Jeremy Hammond on state-sponsored hacktivism

Jeremy Hammond was sentenced to 10 years in federal prison, during the process he declared that FBI directed my attacks of Anonymous on foreign governments.

Jeremy Hammond, the popular Anonymous hacktivist considered the principal responsible for the disclosure of thousands of emails from the private intelligence firm Stratfor was sentenced on Friday to 10 years in federal prison.

The judge Preska also imposed a further three-year period of probationary supervision once Hammond is released from jail that includes extraordinary restrictive measures to prevent him to hack again, his internet activity will be monitored, and of course his person, to avoid contact with groups of hacktivists and with the hacking community. The Guardian reported:

“Hammond’s 10-year sentence was the maximum available to the judge after he pleaded guilty to one count of the Computer Fraud and Abuse Act (CFAA) relating to his December 2011 breach of the website of the Austin, Texas-based private intelligence company Strategic Forecasting, Inc. Delivering the sentence, Preska dismissed the defendant’s explanation of his motivation as one of concern for social justice, saying that he had in fact intended to create “maximum mayhem”. “There is nothing high-minded and public-spirited about causing mayhem,” the judge said.” 

But who are hacktivists like Sabu and Hammond? Let’s start from the consideration that these guys are cyber experts, they are hackers and for this reason are considered precious professionals especially for intelligence and government agencies … there is a unique big problem, they work on the wrong side and law enforcement has to do all the possible to convince them to the collaboration.

Is it possible that FBI and US intelligence have tried to infiltrate Anonymous to influence its operations?

In August former LulzSec leader Sabu (Hector Xavier Monsegur) was accused by the hacker Jeremy Hammond to have incited state-sponsored attacks for the U.S. Government, Hammond also declared in a Manhattan court that he was directed by an FBI informant to break into the official websites of several governments around the world.

The revelation is not surprising, why destroy a so powerful movement when it is possible to become its ally and take advantage of its offensive capabilities?

Jeremy Hammond revealed a federal court for the southern district of New York,  “Sabu” had requested him to target a list of websites, including those of many foreign countries, that were vulnerable to attack.

Jeremy Hammond referred specifically Brazil, Iran and Turkey before being stopped by judge Loretta Preska that requested to secretate the deposition.

“I broke into numerous sites and handed over passwords and backdoors that enabled Sabu – and by extension his FBI handlers – to control these targets,” told the court.

Jeremy Hammond added that when he and Sabu attacked web sites belonging to foreign governments they provided detailed instruction on how to crack into the targets of one particular unidentified country to other members of the collective that supported the attack.

“I don’t know how other information I provided to [Sabu] may have been used, but I think the government’s collection and use of this data needs to be investigated,” “The government celebrates my conviction and imprisonment, hoping that it will close the door on the full story. I took responsibility for my actions, by pleading guilty, but when will the government be made to answer for its crimes?”added to the court

The process revealed another uncomfortable truth on the borderline activities of the US Government, after the questionable surveillance program and the revelation of the hacking platform codenamed FOXACID, Jeremy Hammond has reported how the FBI has instrumented the offensive capabilities of groups of hacktivism like Anonymous.

The situation is surreal, Jeremy Hammond was sentenced Friday to 10 years in prison for stealing internal emails from Stratfor while US authorities has used similar methods against government without being judged nor condemned it.

The Hammond’charges against FBI are heavy, it would be a very serious fact that the U.S. Government had used the hacktivists to hit other states, I understand the way US Government is trying to discourage hackers and whistleblowers for homeland security but I expect a yardstick fair.

Let’s consider also that US retaliation strategy against hackers could trigger a war without winner that could really advantage foreign state-sponsored hackers.

Jeremy Hammond declared he had been motivated to join Anonymous because of a goal to “continue the work of exposing and confronting corruption”. [He had been] “particularly moved by the heroic actions of Chelsea Manning, who had exposed the atrocities committed by US forces in Iraq and Afghanistan. She took an enormous personal risk to leak this information – believing that the public had a right to know and hoping that her disclosures would be a positive step to end these abuses.”

As sustained by Hammond,  very questionable is also the role of unregulated private intelligence firms like Stratfor,  the young hacker has serious responsibility and he has to pay for this but in a proportional way, the intelligence has been operating for many years in an uncontrolled way and surveillance programs like PRISM are the demonstration.

I afraid that this witch hunt will exacerbate the tones of a difficult dispute between the government and hacktivists, foreign governments could benefit of the attacks that will occur for sure in the next days, recent memo issued by the FBI demonstrates that Anonymous have the capabilities to infiltrate US networks, but consider also that state-sponsored hackers could do the same or can syphon data stolen by Anonymous.

Margaret Kunstler, Hammond’s lead defense lawyer, commented the verdict with these statements:

[maximum punishment was] “not a great surprise”.

I was not surprised too but I believe that the Hammond’s case could be the starting point of new dangerous cyber tensions, on a technical point of view IT community has lost a skilled professional for the next year, but as I always remark you cannot stop an ideology with arrests and convictions.

Pierluigi Paganini

(Security Affairs – Anonymous, Jeremy Hammond)

 

 

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Recent Posts

Cisco addressed high-severity flaws in IOS and IOS XE software

Cisco addressed multiple vulnerabilities in IOS and IOS XE software that can be exploited to…

14 hours ago

Google: China dominates government exploitation of zero-day vulnerabilities in 2023

Google's Threat Analysis Group (TAG) and Mandiant reported a surge in the number of actively…

20 hours ago

Google addressed 2 Chrome zero-days demonstrated at Pwn2Own 2024

Google addressed two zero-day vulnerabilities in the Chrome web browser that have been demonstrated during…

1 day ago

INC Ransom stole 3TB of data from the National Health Service (NHS) of Scotland

The INC Ransom extortion group hacked the National Health Service (NHS) of Scotland and is threatening…

2 days ago

CISA adds Microsoft SharePoint bug disclosed at Pwn2Own to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Microsoft SharePoint vulnerability disclosed at the…

2 days ago

The DDR Advantage: Real-Time Data Defense

This is the advantage of Data Detection and Response (DDR) for organizations aiming to build…

2 days ago

This website uses cookies.