymous shut down each company’s website, seriously hampering all of their transactions for an entire day. And they did so with ease. It took no more than five minutes to crash the MasterCard site, and just 30 seconds for Visa. This sent shock waves through the American government and business world. Similar attacks were subsequently launched against other “enemies of freedom” such as the Motion Picture Association of America, Sony, the FBI, Department of Justice, the Westboro Baptist Church, Senator Joe Lieberman, the Ugandan government, and the Australian government. An element of humor often was involved. The action taken against the Australia, for instance, in response to the government’s attempts to suppress certain types of online pornography, was called “Operation Titstorm.” This included not only a DDoS attack that brought down the government’s main website, but also a torrent of porn-related emails, faxes, and prank phone calls to government officials.
As if these targeted attacks on various institutions weren’t enough to rattle establishment cages, Anonymous, along with other hacktivist groups such as Telecomix, also played a key role in the Arab Spring uprisings in Tunisia and Egypt, and the Occupy protests in the United States, during which a DDoS attack was mounted against the New York Stock Exchange. Meanwhile, Anonymous bolstered its technical acumen with anarcho-revolutionary rhetoric and zeal. Here is how Barrett Brown, never one prone to understatement, assessed the group at the height of all this activity:
“Having taken a long interest in the subculture from which Anonymous is derived and the new communicative structures that make it possible, I am now certain that this phenomenon is among the most important and under-reported social developments to have occurred in decades, and that the development in question promises to threaten the institution of the nation-state and perhaps even someday replace it as the world’s most fundamental and relevant method of human organization.”
Big Data Hacks
Even more serious that the DDoS disruptions were the massive hacks undertaken by Anonymous and its associates, in which skilled hackers would illegally break into a targeted organization’s system in order to steal data or cause mischief. “Our people break laws, yes,” Brown has said. “When we do so, we do it as an act of civil disobedience. We do it ethically.” Brown has also argued that certain important information can only be obtained through unauthorized leaks or illegal hacks. There is no other way for the public to get access. If obtaining the information serves the public good, Brown thinks it is ethical to utilize technically illegal methods to get the information.
One of the largest of these actions was the now-legendary “HBGary hack.” In February 2011, Aaron Barr, the CEO of California-based cyber-security firm and government contractor HBGary Federal, decided to make a name for himself by taking on Anonymous. In an interview with the Financial Times, he claimed to have identified Anonymous’ leadership using his own social engineering hacks, in which he trolled through Facebook and other networks. Barr proclaimed that he would proudly unveil his research at an upcoming security conference.
Anonymous issued a mock press release, probably written in part by Brown, which conceded defeat. Aaron Barr, however, did not have much time to celebrate a victory. He had miscalculated badly. On the next day, Anonymous went on the offensive. Using their high tech expertise, including something called an “SQL injection,” they broke into the underlying database of hbgaryfederal.com, where they discovered what Brown later described as a “farrago of embarrassments” — careless database construction, systems running software with known security flaws, poorly encoded passwords, and duplicate passwords used on multiple systems.
It took just a few hours for Anonymous to destroy both HBGary Federal and its parent company, HBGary. They took down Barr’s website, stole his emails, deleted many gigabytes of HBGary research data, trashed Barr’s Twitter account, and remotely wiped his iPad. They also published all of Barr’s emails — even personal emails from his wife discussing possible divorce proceedings. In just a matter of days, instead of revealing Anonymous identities to the world, Barr was resigning from his position at HBGary Federal.
Aside from the sheer joy of sabotaging an explicit foe, the HBGary hack also produced useful information. Among the 70,000 HBGary e-mails which Anonymous made available to everyone using the file-sharing service BitTorrent, and which Brown promptly crowd-sourced to his Project PM crew, was clear evidence of a huge conspiracy involving several powerful corporate entities to commit what could be crimes. HBGary Federal, along with two other federally contracted security firms (Berico Technologies and Palantir Technologies), was putting together a lucrative proposal to conduct a disinformation campaign against critics of the U.S. Chamber of Commerce. A well-connected Washington, D.C. firm called Hunton & Williams, whose clients also included Bank of America, was soliciting the disinformation schemes from the three security firms. The hacked emails show that these same three firms were also working on a similar proposal to target supporters of WikiLeaks on behalf of Bank of America.
