by George Eliason for The Saker Blog
What are Cyber Privateers and should you be afraid of them? Cyber privateers and cyber bounty hunters are criminals that are not covered under international law as government agents. In reality, this almost nullifies the chance for war to start over any particular hacking or compromised data event.
The problems hired or volunteer contractors create include a projectable legal attribution. You don’t have to be able to prove a country was behind a cyber attack or hack as long as you meet certain conditions. You can literally project the blame entirely to a different entity. The legal aspects will be covered in the next article.
It also nullifies the myth cyber privateers/ bounty hunters can use government tools on civilian or otherwise protected classes of people and infrastructure at will. International law doesn’t give people hired or volunteering to commit crimes under any auspices a free pass.
This is a new class of terrorism which separates a cowardly criminal element from the victim the same way a remotely detonated explosive would when used at a shopping mall. This criminal activity is spreading at a rate that raises alarm bells especially with the projection of 3 million untrained new hires over the next few years.
In the last article, I introduced you to Jimmy and Gary. After three difficult months of online Youtube training, both of our heroes were ready to take on careers as international men of mystery.
The absolute risk this presents to international peace and security should be obvious regardless of what accepted policy is. Everybody gets to spy or nobody gets to spy is the mantra this generation of Intel managers was brought along with. Most of the tools in the NSA arsenal have their start or at the very least a counterpart that is freeware.
Disgruntled people have access to software that can literally trigger a heart attack for someone with a pacemaker, cause a seizure, or even take control of your car.
More than 70 percent of the Pentagon’s Counterintelligence Field Activity: CIFA is staffed by green badge contractors. The majority of personnel at the DIA, the CIA National Clandestine Service, the National Counter Terrorism Center, and more than 80% of the NSA budget goes to private contractors.
All of the agencies are filled with what amounts to day labor. How many of them already have the keys to the barn that potentially starts the 4 Horsemen of the Apocalypse on their way?
State sized tools give emotionally inadequate and politically repulsive people the ability to illegally mimic or ply actions that are inherently governmental in nature. These same disgruntled overpaid groups fill out the do not fly lists. They are putting people on domestic terrorist watch lists. They are deplatforming journalists and people expressing opinions contrary to their employers and taking over social media and opinion for their employers.
The same groups are hacking websites and stealing financial account information. They gain access to bank accounts through phishing exploits and siphon your account dry. One group I am writing about did this to a family member of mine because of the exposure I’m giving. I’ll get back to that later in the series.
Over the last five years, I’ve not only described the role cyber privateers are playing in world affairs, but have been documenting the players and the damage they are causing.
This article will describe the now accepted US cyber policies that were written by cybercriminals to give themselves cover so they can use the American people and people of the world as their own personal cash cow or reservoir. If they don’t like you, no need to wonder who gets to pay for that.
The inherent problem with cyber privateers is covered in the job description as well as their rather fanciful notion they are anything but criminals.
Privateers operate as sanctioned pirates. These throwbacks pretend to operate like their 18th century inspirations did. Back in the day, the sponsor country allowed them to make money attacking merchant and military vessels they didn’t like but didn’t necessarily want a war with. When mistakes were made, privateers supposedly made reparations to the groups they victimized. They had to identify themselves and offer a remedy for damages.
The 2019 cyber privateer or bounty hunter is under no such compunction. They don’t identify themselves and their victims rarely know who hit them. In fact, when they do identify themselves, it’s just to gloat. They do it in a setting that implies the message that needs to get across without confessions that would hold up in a court.
If this sounds wordy, cutesy, or alarmist, private contractors have interrupted the power grid in Venezuela and hacked into Iran’s nuclear infrastructure. They are penetrating the power grid in Russia. This is an ongoing problem that’s exasperated by the fact legislators rely on the terrorists to draft the laws to protect them from everyone else.
Think of it this way, if Joey, going by the cool hacker name HedCh33z3, decides he doesn’t like Latvia, can he disrupt their electrical infrastructure, medical infrastructure, or elections?
The fact is they move in and out of government service so often, they never bother to switch hats or status. Think of it this way, Joey works for the NSA for a week under a subcontractor and picks up a ton of tools to stalk his Ex and sadistically destroy her life piece by piece. This is what happens when people assume the right to government powers without the authority or responsibility to use them.
Are you willing to send your kid to war or go yourself because Joey HedCh33z3’s ex-girlfriend’s family thinks he’s a creep and they are from XXX country? Yet, we are now snugly very close to being put in this horrific position by politically and emotionally stunted people.
