Stratfor hacked

December 29, 2011

in Economics, Geek stuff, Internet matters, Security

A few times before, I have mentioned the website Stratfor. They normally provide a very ‘realist‘ take on global politics. They have interesting sources of information and arguments, and I have found them to be worth reading.

Unfortunately, their entire database of past and present subscribers has been stolen by hackers and released online. If you have ever given them your credit card number, you should probably contact your credit card company immediately to cancel it and have a new card issued with an updated number.

It’s probably a good idea to change your credit card number every few years, regardless. The people at MasterCard said that website hacks like this happen all the time. So often, in fact, that they didn’t want to hear any details about it at all. There are probably a lot of websites that would not notify their users in the event of a breach like the one Stratfor has suffered.

As a side note, this hack demonstrates a couple of things about security. First, the more you hold yourself up as being an expert about security, the more alluring a target you risk making yourself for hackers driven by prestige. This is why the websites of people like the CIA are targeted so often (though such hacks probably aren’t indicative of significant security breaches). Second, there are reputational risks associated with having lax security, especially if you represent yourself as a security expert. I have no doubt that Stratfor’s business will suffer at least a bit because of this.

Report a typo or inaccuracy

{ 21 comments… read them below or add one }

. December 29, 2011 at 3:52 pm

“Anonymous claimed on Sunday that it was able to steal the credit card data because it was unencrypted.

If Stratfor would give a s*** about their subscriber info, they wouldn’t store CC/CCV numbers in cleartext, with corresponding addresses,” according to one tweet.”

. December 29, 2011 at 3:55 pm

Milan January 2, 2012 at 2:32 pm

This has actually been really annoying for me. I had to rip up my main credit card, which my cell phone and other bills were automatically deducted from. All told, it has already occupied a good few hours of my time and inconvenienced me in several ways.

. January 12, 2012 at 3:23 pm

In early December I received a call from Fred Burton, Stratfor’s vice president of intelligence. He told me he had received information indicating our website had been hacked and our customer credit card and other information had been stolen. The following morning I met with an FBI special agent, who made clear that there was an ongoing investigation and asked for our cooperation. We, of course, agreed to cooperate. The matter remains under active investigation.

From the beginning I faced a dilemma. I felt bound to protect our customers, who quickly had to be informed about the compromise of their privacy. I also felt bound to protect the investigation. That immediate problem was solved when the FBI told us it had informed the various credit card companies and had provided those companies with a list of compromised cards while omitting that it had come from us. Our customers were therefore protected, as the credit card companies knew the credit cards and other information had been stolen and could act to protect the customers. We were not compelled to undermine the investigation.

. January 22, 2012 at 12:41 pm

Dreamhost FTP/Shell Password Database Breached

Below is a snippet from an email Dreamhost sent to subscribers early Saturday morning, describing an intrusion into the database storing FTP and SSH usernames and passwords: ‘We are writing to let you know that there may have been illegal and unauthorized access to some of your passwords at DreamHost today. Our security systems detected the potential breach this morning and we immediately took the defensive precaution of expiring and resetting all FTP/shell access passwords for all DreamHost customers and their users. … Only the FTP/shell access passwords appear to have been compromised by the illegal access. Web panel passwords, email passwords and billing information for DreamHost customers were not affected or accessed.’

. February 28, 2012 at 2:30 pm
. March 6, 2012 at 8:37 pm

So why do Wikileaks and their hacker source Anonymous seem to consider Stratfor, which appears to do little more than combine banal corporate research with media-style freelance researcher arrangements, to be a cross between CIA and Illuminati? The answer is probably a combination of naivete and desperation. Wikileaks chief Julian Assange, after all, felt comfortable taking credit for the Egyptian revolution; how good can his understanding of world events, and the actors shaping them, really be? Anonymous, which tried and failed to hack the Vatican’s websites, doesn’t appear to have much of an ideology beyond mischief-making. Wikileaks has been declining rapidly since first releasing Bradley Manning’s trove of U.S. diplomatic cables; their finances are shrinking, their organization disintegrating (due in part to what former employees describe as Assange’s poor leadership), and their credibility with his past media partners is mostly gone.

. March 6, 2012 at 8:37 pm

Mary Landesman, a senior security researcher at Cisco who has closely studied the Stratfor breach, said the attack appears to have been twofold: a relatively commonplace attack, known as an SQL injection, on four servers that stored e-mails dating back several years, as well as a breach of a vulnerable third-party e-commerce system that Stratfor would have used to process its paid subscribers.

