What the Sabu revelation means for hackers

Everyone, no matter who they profess to be, is potentially an informant.

To most observers he seemed unpredictable, dangerous and so highly skilled that he could evade the long arm of the law. But in an astonishing revelation, last week it emerged that Sabu, the notorious figurehead of hacking group LulzSec, had for almost nine months been working secretly as an informant for the FBI.

The identity of 28-year-old Hector Xavier Monsegur, who led a rampage against government websites and multi-national corporations, had been uncovered when he failed to mask his computer's IP address using an internet chat room on just one fateful occasion.

Soon after, FBI agents appeared at the door of his apartment on the sixth floor of a 14-story housing project in Manhattan. The agents reportedly played "good cop bad cop", convincing the infamous hacker - almost immediately, according to court documents - that his only way out was to cooperate with an international investigation into his former comrades.

Monsegur, under his Sabu guise, proceeded to continue operating aggressively online - in some cases encouraging fellow hackers to commit crimes - all while under apparent instruction of the FBI.

Some suspected he had been "turned" - but the hacker world is rife with conspiracy theories and there was no hard evidence to prove it. "Sabu was identified, apprehended by the FBI and turned to an informant," one perceptive group wrote in November last year. Yet the claim never gained substantial traction.

From the perspective of the authorities, it was a tactical masterstroke. They had managed to flip the most notorious, the most feared, and the most accomplished of the LulzSec members. Due to his close ties and wide respect among hacker collective Anonymous and other splinter groups such as AntiSec, Sabu was a goldmine to the FBI. With his help, they were able to level charges against five accused hackers based in Britain, Ireland and America.

There are concerns, however, about how far the Bureau went to pursue its goals.

On 19 June, just 12 days after Sabu had been arrested, LulzSec, the group he commanded, issued a public call to arms. "Top priority is to steal and leak any classified government information, including email spools and documentation," it wrote in a manifesto.

Sabu was quick to proudly point out the manifesto to his 30,000 Twitter followers. "The biggest, unified operation amongst hackers in history," he wrote, possibly from an FBI computer. "All factions welcome. We are one."

Two months later, on 17 August, Sabu disappeared offline for 30 days. We now know that just two days prior, on 15 August, he had secretly pleaded guilty to twelve counts of hacking in a closed hearing at Southern District court, between Manhattan Bridge and Broadway, New York. When he returned, though he reportedly helped call off some attacks, he maintained a hostile front, claiming, "I wasn't owned, arrested, hacked or any of the other rumors [sic]."

In December, he encouraged an offensive against companies manufacturing surveillance technology; he called on hackers to target "with impunity" anyone supporting legislation that would restrict internet freedoms; and played what sources close to him say was a central role in hacking intelligence and security thinktank Stratfor. The attack on Stratfor resulted in 75,000 credit card numbers being posted online, with 5.5m of the thinktank's confidential emails subsequently passed to WikiLeaks.

This trend continued almost right up until 6 March, the day he was "outed" in an exclusive published by Fox News. As recently as two weeks ago Sabu had publicly instructed hackers to "infiltrate" international crime organisation Interpol and to "expose" arms companies. "Hack their servers," he tweeted on 28 February. "Scour their user email/passes. Grab mailspoolz. Grab docs... Leak. Rinse. Repeat."

Sabu's activities while working out of FBI offices, and then later his home under 24-hour surveillance, raise significant legal and ethical questions. Most notably: by encouraging people to commit crimes in such a brazen fashion, did he cross the thin line from informant to agent provocateur?

It has been suggested that the attack on Stratfor and the subsequent dealing with WikiLeaks was allowed - perhaps encouraged - by the FBI, not only to strengthen the US government's case against the hackers, but also to assist in the prosecution of WikiLeaks founder Julian Assange. (This does not seem beyond the realms of possibility, particularly given America's well-documented desire to prosecute Assange for his role in publishing US government secrets.)

It could have been the case, of course, that Sabu on occasion went "rogue" while under FBI direction. But given that he was the most notorious hacker in the world and having his every move monitored, it is doubtful the authorities would have let him out of their sight long enough for him to have the opportunity - repeatedly and over a period of several months - to incite others to commit criminal acts. What appears more likely is that the FBI decided, like the hackers, they too could play dirty.

These are issues that will no doubt be addressed In the months ahead, as the FBI's tactics fall under scrutiny in the courts and elsewhere. The impact of the Sabu revelation, meantime, has unsurprisingly reverberated like an atomic bomb within the Anonymous community.

"I feel for the ones who worked with him and who trusted him with leaks/data," one hacker told New Statesman. "They could never have known."

This sentiment is one shared across online chat rooms frequented by Anonymous, where there are varying degrees of anger, paranoia, fear and sadness.