Even larger than HBGary was the “Stratfor hack.” In December 2011, an Anonymous splinter-group called AntiSec hacked the website of a private security company called Stratfor Global Intelligence. On Christmas Eve, AntiSec released a treasure trove of confidential Stratfor information, including approximately 5 million internal company e-mails. A Chicago activist and AntiSec member named Jeremy Hammond has since pled guilty to the attack and is currently facing ten years in prison for it.
The contents of the Stratfor leak were even more outrageous than those of the HBGary hack, since they contained so much evidence of widespread corruption and illegality within the shadowy world of cyber-security and surveillance firms. The Stratfor e-mails and files contained material pertaining to possible opportunities for extra-legal renditions and assassinations. One potential target, for example, was Lockerbie bomber Abdelbaset al-Megrahi, who had been released from prison on compassionate grounds due to his terminal illness. Stratfor personnel casually discussed taking him out, even if doing so was illegal. So what if the man had already been tried, found guilty, sentenced, and served time? This was “personal.” Might as well “just bugzap him with a hellfire.”
Brown put Project PM on the job of combing through the vast contents of the Stratfor hack, once they were available. When a link to the Stratfor data dump appeared in an Anonymous chat channel, Brown copied it and pasted it into a private chat channel reserved for Project PM, thus bringing the material to the attention of the editors. This is what the FBI later seized on as the basis for criminal charges of credit card fraud and identity theft.
One of Brown’s strengths is his formidable attention to mass detail. He is able to analyze a wealth of minutiae that most of us would have little or no patience for. Using the Stratfor hack data, Brown and Project PM were able to investigate the secretive world of cyber-security in a way that few other journalists have been able to replicate. Take the example of a product called TrapWire, which was created by a company called Abraxas. Trapwire was described as software that is installed inside of surveillance camera systems. It is considered more accurate than facial recognition, with the ability to establish patterns and conduct threat assessments for areas that may be targeted by terrorists. More important that what the surveillance software itself can or can’t do, however, is the secret network of people and the firms that are involved in designing and selling these kinds of systems.
Looking closely at Trapwire, Brown was able to uncover a complicated web of business relationships with shared goals and methods that are highly questionable. He found that a company called Cubic from San Diego, which denied allegations that it owned TrapWire as a subsidiary of their firm, had in fact merged with Abraxas Corporation. Tax filings from 2010 proved this. Alongside Abraxas and Cubic on those same tax filings is another company called Ntrepid. In 2011, Barrett’s investigations helped lead the Guardian to report on the fact that Ntrepid won a $2.76 million-dollar contract from Centcom (U.S. Central Command), to create “online persona management” software, also known as “sockpuppetry.” This software is designed to infiltrate social networks with phony social media identities that can influence internet conversations, discredit activists, and spread pro-American propaganda.
Brown’s digging also revealed that Ntrepid has a product called “Tartan,” which is a software tool used to combat basically any group of domestic protesters who challenge the status quo. Tartan is marketed as a valuable law enforcement aid, which can not only take apart activist networks online, but can also move out and crush real world protest movements as well. Groups such as the Occupy Wall Street protesters and Anonymous are obvious targets here. What about environmentalists, anti-war groups, and civil rights organizations? What about alternative media organizations? Or any form of social dissent? The possibilities for products such as Tartan would seem to be endless.
Brown was also looking closely at an information security firm with the chilling name of Endgame Systems. This firm, he noticed, seemed particularly concerned with secrecy, taking care to remain hidden in the shadows. Brown noted one e-mail that stated, “Please let HBGary know we don’t ever want to see our name in a press release.” Further investigation showed good reason for this. One of Endgame’s products, available for a $2.5 million annual subscription, provided customers access to what are called “zero-day exploits.” These are potential security vulnerabilities present in software companies and computer systems all over the world. According to a Business Week story from 2011, “Endgame executives will bring up maps of airports, parliament buildings, and corporate offices. The executives then create a list of the computers running inside the facilities, including what software the computers run, and a menu of attacks that could work against those particular systems.” In other words, these are strategies for cyber-warfare. Looking into all of this, Brown had to wonder just who Endgame was selling these products to. Did they include foreign agents? Could the “zero-day exploits” be directed against computer systems in the United States?
The Hammer Comes Down
In early spring of 2012, Brown, along with numerous other hacktivists, became caught up in the criminal investigations resulting from information provided to authorities by a man known as “Sabu.” Sabu was a longtime Anonymous participant who had formed a spin-off group called LulzSec. At some point, he became an FBI informant. Now he was turning somersaults in front of the feds.
