On Twitter: @JamesFirth and @s_r_o_c (post feed)

Got a tip? tip@sroc.eu



Thursday, 5 April 2012

Alleged NSA contact book leaked by Anonymous could indicate scale of private industry profits from security

Anonymous claims to have leaked an NSA contact book. The 4,000-entry list containing many private sector contacts appears to have been published some point on or before Tuesday 3rd April.

I'm in two minds whether to link to the leak; it contains personal data - including what appears to be home addresses for many of those listed.

Plus, I don't support Anonymous - many of their antics are not helpful and I'm aware that Anonymous as a concept provides a vehicle for malignant forces to co-opt from a highly-skilled cohort of sometimes-impressionable hackers.

For this second reason I don't want to cheer-lead for them but at the same time this leak looks newsworthy and indicates the US National Security Agency has tentacles into many major technology companies, perhaps indicating the scale of both the cyber-security industrial complex and the military-digital complex.

Essentially there's a huge amount of money to be made from keeping us safe and this opens up the possibility that some of those profiting have an incentive to over-hype the threat to keep the cash rolling in.

The collateral damage is our privacy and freedom.  Few rational people mind protective measures taken in our collective interest to maintain security and stability, but we need to be sure that inflated or non-existent threats are not used to justify excessive state intrusion.

Below is a list of email domains scraped form the alleged NSA leak with a count of the number of times each domain appears.

Disclaimer: There's no way of verifying the input data, and even if the list did originate at the NSA as is claimed, there are plenty of benign reasons companies who supply technology to government would appear on such a contact book, e.g. account management, technical sales, advanced research, etc.

At the same time the data is now out there being circulated on chat rooms and Twitter. Don't shoot the messenger, there's clear public interest as outlined above and the list deserves scrutiny.

The reader should be aware the leak may not be genuine, and in any case should not infer that NSA 'agents' are embedded in these companies:

    172 gmail.com (public email address)
     99 nsa.gov
     86 mail.house.gov
     73 aol.com (public email address)
     65 osd.mil
     64 yahoo.com (public email address)
     64 dhs.gov
     59 lmco.com
     56 ic.fbi.gov
     55 dia.mil
     53 saic.com
     49 gd-ais.com
     45 ugov.gov
     45 state.gov
     44 ssci.senate.gov
     43 hp.com
     42 comcast.net
     42 bah.com
     41 nga.mil
     41 caci.com
     37 verizon.net
     35 raytheon.com
     35 ngc.com
     32 nro.mil
     31 baesystems.com
     30 hotmail.com
     28 potomacinstitute.org
     28 dni.gov
     23 appro.senate.gov
     22 cox.net
     22 boeing.com
     20 microsoft.com
     19 l-3com.com
     18 mantech.com
     18 earthlink.net
     17 hq.dhs.gov
     17 harris.com
     17 accenture.com
     16 oracle.com
     16 gdit.com
     16 ensco.com
     15 att.com
     14 ball.com
     13 us.ibm.com
     13 ucia.gov
     13 hsgac.senate.gov
     13 deloitte.com
     13 armed-services.senate.gov
     12 usdoj.gov
     12 uscg.mil
     12 tasc.com
     12 srcinc.com
     12 msn.com
     12 ca.com
     12 appsig.com
     11 darpa.mil
     10 usis.com
     10 qinetiq-na.com
     10 prtm.com
     10 njvc.com
     10 mitre.org
     10 lmi.org
     10 itt.com
     10 geoeye.com
     10 cubic.com
     10 copt.com
      9 pfiab.eop.gov
      9 cisco.com
      8 us.army.mil
      8 techusa.net
      8 sncorp.com
      8 sgis.com
      8 salientfed.com
      8 qwest.com
      8 lgsinnovations.com
      8 jhuapl.edu
      8 intelsatgeneral.com
      8 finmeccanica.com
      7 umd.edu
      7 sypris.com
      7 six3systems.com
      7 mac.com (public email address)
      7 kforcegov.com
      7 globalcrossing.com
      7 dell.com
      7 arete.com
      7 aero.org
      6 theanalysiscorp.com
      6 terremark.com
      6 systek.com
      6 sptrm.com
      6 solers.com
      6 serco-na.com
      6 quest.com
      6 navy.mil
      6 mcafee.com
      6 marklogic.com
      6 kpmg.com
      6 i2spros.com
      6 emc.com
      6 do.treas.gov
      6 agilex.com
      6 abraxascorp.com
      5 us.pwc.com
      5 sensasolutions.com
      5 safenet-inc.com
      5 netscape.net
      5 mcbeestrategic.com
      5 js.pentagon.mil
      5 intecbilling.com
      5 hughes.com
      5 harding-security.com
      5 faa.gov
      5 drs-ds.com
      5 drs.com
      5 draper.com
      5 dnovus.com
      5 ciena.com
      5 acqsolinc.com
      4 wyle.com
      4 westwaydevelopment.com
      4 usmc.mil
      4 stellarsolutions.com
      4 sri.com
      4 potadv.com
      4 pentagon.af.mil
      4 parsons.com
      4 netapp.com
      4 me.com (public email address)
      4 live.com
      4 juno.com
      4 insaonline.org
      4 hubcon.com
      4 gd.com
      4 federal.dell.com
      4 esri.com
      4 entegrasystems.com
      4 cobham.com
      4 camber.com
      4 bellsouth.net
      4 battelle.org
      4 att.net
      4 agtlawyers.com
      4 agilent.com
      3 zavda.com
      3 usgif.org
      3 trssllc.com
      3 sysplan.com
      3 syndetics-inc.com
      3 sprynet.com
      3 sotech.us
      3 sheppardmullin.com
      3 sei.cmu.edu
      3 securemissionsolutions.com
      3 reedcorp.com
      3 redhat.com
      3 radium.ncsc.mil
      3 pherson.org
      3 only.arl.psu.edu
      3 omniplex.com
      3 nsc.eop.gov
      3 nmic.navy.mil
      3 nciinc.com
      3 mercyhurst.edu
      3 jhu.edu
      3 intelligent.net
      3 implementstrategy.com
      3 ieee.org
      3 georgetown.edu
      3 gdc4s.com
      3 gartner.com
      3 fabiani-co.com
      3 exceptionalsoftware.com
      3 eti-eng.com
      3 defensegp.com
      3 dau.mil
      3 columbia.edu
      3 carahsoft.com