Privateers are Terrorists
So, where do they get the right to do this? Starting right after September 11, 2001, OSINT and cyber started as a serious money-making cottage industry. In the last article, we closed with the DOD actively hiring cyber Bounty Hunters to hack into foreign countries infrastructure.
This practice didn’t just start yesterday. Since 2001, there have been many attempts to codify US hiring of cyber privateers or bounty hunters into law. What this has done is enshrine it in US cyber-policy. The DOD use of subcontractors says a lot.
- What are cyber bounty hunters and cyber privateers and what do they actually do?
- Work with direct action military subcontractors
- Work for NGOs, corporations, lobby groups
- Work for US government agencies like the FBI, CIA, DIA, DOD, DNI
- Work for political parties and causes
- Work for foreign governments like Ukraine as shown in this series against the interests of the American people
- Work for themselves
They provide Intel through OSINT and hacking. They provide direct action through hacking and Information Operations. Today, they are taking on inherently governmental responsibilities and making decisions they don’t have the authority to make and they make decisions that belong to State agencies.
- Who is the enemy?
- Who is friendly (or are there really any friends out there)?
- Who is a danger and how?
- Why are they a danger?
- What is their motivation?
- What steps will the US need to take to stop them, turn them in a different direction, or make peace with them?
One attempt to legalize this activity is called the Morgan Doctrine.
You’re aware that the U.S. Secretary of State is actually dumb enough to host her own email server. Even if you’re a third-world country without the infrastructure to create serious cyber attacks yourself, a few thousand dollars in Bitcoins to Hackers-R-US will get you zero-day exploits to crack just about any individual server. Either way, you’re going to OWN that server before the next national holiday (pick your country, pick your holiday).
The Morgan Doctrine states simply that if you attack my computers (or my banking assets held in US-based computers), then under a certain set of well-defined conditions, a licensed and bonded “cyber privateer” may attack you in your home country and split the proceeds with the U.S. government…You raid our bank accounts, we raid yours. You make money from off-shore child pornography, we’re going to loot your bank accounts and, with some REALLY creative black hat operations, you will be taken off the grid worldwide to the extent that you’ll not even complete a cell phone conversation for the remainder of your miserable depraved life.- The Morgan Doctrine
Who decides what is right, legal, or legally binding? Is it right when someone who gets paid to find you and accuse you also makes his money from destroying your life and reputation, or directly by stealing money directly from you?
According to the Morgan doctrine blogger who does this kind of work for Oracle, Salesforce.com, BIGFIX, and other technology companies, the answer is a big yes.
The USA followed by Ukraine makes up the highest percentage of over 50,000 readers which reflects the numbers the Ukrainian Diaspora hired to create the illusion of Russian aggression in Ukraine and the 2016 election interference meme. This is a serious attempt to push legislators for legal cover for what is accepted at the policy level.
Let’s spell this out. If a cyber bounty hunter or cyber privateer say you work for Russia while they work against Russia, according to this, you picked your side in the war they get paid to fight. It doesn’t matter if you don’t know you’re in one.
When they work for NGOs, foreign governments, political parties, and companies, they are given cover. They found out along the way they are entitled to your bank account as part of their payment as well as the joy of ruining your life every way they can. It means no more than a video game to them.
In the private sector they now illegally, harass, stalk, and locate people with no legal justification. They are trying to facilitate renditions and executions. Let’s be clear, these are your neighbors doing this to your neighbors.
Aric Toler and Bellingcat helped set up the functionality of Ukraine’s hit for hire website Myrotvorets (peacemaker). The only goal of the site is to publish personal and contact information of anyone they consider standing against Ukrainian nationalism so they can be dealt with by private parties.
The above clipped from Christelle Neant’s article should be clear enough to understand on its own and she asks the right questions. Bellingcat’s work with privateer groups has included trying to leverage their collective expertise and locate and rendition me.
Almost every time I’ve been threatened by Ukraine, it’s an American collaborator making the threat for them. The linked article shows one such person who also designed Ukraine’s Information Policy. He also wrote the policy paper for the US government’s cyber policy.
The people that testify for the US Congress on cyber and OSINT are the same people doing these things. They are training and setting up groups in multiple countries and under different auspices.
More than one of them trained the full spectrum of alphabet agencies. CIA, NSA, DIA, FBI, DNI, DOD, and we can keep going across the board.
They were behind setting up the policy that guided the Tallinn Manual defining cyberwar and international law. We’ll be opening that up within a couple of articles.
As a testament of their cyber mojo, they spent the last few years collectively trying to locate someone who didn’t change locations often and used normal communications and social media. I publish articles in 5 or 6 publications regularly. I have 4 or 5 different social platform accounts.
