Breach, Data Security, Network Security, Threat Management, Vulnerability Management

Stratfor returns as Anonymous readies 5M stolen emails

Global affairs firm Stratfor returned online this week amid admissions that its systems were breached on two separate occasions.

Stratfor, which offers intelligence analysis for subscribers and clients, some of whom are high-powered companies and government agencies, was compromised in early December, which resulted in the exposure of some 90,000 credit card numbers, and then again just before Christmas. The latter attack could prove the most costly, as it led to theft of 5.2 million emails, according to an Anonymous representative, and the destruction of all of the company's servers.

Even though Stratfor planned not to fess up to the breaches so as to protect an ongoing FBI investigation, company founder and CEO George Friedman said in a Wednesday letter to members that he knew the hackers would eventually publicly reveal the attack. And that disclosure would include the fact that Stratfor hadn't encrypted its clients' credit card numbers.

"We knew our reputation would be damaged by the revelation, all the more so because we had not encrypted the credit card files," Friedman wrote. "This was a failure on our part...The failure originated in the rapid growth of the company. As it grew, the management team and administrative processes didn't grow with it."

But, as he prepared for the credit card breach to go public, he said he "assumed the worst was done." But he was wrong.

Barrett Brown, Anonymous' unofficial spokesman who heads the activist group Project PM, told on Thursday that the emails were the treasure trove the hackers were after. The messages currently are under the control of a few people involved in the "AntiSec" movement, and they will be turned into a searchable archive that will go live in the coming days, similar to the database that turned up following last year's attack on security firm HBGary.

Brown said a group of hackers have devised a long list of keywords that it plans to search once the engine is operational.

"It's an unprecedented degree of information here," he said. "You're going to have cases of someone who has information and approached Stratfor. And that's going to be useful...You may not hear from someone about what their company is doing, but maybe you'll hear about what another company is doing."

Friedman, in his letter, downplayed what people might find in the spool.

"As they search our emails for signs of a vast conspiracy, they will be disappointed," he wrote. "Of course, we have relationships with people in the U.S. and other governments, and obviously we know people in corporations, and that will be discovered in the emails. But that's our job."

Brown insisted that Anonymous doesn't consider Stratfor to be up to no good, but that it may have been the recipient of useful information involving secret and shady practices that happened or are ongoing within the intelligence community.This is why the Austin, Texas firm was targeted.

"The people involved [in the hacks] know that Stratfor would have a lot of information on issues we're interested in," he said. "And it was vulnerable. There's constant probes going on on our end to find out what's vulnerable."

A week after the attacks were publicized on Christmas Eve Day, the hackers dumped 75,000 names, addresses and passwords of every customer that has ever paid Stratfor for services. Additionally, the group posted the personal information on 860,000 people who registered with the company.

The intruders also claim to have gotten their hands on 90,000 credit card numbers, which were purportedly used to make about a million dollars in donations to charities. Some security experts, however, expressed doubt that the recipients would be able to keep the money because of the fraud involved.

Friedman said Stratfor has since hired an outside contractor to rebuild its systems from scratch. And once it begins processing credit card transactions again, that work will be done by a third-party "with appropriate capability to protect privacy."

[An earlier version of this story incorrectly called Stratfor a security think tank.]

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.