Stratfor Boss “Regrets” Not Encrypting User Info


Stratfor website is back online, and free to use for now, with a new section for details of the hack and further updates.

The Hack on Stratfor

By George Friedman | January 11, 2012

In early December I received a call from Fred Burton, Stratfor’s Vice President of Intelligence. He told me he had received information indicating our website had been hacked and our customer credit card and other information had been stolen. The following morning I met with an FBI special agent, who made clear that there was an ongoing investigation and asked for our cooperation. We, of course, agreed to cooperate. The matter remains under active investigation.

From the beginning I faced a dilemma. I felt bound to protect our customers, who quickly had to be informed about the compromise of their privacy. I also felt bound to protect the investigation. That immediate problem was solved when the FBI told us it had informed the various credit card companies and had provided those companies with a list of compromised cards while omitting that it had come from us. Our customers were therefore protected, as the credit card companies knew the credit cards and other information had been stolen and could act to protect the customers. We were not compelled to undermine the investigation.

The FBI made it clear that it expected the theft to be exposed by the hackers. We were under no illusion that this was going to be kept secret. We knew our reputation would be damaged by the revelation, all the more so because we had not encrypted the credit card files. This was a failure on our part. As the founder and CEO of Stratfor, I take responsibility for this failure, which has created hardship for customers and friends, and I deeply regret that it took place. The failure originated in the rapid growth of the company. As it grew, the management team and administrative processes didn’t grow with it. Again, I regret that this occurred and want to assure everyone that Stratfor is taking aggressive steps to deal with the problem and ensure that it doesn’t happen again.

From the beginning, it was not clear who the attackers were. The term “Anonymous” is the same as the term “unknown.” The popular vision of Anonymous is that its members are young and committed to an ideology. I have no idea if this is true. As in most affairs like this, those who know don’t talk; those who talk don’t know. I have my theories, which are just that and aren’t worth sharing.

I was prepared for the revelation of the theft and the inevitable criticism and negative publicity. We worked to improve our security infrastructure within the confines of time and the desire to protect the investigation by not letting the attackers know that we knew of their intrusion. With the credit card information stolen, I assumed that the worst was done. I was wrong.

Early in the afternoon of Dec. 24, I was informed that our website had been hacked again. The hackers published a triumphant note on our homepage saying that credit card information had been stolen, that a large amount of email had been taken, and that four of our servers had been effectively destroyed along with data and backups. We had expected they would announce the credit card theft. We were dismayed that emails had been taken. But our shock was at the destruction of our servers. This attack was clearly designed to silence us by destroying our records and the website, unlike most attacks by such groups.

Attacks against credit cards are common, our own failures notwithstanding. So are the thefts of emails. But the deliberate attack on our digital existence was a different order of magnitude. As the global media marveled at our failure to encrypt credit card information, my attention was focused on trying to understand why anyone would want to try to silence us.

In the days that followed, a narrative evolved among people claiming to speak for Anonymous and related groups. It started with looking at our subscriber list and extracting corporate subscribers who were now designated as clients. The difference between clients and subscribers is important here. A client is someone you do customized work for. A subscriber is simply someone who purchases a publication, unchanged from what others read. A subscriber of The New York Times is not its client. Nevertheless, some of the media started referring to these subscribers as clients, reflecting the narrative of those claiming to speak with knowledge of our business.

From there, the storyline grew to argue that these “clients,” corporate and government, provided Stratfor with classified intelligence that we reviewed. We were no longer an organization that analyzed the world for the interested public, but rather a group of incompetents and, conversely, the hub of a global conspiracy. The media focused on the first while the hacking community focused on the second.

This was why they stole our email, according to some of them. As one person said, the credit cards were extra, something they took when they realized they could. It was our email they were after. Obviously, we were not happy to see our emails taken. God knows what a hundred employees writing endless emails might say that is embarrassing, stupid or subject to misinterpretation. What will not appear is classified intelligence from corporations or governments. They may find, depending on what they took, that we have sources around the world, as you might expect. It is interesting that the hacker community is split, with someone claiming to speak for the official Anonymous condemning the hack as an attack on the media, which they don’t sanction, and another faction defending it as an attack on the rich and powerful.