They couldn’t figure out that I was where I said I was for the last 5 years. This spring I wrote a Victory Day article with local video and interviews. Even though I clearly showed my location, they still weren’t too sure.
The one thing you can say about them and their ally Bellingcat is they are consistent. Consistently wrong that is. In Ukraine, Bellingcat’s chief source of Intel is Ukrainian Intelligence. This includes the Ukrainian State hackers that contacted me after my sister was hacked. Journalism from the Donbass side of the contact line is a crime against Ukrainian sensibilities.
This group supplies Intel to NATO and individual EU countries and makes the rounds in Congress. Bellingcat’s work in Syria is chiefly supplied by the other side of Bellingcat’s Intel fabricators who also work for Ukraine.
We now have Americans working with foreign Intel stalking Americans and foreign citizens/ journalists for foreign countries they know will be tortured and killed. This clearly falls under terrorist activity.
One side of the group that works for Ukrainian Intel contacted me for the first time the day after the bank account was hacked and cleaned out using the hacker’s preferred method. What was the reason for the sudden communication? He wanted me to know how smart he really was.
Yet, these same so-called super spies claim to be able to find information about things people are actively trying to hide like weapons systems, motive. Most of the time they don’t speak the language of the country they claim to have expertise for. They decide guilt even though reality shows they aren’t able to actually do the job. Strange, isn’t it?
It was US policy to make them extra-legal but not illegal in the US after 9-11. Congress worked with these groups to write laws that refuse to criminalize what they do when it’s done on citizens. In fact, it no longer matters which side of the spectrum holds the reins, they feel empowered and will continue to do so until laws are written regulating their industry.
Over the last articles, I developed a slow-burn look into the world of the private spy. The idea that in less than 4 years the industry wants to hire 3 million unlicensed, unbonded, and untrained experts to work both government and corporate Intel and spy gigs should scare the hell out of you.
Can you give me a reason why the US which already collects and analyzes every piece of data on the internet needs so many more of what amounts to interns working with state sized software packages?
That’s 82 US citizens per new hire private sector OSINT agent. They have to literally spend 4 days on each person they investigate (82 per year including babies) just to get a full year’s worth of work because of the existing DNI, FBI, CIA, DIA, DOD OSINT agents have the rest of the world covered.
How serious is the information I’m providing? The EU Computer Emergency Response Team (CERT-EU) sent the articles to the EU institutions, agencies and bodies as well as outside governments and agencies. This means the EU has real concerns about the practice, laws, and policies allowing the practice because of the inherent damage so-called bit-players in private Intel and Information Operations (IO) can do at home and abroad not to mention diplomatically.
After you grasp the magnitude of the problem and begin unwinding the moving parts it can become manageable again through lawfare. Legal and societal protections you take for granted no matter where you live went out the window as soon as these practices became the norm.
Even from street level, people can make large sweeping changes to the world. Before you poo-poo, the idea, look at the CERT-EU screenshot again. I believe this can be done because I have already done it.
Towards the bottom of the article, we’ll get into the international policy for cyberwar and non-war situations. The same people that I’ve been writing about for the last 5 years exposing how they go after groups with protected status also wrote the policy for the US Government, all the agencies. While they didn’t write international policy directly, people they trained or work with closely did.
Four years ago, I exposed a flaw that exposes them to justice in the Tallinn Manual and threatened to pursue it. I did this because to win, I needed that gap closed. Tallinn is about applying the laws of war to cyber. It is something that otherwise would get no mention at all because it’s not considered a gap in any other context.
They closed that specific gap verbosely and gave me the opportunity to show how sordid this mess is. This also paves the way to provide a real resolution from private spies attacking civilians, social groups, political groups, journalists and other protected parties. Myrotvorets and Propornot should take note as should the other better and lesser-known companies and personalities.
No one has the right to use what they, themselves, rightfully label as Al Qaeda tactics on civilian populations, social activists, journalists, and other protected groups without assuming the legal definition of a terrorist, i.e. cyber terrorist.
Should lawfare (legal activism) fail to provide a remedy, the penalties for cyber assault (terrorism) and the right to a vigorous defense against perpetrators is what can make the laws change-FAST. Terrorism is terrorism is terrorism.
Once that fact is established anyone supporting them or hiring them in any way shape or form is guilty of material or direct support of terrorist activities against their own nation. Congressman, what say ye?
Law and policy makers fell in love with this power they never had before because it gives them the ability to shape policy they have no right to change for the sake of constituent and lobbyist cash and gift donations. They create loopholes in the cyber laws they write with the help of the companies and practitioners engaged in criminal behavior (under every other circumstance). Today, they hire the same criminals to help them with elections. Oppo-research, reputation management, Information Operations, and even projecting their (congressman’s private) own foreign policy agenda into the international arena.
