LulzSec was a popular group of hacktivists that breached many high profile targets during the last years, including the famous attack against Sony in 2011. The group also claimed responsibility for taking down many other notorious targets such as AT&T, Viacom, Disney, EMI, and NBC Universal, The Sun, The Times and the CIA.
Many of us remember LulzSec for one of its leaders, Hector Xavier Monsegur, better known as "Sabu", that after being arrested, decided to collaborate with law enforcement to track down other component of the collective belonging to Anonymous. Thanks to the information provided by Sabu various members of the popular group of hacktivists have been identified and arrested, the man is now awaiting trial and its sentence has again been delayed.
Sabu pleaded guilty to a dozen criminal counts two years prior and he risks a maximum sentence of more than 124 years, despite numerous security experts are convinced that the help provided for the arrest of its colleagues will give him a highway exit. My readers are reminded that early 2012 I speculated that the Anonymous collective, or some of its most active branches, could be used for state-sponsored operations.
To confirm my speculation there are the revelations of another member of Lulzsec, the hacker Jeremy Hammond, who sustains that the FBI used Sabu to coordinate attacks against foreign governments. Hammond pleaded guilty in May for the data breach of private intelligence firm Stratfor, the attacks exposed millions of revelatory emails. Hammond is waiting also for his sentence, scheduled for 15th November 2013, he faces up to 10 years in prison.
The scenario is not fiction, the support of the group of hackers capable to virtually attack any infrastructure on the Internet is considerable strategical for US cyber units, guys like Sabu have had the power to influence large masses of unaware hacktivists that convinced to take part to an Anonymous campaign, in reality have supported tactical operation of US governments. The involvement of groups of hacktivists such as Anonymous has numerous advantage, low costs, no official liability for the attacks and the opportunity to exploit them to hide more sophisticated attacks conducted by government cyber units. The infiltration of the collective may have been, and still today, a strategic goal of U.S. Intelligence, of course also any other governments could have used a similar strategy to attack its adversary in the cyberspace. Jeremy Hammond released a statement Aug. 22 accusing the US government of asking Sabu to recruit fellow hacktivists to infiltrate foreign government entities.
"I write this in advance of the sentence of Hector Monsegur, aka “Sabu” – a former Anonymous comrade turned FBI informant – scheduled to take place on August 23, 2013. It is widely known that Sabu was used to build cases against a number of hackers, including myself. What many do not know is that Sabu was also used by his handlers to facilitate the hacking of targets of the government’s choosing – including numerous websites belonging to foreign governments. What the United States could not accomplish legally, it used Sabu, and by extension, me and my co-defendants, to accomplish illegally. The questions that should be asked today go way beyond what an appropriate sentence for Sabu might be: Why was the United States using us to infiltrate the private networks of foreign governments? What are they doing with the information we stole? And will anyone in our government ever be held accountable for these crimes?"
The involvement of influenced group of hacktivist could be an excellent option for the organization of PSYOPs operation, interfering with the choice of targets, usually made by leaders such as Sabu, could allow a governments to modify the sentiment of the population of a foreign country on specific topics. For sure this abuse of hacktivist movements has been a long debated by Intelligence agencies and probably Hammond is speaking with knowledge of the causes.
Cross Posted from Security Affairs