For many, the large void left by Sabu will provide a defining moment of sobering reality. His silent Twitter page, once a ceaseless stream of anti-establishment rage, is now nothing but a ghostly relic - a symbolic reminder that in the shadowy virtual world hackers inhabit, no one is untouchable, and everyone, no matter who they profess to be, is potentially an informant.

Ryan Gallagher is a freelance journalist based in London. His website is here.

Photo: Getty
Show Hide image

In focusing on the famous few, we risk doing a disservice to all victims of child sexual abuse

There is a danger that we make it harder, not easier, for victims to come forward in future. 

Back in the 1970s when relations between journalists and police were somewhat different to today a simple ritual would be carried out around the country at various times throughout the week.

Reporters, eager for information for their regional newspaper, would take a trip to the local station and there would be met by a desk sergeant who would helpfully skim through details in the crime Incident Book.

Among the entries about petty thefts, burglaries and road accidents there would occasionally be a reference to an allegation of incest. And at this point the sergeant and journalist might well screw-up their faces, shake their heads and swiftly move on to the next log. The subject was basically taboo, seen as something ‘a bit mucky,’ not what was wanted in a family newspaper.

And that’s really the way things stayed until 1986 when ChildLine was set up by Dame Esther Rantzen in the wake of a BBC programme about child abuse. For the first time children felt able to speak out about being sexually assaulted by the very adults whose role in life was to protect them.

And for the first time the picture became clear about what incest really meant in many cases. It wasn’t simply a low level crime to be swept under the carpet in case it scratched people’s sensitivities. It frequently involved children being abused by members of their close family, repeatedly, over many years.

Slowly but surely as the years rolled on the NSPCC continued to press the message about the prevalence of child sexual abuse, while encouraging victims to come forward. During this time the corrosive effects of this most insidious crime have been painfully detailed by many of those whose lives have been derailed by it. And of course the details of the hundreds of opportunistic sexual assaults committed by Jimmy Savile have been indelibly branded onto the nation’s consciousness.

It’s been a long road - particularly for those who were raped or otherwise abused as children and are now well into their later years - to bring society around to accepting that this is not to be treated as a dark secret that we really don’t want to expose to daylight. Many of those who called our helpline during the early days of the Savile investigation had never told anyone about the traumatic events of their childhoods despite the fact they had reached retirement age.

So, having buried the taboo, we seem to be in danger of giving it the kiss of life with the way some cases of alleged abuse are now being perceived.

It’s quite right that all claims of sexual assault should be investigated, tested and, where there is a case, pursued through the judicial system. No one is above the law, whether a ‘celebrity’ or a lord.

But we seem to have lost a sense of perspective when it comes to these crimes with vast resources being allocated to a handful of cases while many thousands of reported incidents are virtually on hold.

The police should never have to apologise for investigating crimes and following leads. However, if allegations are false or cannot be substantiated they should say so. This would be a strength not a weakness.

It is, of course, difficult that in many of the high-profile cases of recent times the identities of those under investigation have not been officially released by the police but have come to light through other means. Yet we have to deal with the world as it is not as we wish it would be and once names are common knowledge the results of the investigations centring on them should be made public.

When it emerges that someone in the public eye is being investigated for non-recent child abuse it obviously stirs the interest of the media whose appetite can be insatiable. This puts pressure on the police who don’t want to repeat the mistakes of the past by allowing offenders to slip through their hands.  And so there is a danger, as has been seen in recent cases, that officers lack confidence in declaring there is a lack of evidence or the allegations are not true. 

The disproportionate weight of media attention given to say, Sir Edward Heath, as opposed to the Bradford grooming gang sentenced this week, shows there is a danger the pendulum is swinging too far the other way. This threatens the painstaking work invested in ensuring the public and our institutions recognise child abuse as a very real danger. 

Whilst high profile cases have helped the cause there is now a real risk that the all-encompassing focus on them does both victims of abuse and those advocating on their behalf a fundamental disservice.

As the public watches high -profile cases collapsing amidst a media fanfare genuine convictions made across the country week in week out go virtually unannounced. If this trend continues they may start to believe that child sexual abuse isn’t the prolific problem we know it to be.

So, while detectives peer into the mists of time, searching for long lost clues, we have to face the unpalatable possibility that offences being committed today will in turn become historical investigations because there is not the manpower to deal with them right now.

So, now the Goddard Inquiry is in full swing, taking evidence about allegations of child sex crimes involving ‘well known people’ as well as institutional abuse, how do we ensure we don’t fail today’s victims?

If they start to think their stories are going to be diminished by the continuing furore over how some senior public figures have been treated by the police they will stay silent. Therefore we have to continue to encourage them to come forward, to give them the confidence of knowing they will be listened to.

If we don’t we will find ourselves back in those incestuous days where people conspired to say and do nothing to prevent child abuse.

Peter Wanless is Chief Executive of the NSPCC.