      3 bericotechnologies.com
      3 atf.gov
      3 aporter.com
      3 anser.org
      3 aecom.com
      2 zai.com
      2 who.eop.gov
      2 wdc.sri.com
      2 vt.edu
      2 vt-arc.org
      2 venturemanagement.com
      2 venonaconsulting.com
      2 va.gov
      2 urs.com
      2 tvarsolutions.com
      2 totalintel.com
      2 thenewberrygroup.com
      2 thechartwellconsultancy.com
      2 targusinfo.com
      2 starpower.net
      2 spectrumgrp.com
      2 soteradefense.com
      2 sms-fed.com
      2 signaturescience.com
      2 signaturegs.com
      2 sdsi.net
      2 sbcglobal.net
      2 sassi-va.com
      2 sanborn.com
      2 sage-mgt.net
      2 rogers.com
      2 renesys.com
      2 regent.edu
      2 rand.org
      2 proteuseng.com
      2 prointelservices.net
      2 parabon.com
      2 osd.pentagon.mil
      2 ockim.com
      2 objectfx.com
      2 nsf.gov
      2 nnsa.doe.gov
      2 mpiresearch.com
      2 missionep.com
      2 missionconcepts.com
      2 millcp.com
      2 mi.army.mil
      2 mgiss.com
      2 mcmunn-associates.com
      2 makfinsky.com
      2 langley.af.mil
      2 lacaixa.es
      2 kgsgov.com
      2 kellyservices.com
      2 keane.com
      2 jwac.mil
      2 ivysys.com
      2 interf.com
      2 intellacademy.com
      2 ichnet.org
      2 iacsp.com
      2 hughes.net
      2 hud.gov
      2 gtri.gatech.edu
      2 graydome.com
      2 gmu.edu
      2 gmri.com
      2 gmai.com
      2 globaltechops.com
      2 gci.net
      2 fts-intl.com
      2 falken.us
      2 ey.com
      2 everest.nu
      2 erols.com
      2 eastportanalytics.com
      2 disa.mil
      2 dhs.com
      2 cust-matters.com
      2 ctssgroup.com
      2 cornell.edu
      2 co.clark.nv.us
      2 civitasgroup.com
      2 chicagopolice.org
      2 centurum.com
      2 centratechnology.com
      2 cdsinc.com
      2 casl.umd.edu
      2 boyden.com
      2 a-tsolutions.com
      2 apgtech.com
      2 ansaldo-sts.us
      2 analex.com
      2 americansystems.com
      2 american.edu
      2 agogegroup.com
      2 adobe.com
      2 3001inc.com
      1 yandex.ru
      1 yakabod.com
      1 xebecglobal.com
      1 woti.com
      1 worldnet.att.net
      1 woodcons.com
      1 wisc.edu
      1 windsorvisions.com
      1 whitecliffsconsulting.com
      1 wharton.upenn.edu
      1 wgint.com
      1 webb.senate.gov
      1 washpost.com
      1 ward-solutions.com
      1 waldenu.edu
      1 vyndicar.com
      1 voa.gov
      1 visualintelgroup.com
      1 viadesigns.com
      1 vermilliongroup.com
      1 venable.com
      1 vacoxmail.com
      1 uva.nl
      1 usintelgroup.com
      1 usfca.edu
      1 usd.com
      1 usaf.mil
      1 us.af.mil
      1 unveillance.com
      1 unitedplacements.com
      1 unisys.com
      1 txdps.state.tx.us
      1 ttemi.com
      1 tsc.gov
      1 tsa.dhs.gov
      1 triumph-tech.com
      1 triumfant.com
      1 trinity-health.org
      1 tribune.com
      1 tresys.com
      1 treadstone71.com
      1 tmomail.net
      1 tidalwave.net
      1 tibco.com
      1 thinkingahead.com
      1 thepolagroup.com
      1 themekonggroup.com
      1 theedgegroup.cc
      1 the-analysis-corp.com
      1 terminusnet.com
      1 telesecret.com
      1 taurigroup.com
      1 tamu.edu
      1 takt-gs.com
      1 sun.com
      1 student.american.edu
      1 stratspace.net
      1 strativest.com
      1 stopso.com
      1 stanleyassociates.com
      1 srtrl.com
      1 srccomp.com
      1 splunk.com
      1 spectrumresolutions.com
      1 spadac.com
      1 sourcefire.com
      1 socratiq.com
      1 smu.edu
      1 skunkhollow.com
      1 si-intl.com
      1 signalscape.com