A company’s vulnerabilities, whether human or machine, are far easier to spot, Ms. Landesman pointed out, if a sprawling army of thieves is plotting the break-in. “The more eyes, the greater chance of success,” she said.

. March 8, 2012 at 7:43 am

Alleged Stratfor hacker no stranger to law enforcement

Hammond had previously been convicted on hacking charges

By Jaikumar Vijayan
March 8, 2012 06:49 AM ET

Computerworld – Jeremy Hammond, one of the five hackers arrested in Tuesday’s crackdown on key members of LulzSec and Anonymous, is no stranger to the law.

Court documents released earlier this week show that the 27-year old Chicago native was arrested several times over the past few years for hacking activities, protests, mob action and other charges. The picture that emerges of Hammond is of an individual committed to a variety of activist causes with little concern about their potential consequences.

Hammond’s latest arrest occurred late Monday night in what appears to have been a dramatic raid at the two-apartment building where he lives in Chicago. One of Hammond’s neighbors who was interviewed on a local ABC news station described running out after hearing an explosion, and seeing about 30 FBI agents swarming Hammond’s home.

. May 6, 2012 at 1:43 pm

STRATFOR
cleartext passwords

On December 25, 2011, the Anonymous group hacked into a private intelligence agency, Strategic Forecasting Inc. or STRATFOR, based in Austin, Texas. The attack began with the release of STRATFOR’s client list announced at https://twitter.com/#!/AnonymousIRC/status/150679351589998593 followed by release of accounts in batches believed to belong to STRATFOR’s customers. The release announced in another Twitter post at https://twitter.com/#!/AnonymousIRC/status/150985258999885824 includes emails, passwords (hashed with MD5), home/office addresses and credit card information (full 16-digit number, expiry date and CVV number). The table below is the list of the leaked accounts with the passwords removed.

. June 17, 2012 at 5:49 pm

In the Stratfor case, U.S. prosecutors allege 27-year-old Jeremy Hammond and others hacked into companies and government agencies worldwide, including the U.S. Senate. Prosecutors say they stole confidential information, defaced websites and temporarily put some victims out of business.

Hammond and four other U.S. men were arrested in a federal investigation targeting the worldwide “hacktivist” group Anonymous and a splinter group, LulzSec.

Authorities say their crimes affected more than one million people.

There was no bail request at the brief federal hearing for Hammond, who is accused of pilfering information of more than 850,000 people via his attack on Stratfor and using credit card numbers to make charges of at least $700,000. Some reports allege the credit card numbers and other information associated with some Stratfor clients were posted on the Internet.

A website for Hammond’s supporters, freehammond.com, describes him as “one of the few true electronic Robin Hoods.”

Prosecutors say he is a menace. In one alleged online chat regarding Stratfor, he allegedly wrote, “Time to feast upon their (email databases).”

http://www.ottawacitizen.com/news/Hacker+stole+data+Canadian+officials+from+intelligence+firm+memo/6770714/story.html

. July 4, 2012 at 11:16 am

Just as with OpTunisia, Occupy changed Anonymous irrevocably. Its transformation into a political movement, begun four years earlier with Project Chanology, was now complete. Not all anons supported Occupy, but it’s startling how many of them, when asked about the connection between Anonymous and OWS, bluntly reply: “Same thing.” It was as if Occupy had emerged to serve, finally, as a body to house the peripatetic spirit of Anonymous. Occupy wasn’t like Tahrir Square, which attracted the young heroes, the educated forward thinkers of Egypt; it wasn’t like the summer demonstrations in Spain, which brought out the full spectrum of society. Smaller and more distributed than the uprisings elsewhere, Occupy welcomed society’s rejects. The people who found their way to the parks around America, set up tent cities in September, and stayed through the fall included a lot of fuck-ups, people who had fallen for debt scams and had gotten in over their heads with student loans or meth. The hard core of Occupy was a misfit army, unarmed but unwilling to remain silent and invisible. In this they were a perfect match for Anonymous. Both collectives were bound together by being the kinds of people who never found a comfortable place in society.

When cities began to evict the occupiers in the fall, anons watched the violent images with outrage. The same occupiers they’d encouraged, provided technical help to, even stood beside, were beaten and jailed in front of their eyes. A dark mood seized the collective and never really let go.

