Team Themis

In January 2011, an executive in the computer security firm HBGary Federal claimed to have identified the leadership of the hacker collective Anonymous.53 In response, the collective hacked the firm’s email and other accounts, and released its files on the Internet.54 This created a rare opportunity to review the recent internal workings of an important private investigative firm. The documents reveal proposals made by HBGary Federal to the powerful U.S. law firm Hunton & Williams, to help its client, the U.S. Chamber of Commerce, discredit its nonprofit critics. The documents offer the joint services of three firms: HBGary Federal, the intelligence analysis firm Palantir Technologies56 and Berico Technologies,57 which provides intelligence services to the U.S. military and intelligence agencies. Together, the three firms called themselves “Team Themis.” In response to solicitations from Hunton & Williams, several Team Themis documents outline a campaign to target U.S. Chamber Watch, a nonprofit watchdog group that monitored the U.S. Chamber of Commerce. Team Themis proposed to execute highly unethical and/or possibly illegal tactics, 58 such as:  “Create a false document, perhaps highlighting periodical financial information, and monitor to see if US Chamber Watch acquires it. Afterward, present explicit evidence proving that such transactions never occurred.”  “[C]reate a fake insider persona and generate communications with CtW [Change to Win]. Afterward, release the actual documents at a specified time and explain the activity as a CtW contrived operation. Both instances will prove that US Chamber Watch cannot be trusted with information and/or tell the truth.”59 Team Themis proposed to wage electronic warfare against U.S. Chamber Watch and its allies. One Team Themis proposal offers to employ HBGary Federal’s capabilities for “Information Operations.” Information Operations is a military term for electronic warfare. The proposal includes HBGary Federal’s expertise in “Vulnerability Research/Exploit Development” and “Malware Analysis and Reverse Engineering.”60 Another Team Themis document proposes to use a software engineer “responsible for the design and development of custom bots”.61 Many kinds of malware use custom bots. Other emails show that HBGary Federal investigated the critics of the U.S. Chamber of Commerce, including their spouses, children, religious activities and personal lives – and even gathered photos of them.62 Team Themis proposed to Hunton & Williams a $200,000 monthly price tag for initial research, with a $2 million monthly cost for a full campaign.63 Team Themis proposed to employ veterans of the U.S. military and intelligence services. In a proposal to Hunton & Williams, Team Themis wanted to “highlight…key personnel as representative of the outstanding talent within our organizations” who would conduct or oversee espionage against nonprofit organizations. Those people include:  Guy Filippelli, “a former U.S. Army Military Intelligence officer with service in Germany, Korea, Iraq and Afghanistan, and as a civilian Special Assistant to the Director of the NSA….He most recently returned from several weeks in Afghanistan in June 2010, conducting a comprehensive assessment for senior defense and intelligence officials.”  Doug Philippone “deployed to Afghanistan, Iraq and Pakistan for a total of 6 deployments from 2003-2007. He commanded multiple Joint Special Operations Command outstations in support of the global war on terror. Doug ran the foreign fighter campaign on the Syrian border in 2005 to stop the flow of suicide bombers into Baghdad…. As a commander, Doug ran the entire intelligence cycle: identified high-level terrorists, planned missions to kill or capture them, led the missions personally, then exploited the intelligence and evidence gathered on target to defeat broader enemy networks.”  Aaron Barr, who “served as the Director of Technology for the Cyber security and SIGINT Business Unit within Northrop Grumman’s Intelligence Systems Division….[He] served 12 years in the United States Navy as an enlisted cryptologist, senior signals analyst, software programmer, and system administrator….Mr. Barr has pioneered many uses of the Internet and new media for the purposes of conduction broad information operations campaigns for key intelligence customers.”64 Team Themis offered to infiltrate critics of the U.S. Chamber of Commerce. In a “brief” for Hunton & Williams, they propose to “use the following tactics to mitigate effect of adversarial groups.” These tactics include: “Discredit, Confuse, Shame, Combat, Infiltrate, Fracture.” They proposed using these tactics against the Center for American Progress, MoveOn.org, Velvet Revolution, Move to Amend, JTMP (Justice Through Music Project), U.S. Chamber Watch, Brad’s Blog, Joe Trippi, Brave New Films, New Left Media, Agit-PoP, Courage Campaign and the Ruckus Society.65 Team Themis proposed to gather intelligence from several nonprofit organizations and their staff. One document sets forth some “priority intelligence requirements” and targets the following nonprofit organizations: MoveOn.org. Velvet Revolution, Center for American Progress, the Tides Foundation and Justice Through Music and U.S. Chamber Watch. Team Themis proposed to target these specific individuals: Brad Friedman, co-founder of the Velvet Revolution; Jane Johnson, a communications strategist; Ilyse Hogue, former director of political advocacy and communications for MoveOn.org; Nick Nyhart, president and CEO of Public Campaign; and Robert Weissman, president of Public Citizen.