      1 siemensgovt.com
      1 sidley.com
      1 sfa.com
      1 sensis.com
      1 senecatechnologygroup.com
      1 selil.com
      1 securityconsultants.us
      1 scires.com
      1 sc.edu
      1 savasolutions.com
      1 sarnoff.com
      1 sap.com
      1 sandia.gov
      1 sandia.com
      1 runbox.com
      1 rss-i.com
      1 rri-usa.org
      1 rpssol.com
      1 rotter.com
      1 robersongroup.com
      1 riverglassinc.com
      1 republiccapitalaccess.com
      1 reed.senate.gov
      1 recordedfuture.com
      1 radiantblue.com
      1 r3consulting.com
      1 quintron.com
      1 quantum-intl.com
      1 qualcomm.com
      1 qssgroupinc.com
      1 ptf.gov
      1 psu.edu
      1 prtc.net
      1 proposalcrafter.com
      1 prime-policy.com
      1 post.harvard.edu
      1 poseidon2020.com
      1 portableexpert.com
      1 polisci.osu.edu
      1 policeone.com
      1 pnl.gov
      1 photot.com
      1 phaseone.net
      1 pge.com
      1 perkinscoie.com
      1 patriotsecuritygroup.com
      1 paragondynamics.com
      1 parabal.com
      1 palantir.com
      1 pacific.net.sg
      1 owlcti.com
      1 ou.edu
      1 ostp.eop.gov
      1 osec.usda.gov
      1 ornl.gov
      1 orbital.com
      1 optitechis.com
      1 opm.gov
      1 omb.eop.gov
      1 ogn.af.mil
      1 odci.gov
      1 objectvideo.com
      1 nyct.com
      1 nyc.rr.com
      1 nss.us.com
      1 nsgac.senate.gov
      1 npci.com
      1 nova.org
      1 novakbiddle.com
      1 noblis.org
      1 nmic.gov
      1 nmarion.k12.or.us
      1 nist.gov
      1 nima.mil
      1 newyorkguard.us
      1 newhaven.edu
      1 networkconsultantsgroup.com
      1 netwitness.com
      1 netstarconsulting.com
      1 netscape.com
      1 neosystemscorp.com
      1 neigelcorp.com
      1 ndia.org
      1 nctc.gov
      1 nationalstrategies.com
      1 na.manpower.com
      1 mviewcc.com
      1 msu.edu
      1 msshq.com
      1 morganfranklin.com
      1 monetts.com
      1 mobytechnologies.com
      1 mjww.net
      1 missionsyncllc.com
      1 missi.ncsc.mil
      1 misc.pentagon.mil
      1 mindspring.com
      1 microstrategy
      1 metsala.com
      1 metacarta.com
      1 meridiangroupintl.com
      1 mdsp.org
      1 mcguirewoods.com
      1 maximusit.com
      1 mathc2.com
      1 masygroup.com
      1 marotta.com
      1 markle.org
      1 lorenzresearch.com
      1 lnssi.com
      1 llnl.gov
      1 lingualistek.com
      1 liberty.edu
      1 lgscout.com
      1 level3.com
      1 leo.gov
      1 lat-intel.com
      1 lasd.org
      1 lakenheath.af.mil
      1 l-3com-spg.com
      1 ktech.com
      1 kmssol.com
      1 kippsdesanto.com
      1 kinnearcundari.com
      1 kiernangroupholdings.com
      1 keywcorp.com
      1 kanturkpartners.com
      1 kames.com
      1 juniper.net
      1 jmu.edu
      1 jiddo.dod.mil
      1 jfsc.ndu.edu
      1 jb-a-inc.com
      1 jasonhealey.com
      1 jamitek.com
      1 ix.netcom.com
      1 iwp.edu
      1 itsfed.com
      1 itllc.com
      1 isomcorp.com
      1 islinc.com
      1 iridium.com
      1 ios.doi.gov (attn: secretary salazar)
      1 interlocutor.net
      1 intellpros.com
      1 intelligent.com
      1 integrity.us.com
      1 insightbb.com
      1 input.com
      1 innoviss.com
      1 innovativedecisions.com
      1 infragard.org
      1 infragardnational.org
      1 infragardmembers.org
      1 infoassure.net
      1 in.doe.gov
      1 imetlabs.com
      1 imageryx.com
      1 iis-us.com
      1 ida.org
      1 icioffshore.com
      1 icentric-marketing.com
      1 i-centralpoint.com
      1 ibgweb.com
      1 i2group.com
      1 htgcorp.com
      1 hstoday.us
      1 hq.doe.gov
      1 hightoweradvisors.com
      1 hhs.gov
      1 heurtevent.org
      1 hengcon.com
      1 hbgary.com
      1 gwu.edu
      1 grsco.com
      1 greenlinesystems.com
      1 gov.com
      1 google.com
      1 goodrich.com
      1 gmx.com
      1 geospatialconcepts.com
      1 geointsolutions.com
      1 gdds.com
      1 gcsinfo.com
      1 futures-inc.com
      1 fundintel.net
      1 fulcrumco.com
      1 flexispine.com
      1 feinstein.senate.gov
      1 fedsys.com
      1 fedcappartners.com
      1 fbnt-inc.com
      1 fas.usda.gov
      1 fasi.com
      1 f4winc.com
      1 eurasiagroup.net
      1 etginc.com
      1 esu.edu
      1 es.ibm.com
      1 esi.baesystems.com
      1 esc-techsolutions.com
      1 eodt.com
      1 encrisp.com
      1 emihq.com
      1 email: mel.tuckfield
      1 email: lynda.burroughs
      1 email: lsunden
      1 email: arothman
      1 ed.gov
      1 ec.rr.com
      1 ebrinc.com
      1 eagletsi.com
      1 eaglerayinc.com
      1 eagle32.com
      1 dsbox.com
      1 drs.ca.com
      1 drc.com
      1 dps.state.la.us
      1 dowless.com
      1 dot.gov
      1 dol.gov
      1 doc.gov
      1 dlt.com
      1 dlnmedia.com
      1 digitalriver.com
      1 digitalglobe.com
      1 dfaco.com
      1 densmoregroup.com
      1 demiurgeconsulting.com
      1 deltek.com
      1 delta-risk.net
      1 delphiresearch.us
      1 delex.com
      1 defgrp.com
      1 datadomain.com
      1 dark-lite.com
      1 danjryan.com
      1 cybersquared.com
      1 cubrc.org
      1 ctc.com
      1 csis.org
      1 cs.com
      1 crucialsecurity.com
      1 crucialpointllc.com
      1 crs.loc.gov
      1 criterion-sys.com
      1 cray.com
      1 cpdconsultants.com
      1 convera.com
      1 connellyworks.com
      1 concentric.net
      1 compositesw.com
      1 comlinks.com
      1 comcast.net;
      1 cohengroup.net
      1 cia.ic.gov
      1 chw.edu
      1 chglobalsecurity.com
      1 cfr.org
      1 cfl.rr.com
      1 cert.org
      1 centauri-solutions.com
      1 capgemini-gs.com
      1 cableone.net
      1 butulis.com
      1 bushschool.tamu.edu
      1 buckgroup.net
      1 bstonetech.com
      1 bp.com
      1 bond.senate.gov
      1 bluelink.net
      1 bluelineinfo.com
      1 blueglacier.com
      1 bluecanary.us
      1 blersch.net
      1 bldg.com
      1 blackwatchglobal.com
      1 biometricgroup.com
      1 bhgrp.com
      1 benchmarkes.com
      1 bea.com
      1 bcmcgroup.com
      1 basesystems.com
      1 barracloughltd.com
      1 barcap.com
      1 aya.yale.edu
      1 attach.net
      1 atk.com
      1 atichcd.org
      1 asu.edu
      1 astroguy.net
      1 asims.ca
      1 arl.psu.edu
      1 arinc.com
      1 arcaspicio.com
      1 aqua.com.do
      1 apptis.com
      1 applicology.com
      1 ang.af.mil
      1 alumni.nd.edu
      1 alumni.duke.edu
      1 alumni.bates.edu
      1 alum.mit.edu
      1 alionscience.com
      1 akamai.com
      1 ait-i.com
      1 aim.com
      1 afcea.org
      1 adl.org
      1 adapx.com
      1 acxiom.com
      1 activeassurance.com
      1 acg-hq.com
      1 absicorp.com
      1 1secureaudit.com


@JamesFirth

No comments:

Post a Comment

Comments will be accepted so long as they're on-topic, do not include gratuitous language and do not include personal attacks or libellous assertions.

Comments are the views of the commentator and not necessarily the view of the blog owner.

Comments on newer posts are not normally pre-moderated and the blog owner cannot be held responsible for comments made by 3rd parties.

Requests for comment removal will be considered via the Contact section (above) or email to editorial@slightlyrightofcentre.com.