The interpretation of the hackers as to who we are — if indeed that was their interpretation — was so wildly off base as to stretch credulity. Of course, we know who we are. As they search our emails for signs of a vast conspiracy, they will be disappointed. Of course we have relationships with people in the U.S. and other governments and obviously we know people in corporations, and that will be discovered in the emails. But that’s our job. We are what we said we were: an organization that generates its revenues through geopolitical analysis. At the core of our business, we objectively acquire, organize, analyze and distribute information.

I don’t know if the hackers who did this feel remorse as they discover that we aren’t who they said we were. First, I don’t know who they actually are, and second, I don’t know what their motives were. I know only what people claiming to be them say. So I don’t know if there is remorse or if their real purpose was to humiliate and silence us, in which case I don’t know why they wanted that.

And this points to the real problem, the one that goes beyond Stratfor’s own problem. The Internet has become an indispensible part of our lives. We shop, communicate, publish and read on it. It has become the village commons of the planet. But in the village commons of old, neighbors who knew and recognized each other met and lived together. Others knew what they did in the commons, and they were accountable.

In the global commons, anonymity is an option. This is one of the great virtues of the Internet. It is also a terrible weakness. It is possible to commit crimes on the Internet anonymously. The technology that enables the Internet also undermines accountability. Given the profusion of technical knowledge, the integrity of the commons is in the hands of people whose identities we don’t know, whose motives we don’t understand, and whose ability to cause harm is substantial. The consequence of this will not be a glorious anarchy in the spirit of Guy Fawkes, but rather a massive repression. I think this is a pity. That’s why I wonder who the hackers actually are and what cause they serve. I am curious as to whether they realize the whirlwind they are sowing, and whether they, in fact, are trying to generate the repression they say they oppose.

The attempt to silence us failed. Our website is back, though we are waiting for all archives to be restored, and our email is working again. Our failures have been reviewed and are being rectified. We deliberately shut down while we brought in outside consultants to rebuild our system from the ground up. The work isn’t finished yet, but we can start delivering our analyses. The handling of credit cards is being handed off to a third party with appropriate capability to protect privacy. We have acted to help our customers by providing an identity theft prevention service. As always, we welcome feedback from our supporters as well as our critics.

We are fortunate that we have the financial resources and staff commitment to survive the attack. Others might not. We are now in a world in which anonymous judges, jurors and executioners can silence whom they want. Take a look at the list of organizations attacked. If the crushing attack on Stratfor is the new model, we will not be the last. No security system is without flaws even if it is much better than Stratfor’s was.

We certainly expect to be attacked again, as we were last week when emails were sent out to members from a fake Stratfor address including absurd messages and videos. Our attackers seem peculiarly intent on doing us harm beyond what they have already done. This is a new censorship that doesn’t come openly from governments but from people hiding behind masks. Do not think we will be the last or that we have been the first.

We will continue to publish analysis and sell it to those who believe it has value. To our subscribers who have expressed such strong support, we express our deepest gratitude. To our critics, we assure you that nothing you have said about us represents a fraction of what we have said about ourselves. While there is much not to be proud of in this affair, I am proud beyond words of all my dedicated colleagues at Stratfor and am delighted to return our focus to analyzing critical international affairs.

To all, I dedicate myself to denying our attackers the prize they wanted. We are returning to the work we love, dedicated to correcting our mistakes and becoming better than ever in analyzing and forecasting how the world works.


Another #Iran Academic Murdered


Almost a year to the day since Iranian university professor and nuclear scientist Massoud Ali Mohammadi was killed..

FARS – Terrorists Kill Commerce Deputy of Iran’s Nuclear Enrichment Site

TEHRAN (FNA)- An Iranian university professor and deputy director at Natanz enrichment facility was killed in a terrorist bomb blast in a Northern Tehran neighborhood on Wednesday morning.

The magnetic bomb which was planted by an unknown motorcyclist under the car of Mostafa Ahmadi Roshan Behdast, a professor at Tehran’s technical university, also wounded two other Iranian nationals in Seyed Khandan neighborhood in Northern Tehran.

Ahmadi Roshan, 32, was a graduate of oil industry university and a deputy director of Natanz uranium enrichment facility for commercial affairs.

No more details have been revealed about the blast.

The blast took place on the second anniversary of the martyrdom of Iranian university professor and nuclear scientist, Massoud Ali Mohammadi, who was also assassinated in a terrorist bomb attack in Tehran in January 2010.

The today bombing method was similar to the 2010 terrorist bomb attacks against the then university professor, Fereidoun Abbassi Davani – who is now the head of Iran’s Atomic Energy Organization – and his colleague Majid Shahriari.

Terrorists Kill Commerce Deputy of Iran’s Nuclear Enrichment Site 

IRNA – University lecturer killed in car explosion in Tehran

Tehran, Jan 11, IRNA – A university lecturer was killed and two others injured when a magnetic bomb attached to a car exploded Wednesday morning.

University professor, Mostafa Ahmadi-Roshan, who was in the car with two passengers, was killed in the blast.

The two injured passengers of the car were taken to a hospital.

The explosion took place after a motorcyclist stuck a bomb on the side of the car, a Peugeot 405, in Ketabi square in eastern Tehran, this morning.

A security official told IRNA that the incident looked like previous terrorist attacks on nuclear scientists by agents of the Zionist regime.

University lecturer killed in car explosion in Tehran

CNN decides to go with “nuclear scientist”

CNN – A blast in a Tehran neighborhood reportedly killed a nuclear scientist Wednesday morning, the latest in a string of attacks against such scientists in the country that Iran has blamed on Israel.

A motorcyclist placed a magnetic bomb under Mostafa Ahmadi Roshan’s Peugeot 405, the country’s IRNA news agency said.

The blast wounded two others who were passengers in the car, the news agency said.

Roshan worked at Natanz uranium enrichment facility in Isfahan province, according to another news agency, Fars.

The Wednesday attack followed a similar mode of operation as others that have killed nuclear scientists in the capital city.

On January 12, 2010, Iranian university professor and nuclear scientist Massoud Ali Mohammadi was killed in a blast when an assailant stuck a bomb under his car. Officials later arrested a person in connection with that incident

In November 2010, nuclear scientist Majid Shahriari was killed in a blast where, again, a bomb was stuck under a car by someone on a motorcycle.

“The bomb used in the (Wednesday) explosion was a magnetic bomb, the same kind that were used in previous assassinations of Iranian scientists. And the fact is that this is the work of the Zionists,” Fars news agency quoted Tehran’s Deputy Governor Safarali Baratloo as saying.

Iran uses the term ‘Zionist’ to refer to Israel.

The nation has been engaged in a war of words with Israel, whom it accuses of trying to destabilize the republic.

Iran maintains its nuclear program is for energy purposes only, disputing allegations by the United States and other countries that it is trying to develop a weapons program.

Ali Ansari, a professor at the Institute for Iranian Studies at Scotland’s University of St Andrews, said more information needs come out about the victims to help determine who’s perpetrating the attacks.

Some have speculated that the victims were members of the opposition movement and could have been targeted by internal forces, Ansari said.

“But if it is true that Israel is behind it, Iran should make a formal complaint to the U.N. so they can get an answer from Israel,” Ansari said.”Because if they really think some other country is killing their nuclear experts, why are they not giving them more protection?”

Iran’s 1st Vice President Mohammad Reza Rahimi said the attacks would not stop the country from achieving its scientific goals, IRNA reported.

“Iranian scientists become more determined to take steps in line with the aspirations of the Islamic Republic in spite of terrorist operations,” Rahimi told the news agency.

Report: Iran nuclear scientist killed in blast –

Pirates strike again; More #Iran sailors rescued by US


 1 of 3. An Iranian mariner greets a U.S. Coast Guardsman from the U.S. Coast Guard Cutter Monomoy which offered assistance to six Iranian mariners in the Arabian Gulf in this January 10, 2012 handout.  Credit: REUTERS/U.S. Coast Guard Photo/Handou

TEHRAN | Tue Jan 10, 2012 3:34pm EST

(Reuters) – Pirates in the Gulf of Aden have hijacked an Iranian ship carrying 30,000 tonnes oftones petrochemical products to a North African country, Iran’s semi-official Mehr news agency reported on Tuesday.

Somali sea gangs have seized vessels and crews across the Gulf of Aden and the Indian Ocean, extracting millions of dollars in ransoms.

Mehr did not say where the information on the latest reported attack came from.

Separately on Tuesday, the Pentagon said American forces had rescued six Iranian mariners who said their ship was taking in water off the coast off Iraq.

  2 of 3. The Iran-flagged boat Ya-Hussayn taken from the U.S. Coast Guard Cutter Monomoy in the Arabian Gulf, January 10, 2012.  Credit: REUTERS/U.S. Coast Guard Photo/Handout

The announcement came less than a week after U.S. naval forces rescued 13 Iranian fishermen who were taken hostage by pirates in the Arabian Sea for more than a month.

The rescue operations have taken place at a moment of heightened tension between Washington and Tehran over Iran’s nuclear program, which the West suspects is aimed at building an atomic bomb. Tehran denies the charge, saying its nuclear activities are only for peaceful purposes.

3 of 3. A United States Coast Guardsman from the U.S. Coast Guard Cutter Monomoy wakes an Iranian mariner to give him food in the Arabian Gulf in this January 10, 2012 handout.  Credit: REUTERS/U.S. Coast Guard Photo/Handout

Tehran and Washington do not have formal diplomatic relations. The U.S. State Department last week said there had been no official communication with Iran about the first rescue, which it described as a “humanitarian gesture”.

Iran announced plans on Friday to hold new naval exercises in the Strait of Hormuz next month, the latest in a series of forceful gestures in the world’s most important oil shipping lane.

via Pirates hijack Iranian ship in Gulf of Aden: report | Reuters.

Amnesty: #Iran must halt #Hekmati execution

Most Iranians on death row are alleged drugs offenders

Most Iranians on death row are alleged drugs offenders © Mehr News Agency

“The lives of political detainees on death row in Iran are hanging in the balance this month”

Amnesty International’s Ann Harrison
Mon, 09/01/2012

Iran must not execute a US national sentenced to death after an unfair trial, Amnesty International said today amid fears he could be executed within weeks.