On March 6, 2012, the FBI raided Brown’s residence in Dallas, after acquiring a warrant for his laptop computer, which gave them the authority to seize any information related to HBGary, Endgame Systems, Anonymous and, most ominously, “email, email contacts, ‘chat’, instant messaging logs, photographs, and correspondence.”
When the FBI went to serve Brown, he was at his mother’s house. So agents returned with a warrant to search his mother’s house as well, where they retrieved his laptop. The FBI decided to play hardball with Brown by initiating charges against his mother for obstruction of justice, because she had Brown’s laptop concealed in her house. His mother has since pled guilty to one count of obstructing the execution of a search warrant, and now faces up to twelve months in jail. Brown maintains she had no idea the laptop was in her home. Most of us think it’s irrelevant, one way or another. Few sane people who are familiar with the story think that putting Barrett Brown’s mother in prison for a year in any way serves the cause of justice.
In any case, the FBI’s targeting of his mother did serve some twisted purpose. It made Brown snap and lose the plot entirely. In September 2012, he uploaded a rambling, incoherent YouTube video in which he explained that he had undergone treatment for his heroin addiction and had been taking the medication Suboxone, but now had gone off his meds and was suffering through withdrawals. He then threatened the FBI agent that was harassing his mother, by name:
“I know what’s legal, I know what’s been done to me.… And if it’s legal when it’s done to me, it’s going to be legal when it’s done to FBI Agent Robert Smith—who is a criminal.”
“That’s why [FBI special agent] Robert Smith’s life is over. And when I say his life is over, I’m not saying I’m going to kill him, but I am going to ruin his life and look into his fucking kids…. How do you like them apples?”
The Barrett Brown saga now shifted: instead of an outlaw journalist being targeted for investigating the secretive information-military-industrial complex, now we had the sordid tale of a crazy, drug addicted hacker threatening an FBI agent and his children (who were full-grown, but still). Death threats made against agents can be punishable by a few years in jail. The important point here is that Brown’s deranged video, the seriousness of which is debatable, made it easier for the authorities to pile on a slew of other charges in order to put him away for life.
There is no doubt that the Stratfor data included, among all the other material, some unencrypted credit card numbers and validation codes. Everybody knows that Brown was not interested in the credit card information, though. He was after the IntelSec secrets. Nonetheless, the Department of Justice accused Brown of credit card fraud for simply sharing the link with the editorial board of Project PM. Specifically, the FBI charged him with trafficking in stolen authentication features, access device fraud and aggravated identity theft, as well as an obstruction of justice charge (for hiding the computer at his mother’s), and charges stemming from his threats against a FBI agent. All together, Brown faces a full century of jail time — 105 years in federal prison if served sequentially. He has been denied bail. He has pleaded not guilty to all of the charges against him.
When we take into account the fact that the person who actually carried out the Stratfor hack had several priors and is facing a maximum of ten years, we can only conclude that the government is less concerned with the hack itself than it is with Brown’s journalism, and with his outspoken support of Anonymous and WikiLeaks. Glenn Greenwald has written in The Guardian that “it is virtually impossible to conclude that the obscenely excessive prosecution he [Brown] now faces is unrelated to that journalism and his related activism.”
The broad implications of the Barrett Brown case are deeply troubling. Many journalists now fear going anywhere near the Stratfor files. In the future, they may hesitate to deal with any kind of data that has been obtained through unofficial channels (e.g. the Snowden leak).
Even worse, we can’t help but wonder whether the Department of Justice now functions as just another security contractor, working to protect the interests of firms such as HBGary and Stratfor and their corporate client-base, at the expense of our justice system, which is presumably designed to protect the public. The fact that the government is so hell-bent on protecting corporations and private security contractors that seek to engage in disinformation campaigns against ordinary citizens and their advocacy groups — well, it’s simply a rotten development. The relationships formed between government agencies such as the NSA, private cyber-security firms, and their corporate clients has become incestuous, to say the least. We can see that the security state’s main order of business — its top priority — is expanding and protecting the security state, regardless of any clear notion of democratic justice and legality.
Meanwhile, people such as Barrett Brown and Edward Snowden — basically anyone who dares to expose the truth about the expanding security state — must be made examples of. The ways in which the justice system is being contorted in order to prosecute Barrett Brown in the name of imperial power would be ridiculous, if the consequences for all of us weren’t so perilous.
Barrett Brown’s upcoming trial will be a fascinating event, to say the least.