Wall Street Vulnerable as LulzSec, WikiLeaks Signal Intent to Go After Banks

By Donn Perez Fresard Imagine leaks uncovering more "Fabulous Fab" types -- there's potential for damaging revelations that could lead to criminal investigations and punishment from the markets. Post-WikiLeaks, there's been a lot of talk about a new era of forced official transparency. Thursday evening, we got a preview of what that might look like when the hacker group LulzSec hacked Arizona law enforcement agencies and packaged more than 700 intelligence bulletins, email archives, training documents and officers' personal information in a Torrent file for mass distribution online. The document is called "Chinga la Migra," which translates roughly to the title of a classic N.W.A. song expressing disapproval for the police. If there's anything "lulzy" about it besides the title, it's the comic ease with which LulzSec "hacked" the police email accounts to snatch the documents:

The presumed source of the files are the 7 e-mail accounts of seven police officers listed in LulzSec's press release. The officers' e-mail passwords are also included, and demonstrate a very low level of awareness of computer security; passwords include "12345", "rosebud", and officers' badge numbers.

Meanwhile, Gawker's Adrian Chen managed to get a Skype interview with the LulzSec member that blog is calling the "world's most wanted hacker," who says despite officials' stated determination to nab him and his compadres, they're not worried in the least about getting caught. (To read The Mad Hedge Fund Trader's piece on Tata Motors, click here.) As some of Gawker's commenters point out, these young hackers' sanguine attitude likely comes from the assurance of hiding behind proxy IPs and new anonymizing software like Tor. Such networks are rapidly advancing, and as such software proliferates and gets easier to use, it will only get harder for officials to track down the hackers and other bad actors who use it. To be sure, LulzSec has opened itself up to a firestorm of criticism from the law-and-order set and people who don't find it so lulzy when hackers put undercover officers in possible danger. But, its supporters might argue, the power of groups like LulzSec and WikiLeaks comes from the very fact that they disseminate classified information without regard to its impact on legitimate government operations. That's a line the media almost never cross, because the public has traditionally accepted some level of secrecy so the police and government can deal with the criminal and terrorist element. And if LulzSec and their ilk manage to cross it -- flagrantly, mockingly, as thousands of sympathizers tweet in delight -- with the very police and governments seeking to punish them, and evade capture? That'll be a strong sign that no one is so powerful that their secrets are hacker-proof. But if those barriers dissolve in a new era of hacks and leaks, the impact will be enormous and devastating -- not only for the state, but also for big industry. The obvious choice for most vulnerable party is Wall Street. Imagine leaks uncovering several or dozens more "Fabulous Fab" types -- there's real potential for damaging revelations that could lead to criminal investigations and punishment from the markets. And WikiLeaks and LulzSec have already signaled their intent to go after banks: WikiLeaks founder Julian Assange has said he's sitting on a Bank of America BAC exec's hard drive containing enough to make the bank's bosses resign. Presumably both groups, as well as any copycats that crop up, will keep probing for bad passwords and moles at the big banks. And it's only a matter of time before some disgruntled former banker or someone with access to their data pulls a Bradley Manning on one of the banks. (To read Joe Jordan's article on the safe haven from anti-trust laws on the internet, click here.) Depending on your stock positions -- and your moral or ideological feelings about the modern banking industry's business practices -- that prospect might terrify you, or it might exhilarate you. Either way, it's worth considering that some of the businesses that have been most profitable historically -- banks, energy, pharmaceuticals, take your pick -- have the most to lose from a proliferation of leaks and hacks. Even assuming the best about most people running those firms, snooping through their executives' confidential communiqués en masse could reveal an unimaginable array of exploitative practices, illegal collusion, negligence toward environmental and health risks and burying of unfavorable research. Like with Wall Street, we have to start thinking about how vulnerable these and other industries are to disruptive leaks and hacks. Perhaps a more terrifying eventuality for most everyone (except those pesky counterfeiters) is that a transparent future could also mean the end of many trade secrets. That also means the faster proliferation of commoditized, copycat products in advanced industries and diluted incentives to invest in R&D. If there was an encouraging sign this week, it's that LulzSec is now signaling its mission is evolving into something less about the "lulz" (like hacking Sony's SNE confidential user data) and more about exposing the bad behavior of those they consider the world's oppressors:

We are releasing hundreds of private intelligence bulletins, training manuals, personal email correspondence, names, phone numbers, addresses and passwords belonging to Arizona law enforcement. We are targeting AZDPS specifically because we are against SB1070 and the racial profiling anti-immigrant police state that is Arizona. (To read Professor Pinch's article on retail deflation, click here.) The documents classified as "law enforcement sensitive," "not for public distribution," and "for official use only" are primarily related to border patrol and counter-terrorism operations and describe the use of informants to infiltrate various gangs, cartels, motorcycle clubs, Nazi groups, and protest movements. Every week we plan on releasing more classified documents and embarrassing personal details of military and law enforcement in an effort not just to reveal their racist and corrupt nature but to purposefully sabotage their efforts to terrorize communities fighting an unjust "war on drugs." Hackers of the world are uniting and taking direct action against our common oppressors -- the government, corporations, police, and militaries of the world. See you again real soon!

On the other hand, the security of official secrets now is in the hands of anarchist-leaning teen hackers, and they're taking the liberty to decide who the oppressors are. And there's nothing preventing people with other motives entirely from jumping into the anti-security game -- say, those who could profit from exposing trade secrets in the developing world. Terrorists and foreign intelligence agencies, too, can use Tor and hack into email accounts. Many of these hacks won't be announced to the public or detected by the victims; the hackers might not even need more Bradley Mannings in some cases, instead slipping "zombie" viruses onto sensitive computers and stealing secrets without leaving a trace of evidence. Unless radical new measures are taken to segregate secrets from computer networks, important secrets in general are increasingly at risk of becoming an endangered species; the more important, the more endangered. It's time to think and invest accordingly. To read the rest, head on over to Minyanville.