Imagine Congress asking a cybercriminal what kind of regulation or oversight their industry needed? What if Congress then asked the same societal deviants to write the laws that define the limit to what is legal they would agree to. Real criminals decided what the laws protecting their victims should be. They decided what the penalties should be if they got caught.
The tradeoff is this same Congress that was never allowed access to Top Secret information unless they have security clearance on their committee can get the actionable Intel before it’s marked “secret” if it’s gathered through OSINT by a private contractor working for US Intel agencies. That loophole makes it ok for anybody to move information before it’s been vetted and resell it.
Imagine these same legislators hiring you because you’re the expert they trust and they knowingly wink at the crimes you’re committing against your own people. They haven’t updated labeling the new twist on criminal law yet, and they won’t because you don’t want them to. And hardly anyone is referencing the same crimes using older precedent as a reference for prosecution or lawsuits.
This creates huge gray zones in the law. Gray zones are areas of law where even though something is illegal, there is no law on the books against a specific method of a known crime. Stalking is the easiest example. If someone is stalking you, follows you, and threatens you, we can all agree a crime was committed.
So is stalking a crime? Not if you are an OSINT practitioner doing it online because there is no legal or regulatory system you have to justify yourself to.
The gray zone, in this case, exists in a couple of areas. The first is attribution or identifying the perpetrator. This isn’t a small thing. The person with the Twitter handle “little ice cream girl” could actually be Stan from Milwaukee who was hired to sway the vote for his candidate. You annoyed him. The state sized software package he inherited working for XXX contractor that was working for the CIA toppling Antarctica is going to come in handy wrecking your life as thoroughly as the preverbal bull in the china shop.
The second is time and distance. Money concerns aside, if you are stalked, harassed, or threatened from the other side of the country or globe, what local prosecutor can even get his head around this new dimension of law?
Last year when I was originally going to publish this series, I spoke to an attorney specializing in international law. He listened for a short time and told me to stop. He didn’t want to hear any more. It wasn’t because of a lack of proof. His reasoned that the substance of what I was saying would put him in a very dangerous position.
It wasn’t his first rodeo and he claimed the last time around, his own national government refused to give him any cover or come to his aid. In his words, his government views taking on private Intel contractors as akin to taking on the CIA directly. And they weren’t willing to do that.
This is the attitude most people and even Congress takes. You can’t beat the deep state. But, the deep state ISN’T sworn-in law enforcement or agency personnel anymore. The illegal hiring practices for almost 2 decades gave private sector (green badges) oversight of agency personnel and projects. The problem multiplies because they trained the managers at the agencies and wield tremendous influence.
A fundamental truth is private industry cannot take on inherently governmental responsibilities legally or successfully. In the end, a company’s only consideration is their bottom line. Patriotism and companies part ways when it is no longer profitable. That’s just business.
What Congress and policymakers have done is to allow a huge gray area to be created where criminals are allowed to thrive because they provide political candy in the form of mostly fake Intel that supports whatever project a member of Congress needs to appease his pet cause lobbyists.
This could all be cleaned up by applying existing stalking and assault laws to online stalkers by making the punishment extreme. The same goes for political activists that are doing this under the cover written for them. As long as they volunteer, they are not targetable for retribution internationally. If they are provably working with a country or company working with a country, as soon as they stop, they can’t be touched. How’s that for a policy?
Fixes for Online Troll Remediation
Putting all these online Intel related cottage industries under rigid government oversight and forcing them to document what they are doing and to whom both domestically and internationally is the one way any type of privateer scenario that is already OK’d by the current policy can actually work. It also gives protected classes the opportunity to stop harassment and demand damages. This is precisely why it won’t happen unless it is pushed hard.
Congress could write and pass a one-page bill to write protection against this if they had the inclination. The crimes exist in the law already. The only expansion is applying them to technology. They won’t.
The other more realistic approach is to demand US president Donald Trump takes out his magic pen and write an executive order guaranteeing reasonable protections and appropriate punishment.
This is unlikely to happen because the move would literally box in this already metastasized invasive cancer commonly called the deep state. The celebrated work of the CIA and FBI infiltrating perfectly legal civil groups or dispersing propaganda through news platforms like the New York Times has been rendered child’s play in both scope and impact.
And we’re still waiting to see what kind of trouble 3 or 4 million unregulated new hires will bring domestically and internationally.