That perhaps explains why the next AntiSec target—Stratfor, the private intelligence firm—was attacked with such a strange and intense fury. The hackers of AntiSec, including the now-compromised Sabu, worked Stratfor harder than any target since HBGary. They hacked their way through the company’s systems for weeks. Sabu eagerly provided a new server (given to him by the FBI) for the mammoth cache of pilfered documents, which comprised more than 5 million emails. A week later they turned the trove over to Wikileaks after a tense and secretive negotiation with the leaking site. It was the largest public D0xing Anonymous had ever accomplished. AntiSec hackers also charged around $700,000 to the credit cards of Stratfor subscribers, donating much of it to charities.

http://www.wired.com/threatlevel/2012/07/ff_anonymous/all/

. July 4, 2012 at 11:16 am

After the arrests, it seemed that Anonymous would never terrify governments and corporations in quite the same way again. But that’s the sort of underestimation that led Aaron Barr to count 10 senior members of Anonymous, right before a mob ruined his life. It’s the type of judgment that led the Stratfor analyst Sean Noonan, on reading a description of Anonymous as “ultra-coordinated motherfuckery,” to write that the group was “completely uncoordinated and couldn’t fuck anything”—in a personal email that we can read, of course, thanks to some truly coordinated fucking of his employer.

Anonymous is not unanimous, but somehow they still succeed in speaking with a single voice, demanding freedom for the network that is their home. And so the headless suits still appear uninvited on the websites of governments and corporations, and the Guy Fawkes masks periodically fill our city streets.

Oh fuck: The Internet is still here.

http://www.wired.com/threatlevel/2012/07/ff_anonymous/all/

anon November 23, 2012 at 10:46 pm

Stratfor Hacker Could Be Sentenced to Life, Says Judge

“A pretrial hearing in the case against accused LulzSec hacker Jeremy Hammond this week ended with the 27-year-old Chicago man being told he could be sentenced to life in prison for compromising the computers of Stratfor. Judge Loretta Preska told Hammond in a Manhattan courtroom on Tuesday that he could be sentenced to serve anywhere from 360 months-to-life if convicted on all charges relating to last year’s hack of Strategic Forecasting, or Stratfor, a global intelligence company whose servers were infiltrated by an offshoot of the hacktivist collective Anonymous. Hammond is not likely to take the stand until next year, but so far has been imprisoned for eight months without trial. Legal proceedings in the case might soon be called into question, however, after it’s been revealed that Judge Preska’s husband was a victim of the Stratfor hack.”

. February 8, 2013 at 2:43 pm

A federal judge has refused to recuse herself from the closely watched trial of jailed computer hacker Jeremy Hammond, an alleged member of the group “Anonymous” charged with hacking into the computers of the private intelligence firm Stratfor and turning over some five million emails to the whistleblowing website WikiLeaks. Hammond’s lawyers had asked Federal Judge Loretta Preska to recuse herself because her husband worked for a client of Stratfor, and himself had his email hacked.

http://leaksource.wordpress.com/2012/12/27/jeremy-hammond-facing-life-term-for-hacked-stratfor-emails/

. February 8, 2013 at 2:44 pm

Jeremy Hammond 18729-424
Metropolitan Correctional Center
150 Park Row
New York, New York, 10007

. May 28, 2013 at 12:35 pm
. December 2, 2013 at 3:59 pm

Coca Cola and Stratfor vs. People for the Ethical Treatment of Animals

Dow Chemical and Stratfor vs. Bhopal justice activists

Stratfor and the Texas Department of Public Safety vs. Occupy Austin and Deep Green Resistance

anon December 15, 2013 at 12:47 pm

13 federal departments had contracts with Stratfor: WikiLeaks documents

OTTAWA – At least 13 Canadian government agencies have had subscriptions with U.S. private intelligence firm Strategic Forecasting, Inc. or Stratfor, sometimes dubbed a shadow CIA, newly released WikiLeaks emails indicate.

Stratfor came under fire recently after a leaked company document prepared for an oil company outlined ways to counter activist groups, such as Greenpeace, who oppose Canada’s oil-sands development.

The same cache of leaked emails indicates Canadian federal agencies have purchased at least half a million dollars in Stratfor services.

Emails from January 2009 and February 2011 show invoices of $13,125 and $13,725 for one-year Stratfor subscriptions for Foreign Affairs and International Trade, which were not publicly disclosed by the department.

anon December 15, 2013 at 12:48 pm

Worst-Case Scenario for Oil Sands Industry Has Come to Life, Leaked Document Shows

Industry consultants said anti-tar sands push could become ‘the most significant environmental campaign of the decade’ if activists were left unopposed.

Oilsands Strategy Presentation Indicates ‘Worst-Case Scenario’ Has Come To Pass

Worst-Case Scenario for Oil Sands Comes to Life, WikiLeak Docs Show

. December 18, 2014 at 12:33 am

Leave a Comment

You can use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Previous post:

Next post: