HBGary Federal Document on Manipulating Social Media

Thursday, March 03, 2011



The HBGary Federal breach conducted by the rogue movement Anonymous, and the subsequent release of tens-of-thousands of company emails, revealed multiple instances of ethically questionable proposals for covert operations.

HBGary Federal, Palantir Technologies and Berico Technologies were involved in developing WikiLeaks counter-operations strategies for Bank of America and proposed disinformation campaigns, cyber attacks against network systems, and strong-arming journalists.

Other information released in the breach show the companies were engaged in developing strategies to infiltrate other civil activist groups, and plans to use social media for distributing government propaganda.

There was also evidence that HBGary Federal was involved in developing an undetectable, full command and control cyber offensive weapon called Magenta.

A Daily Kos contributor also noted a document discovered in the leaked emails that outlines strategies to develop "an army of sockpuppets, with sophisticated 'persona management' software that allows a small team of only a few people to appear to be many" for the purpose of manipulating social media and public opinion.

Of the multiple issues that have garnered attention in the wake of the HBGary Federal breach, the issue of organized social media manipulation has received scant attention from the mainstream press.

The leaked document reveals a detailed, highly developed, and systematic plan to artificially gain ideological hegemony in the largely democratic realm of online social media interaction.

Excerpts from the document speak for themselves:

"Persona management entails not just the deconfliction of persona artifacts such as names, email addresses, landing pages, and associated content.  It also requires providing the human actors technology that takes the decision process out of the loop when using a specific persona.  For this purpose we custom developed either virtual machines or thumb drives for each persona.  This allowed the human actor to open a virtual machine or thumb drive with an associated persona and have all the appropriate email accounts, associations, web pages, social media accounts, etc. pre-established and configured with visual cues to remind the actor which persona he/she is using so as not to accidentally cross-contaminate personas during use."

"To build this capability we will create a set of personas on twitter,‭ ‬blogs,‭ ‬forums,‭ ‬buzz,‭ ‬and myspace under created names that fit the profile‭ (‬satellitejockey,‭ ‬hack3rman,‭ ‬etc‭)‬.‭  ‬These accounts are maintained and updated automatically through RSS feeds,‭ ‬retweets,‭ ‬and linking together social media commenting between platforms.‭  ‬With a pool of these accounts to choose from,‭ ‬once you have a real name persona you create a Facebook and LinkedIn account using the given name,‭ ‬lock those accounts down and link these accounts to a selected‭ ‬#‭ ‬of previously created social media accounts,‭ ‬automatically pre-aging the real accounts."

"Using the assigned social media accounts we can automate the posting of content that is relevant to the persona.  In this case there are specific social media strategy website RSS feeds we can subscribe to and then repost content on twitter with the appropriate hashtags.  In fact using hashtags and gaming some location based check-in services we can make it appear as if a persona was actually at a conference and introduce himself/herself to key individuals as part of the exercise, as one example.  There are a variety of social media tricks we can use to add a level of realness to all fictitious personas"

Such a sophisticated operation as is outlined in the leaked document goes well beyond anything resembling traditional data mining, informational analytics or the use of grassroots organization to enlist the power of crowd-sourcing to further an agenda.

From a security standpoint, such an operation is exponentially more grievous than the hacking of individual social media accounts for the purpose of spamming or social engineering, as the likelihood of detecting such an operation is much more remote.

Employing persona management software and engaging in the mass manipulation of social media and online news outlets undermines the notion of a free and open Internet at its very core, and also undermines the notion of a free and open society.

Possibly Related Articles:
Software Social Media Headlines breach HBGary Federal Palantir Persona Management
Post Rating I Like this!
Robert Gezelter The ability to create personas with arbitrary attributes and comments is an inherent feature of social media, a reality the June 25, 2009, "Micro-Blogging and Personal Self-Surveillance" (readable at http://www.rlgsc.com/blog/ruminations/micro-blogging-and-personal-information.html ).
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.