Amir Hekmati, an Arizona-born Iranian-American who had served as an Arabic translator in the US Marine Corps, was accused of spying for the CIA and sentenced to death for “collaboration with a hostile government”. His appeal against this conviction and sentence must be lodged within 20 days.
Hekmati was held without access to his family, a lawyer or consular assistance after his arrest in August last year, in violation of international law.
He was made to participate in a televised “confession” before his trial in December, breaching his rights to a fair trial even further.
“Like many other detainees in Iran, Amir Hekmati did not receive a fair trial and we question the timing and political circumstances of this decision,” said Ann Harrison, Amnesty International’s interim Director for the Middle East and North Africa.
“We know from past experience that the Iranian authorities sometimes rush forward with executions of political prisoners – including dual nationals – at politically sensitive times and we fear that this execution could happen within days or weeks.”
The death sentence for Hekmati comes at a time of heightened tensions between Iran and the US, amid announcements that Iran has begun uranium enrichment and strengthened US sanctions against Iran.
The Iranian authorities have executed political prisoners in January over the past two years, in relation to the unrest following the disputed presidential election of 2009.
These executions have widely been seen as warnings to potential opposition protesters ahead of yearly celebrations marking the 11 February anniversary of the Iranian Revolution when people are encouraged to demonstrate in large numbers in support of the state.
Zahra Bahrami, who held dual Dutch-Iranian nationality, was executed for alleged drugs offences in January 2011 while awaiting trial on political charges related to the post-election unrest.
Parliamentary elections – the first elections to be held since 2009 – are also scheduled for March 2012.
“The lives of political detainees on death row in Iran are hanging in the balance this month,” said Ann Harrison.
Iranian activists at risk of execution
Gholamreza Khosravi Savajani, an alleged supporter of the People’s Mojahedin Organization of Iran (PMOI) who reportedly spent more than 40 months in solitary confinement in various detention centres in Iran, is also facing execution.
Arrested in Kerman on 24 February 2008, he was sentenced to death in late 2011 after conviction of “moharebeh” (enmity against God) in connection with his alleged financial support to the pro-PMOI TV station Simay-Azadi.
Three alleged PMOI supporters – Ali Saremi, Ja’far Kazemi and Mohammad Ali Haj Aghaei – were executed in Iran between 26 December 2010 and 24 Janaury 2011. All men had been convicted of moharebeh (enmity against God) in relation to contacts with the PMOI.
Blogger Vahid Asghari, who had hosted websites critical of the government, was sentenced to death on Friday after conviction in an unfair trial of “corruption on earth” for allegedly organising a “pornographic” network against Islam and the state.
Asghari had been held since May 2008. In October 2009 he said in a letter to a judge that he had been subjected to torture, forced to make a televised “confession” and forced to make spying allegations against high profile blogger Hossein Derakhshan.
Saeed Malekpour, a 36-year-old web designer and permanent resident of Canada, is also under sentence of death following a retrial on similar charges, which may be linked to Vahid Asghari’s case. A previous death sentence was reportedly overturned in June 2011.
Prior to his arrest during a family visit to Iran in 2008, he had created a program enabling photos to be uploaded online which had then been used to post pornographic images without his knowledge. He is alleged to have been tortured while being held in solitary confinement in Evin Prison for more than a year.
The government has officially acknowledged executing 17 people already this year, although Amnesty International has received information suggesting at least 39 people may have been put to death in the first week of 2012 alone.

Iran must halt execution of US national in ‘spying’ case | Amnesty International.

US expels #Venezuela diplomat over #Iran cyberespionage allegations


Livia Acosta NogueraBy JOSEPH FITSANAKIS | |
The United States has ordered the immediate expulsion of the head of the Venezuelan consulate in Miami, over allegations that she helped coordinate a cyberattack against US government targets in 2008. The diplomat, Livia Acosta Noguera, was declared “persona non grata” (an unwelcome person) by the US Department of State last Friday, and was given 72 hours to leave the country. State Department officials refused to discuss the reasons for Acosta’s expulsion. But the BBC said that the expulsion order was prompted by a letter sent last month to US Secretary of State Hillary Clinton by four members of the US Congress. The letter’s authors reportedly raised concerns about a documentary aired in December by Univision, a US-based Spanish-language broadcaster, titled “The Iranian Threat”. According to reports, the documentary alleged that Acosta was part of a multinational team of diplomats from Venezuela, Iran and Cuba, who, while stationed in Mexico in 2008, helped orchestrate a cyberespionage operation against US targets. The alleged operation was aimed at computer servers belonging to the US government computer, including some at the Department of Defense, the National Security Agency, the Central Intelligence Agency, and the White House. Computer servers at several nuclear power plants across the US were also reportedly targeted. The documentary exposé, which later appeared in print in US-based Spanish-language newspaper El Nuevo Herald, included allegations that Acosta is in fact a member of the Bolivarian Intelligence Service, Venezuela’s foremost external intelligence agency. The allegations were refuted by several diplomats, including the Iranian ambassador in Mexico; but the US State Department reportedly decided to order the Venezuelan diplomat’s expulsion after consulting with the Federal Bureau of Investigation. News agency UPI reported on Monday that Acosta appeared to have left the country by Sunday afternoon, and that the Venezuelan consulate in Miami was closed. The agency contacted the Venezuelan embassy in Washington, DC, about Acosta, and was told that a statement about the expulsion would be issued by the Venezuelan government in Caracas. But Venezuela had not published a statement as of late Monday night.

via US expels Venezuelan diplomat over cyberespionage allegations.