International Law and Policy for Online and Cyberattacks
Next, let’s establish a few things directly from Tallinn Manual I. From a 2015 article I’ll be highlighting a lot more in the next article I showed clearly that:
- Civilians are a protected class.
- If you work with a foreign country against their perceived enemies you are considered a military asset even if you work for a private contractor. You are targetable in every sense that word conveys.
- If you work with a foreign country against their perceived enemies you are considered a military asset and attacks against civilians is a terrorist act.
- To my knowledge no western country allows its citizens to make war on each other or citizens of other countries they are at peace with. The Black Letter Rules include: Rule 23.3 Cyber attacks against civilians is a war crime defined by rule 32.
- Rule 26.7 The concept of “belonging to” defines whether you can be targeted or not. This rule defines civilians as off limits unless they are “engaged” in real war duties. It includes undeclared relationships where behavior makes it clear which side a person is fighting for.
- Rule 26.9 Virtual online communities and people expressing opinions do not qualify as combatants.
- Rule 30 defines a cyber attack as a non-kinetic attack reasonably expected to cause damage or death to persons resulting from the attack. If attacker mistakenly calls civilians lawful targets, the attack on civilians still occurred. It is a crime. This is an important consideration considering how interconnected the internet has made people.
- Rule 31 Psy-Ops including leaflets, mass emails is not prohibited behavior.
- Rule 33 If there is doubt to the status of a person, that person is to be considered a civilian and not targetable.
- Rule 35.5 Gathering information for the military makes you a combatant.
- Journalists are prohibited targets.
- Once an attack is made, the retribution is legal and does not necessarily need to be in kind.
A cyber attack can be met with conventional weapons.
- Rule 41 Means and Methods describes cyber weapons broadly as the means to carry out cyber war by use, or intended use of cyber “munitions” designed to cause damage, destruction, or death to its targets. The breadth of the rule is required because of the wide array of possible attacks through cyber means.
Now, the first loophole I wanted to be closed comes from an inverse look at a cyber war attack including stalking and targeting protected classes. Here’s how this can be elevated to war crimes.
Cyber can come from anywhere across the globe, anonymously, and stealthily (you may not even realize you were attacked). Because of today’s events people being attacked are from different parts of a given country and even spread across the globe.
This means if political or social activists are targeted, it may look like random events even though the numbers of victims could be in the hundreds of thousands or potentially millions. Here’s the two-minute example from one of the industry pioneers that attack civilians.
If the attack is considered as a single event because one single protected class or group is targeted even though they are physically at different geographical locations, we can reach the threshold for a cyber attack governed by the laws of war. Since it’s civilians, it would need to be litigated but the settlement would come from the offending country. Cha-ching!
Nevertheless, I collected a sample of 50+- IP addresses. Thank you, Mr. Justin, you are an eminently useful idiot.. . Also, many (most?) of the US readers were at work when they visited antiwar.com. Those US readers are concentrated in New York metro, Washington DC, greater Boston, the Bay Area, and Illinois (Chicago and main campus, U of I). Meanwhile, the Russian readers (there are only two in the dataset) are split between Moscow and Saint-Petersburg.”- Andrew Aaron Weisburd @webradius
I ask why is this Info war agent that trained all the US Intel agencies, NATO, and works for Ukraine geolocating American citizens for Ukrainian purposes?
This group is a political social group reading and commenting at a media platform in a country that still has the 1st Amendment. It is a protected class.
THIS IS ONLY ONE STEP FROM A WAR CRIME. As soon as it’s established Weisburd is doing this for less than Ukraine’s hit for hire site Myrotvorets, we are in the neighborhood of WAR CRIMES. Interestingly, Weisburd helped spawn Myrotvorets and enhanced Ukraine’s geolocation abilities.
Secondly, if it doesn’t meet the war threshold, it is still a terrorist attack on protected groups. When I proposed that injured parties have the right to robust self-defense, Tallinn II closed up the language by barring civilians the right of redress, self-defense, or preemptive assault because this was the domain of nations.
But, that language also makes it imperative for them to persuade Congress to step up to bat and write restrictive laws or the future looks very bleak for private industry spies and IO working against the public interest.
But, that language also makes it an imperative for them to persuade Congress to step up to bat and write restrictive laws or the future looks very bleak for private industry spies and IO working against the public interest.
Did Andy Weisburd take that final step? Stay tuned, it’s detailed in the next articles. Next up, we’ll show the same small groups of OISINT and IO trailblazers are responsible for most fake news, bad Intel, and are covering up crimes against humanity.
Make no doubt about it, they are terrorists. They can be treated like terrorists and people have the right to robustly defend themselves.