Friday, 25 February 2011

Spooks in Second Life

Private Security Contractor Pitched Second Life PsyOps Campaign to US Military

In mid-2010, private security firm and defense contractor HBGary Federal proposed a psychological operations campaign to the United States Special Operations Command (SOCOM) that would take place within the virtual world of Second Life.

SOCOM is the arm of the military that oversees "covert and clandestine missions", according to Wikipedia.

The Second Life PsyOps proposal appears in an Ars Technica story by Nate Anderson and based on more than 40,000 e-mails taken from HBGary Federal’s email server. The company’s emails were seized by the hacker group ‘Anonymous’ and released on Torrent sites, in retaliation for an HBGary Federal employee’s attempts to infiltrate their group through social engineering.

In Anderson’s article about the emails, which describes at length the various root-kits, back doors and other hacking tools the firm was developing for corporate, government, and military clients, is an unusual description of a psychological operation to be launched within Second Life.

The firm’s proposal stated: “HBGary personnel have experience creating political cartoons that leverage current events to seize the target audience's attention and propagate the desired messages and themes.”

It uses a cartoon of Iranian president Ahmadinejad controlling an ayatollah on a puppet string as an example of the kind of desired message they could promulgate.

Messages could be spread through Second Life via "an in-world advertising company, securing small plots of virtual land in attractive locations, which can be used to promote themes using billboards, autonomous virtual robots, audio, video, and 3D presentations,” according to the document examined by Ars Technica.

They even proposed modifying the Second Life client to more efficiently track the dispersion of their message, according to the report, though it’s not entirely clear what is meant by altering the client to produce: "valuable usage metrics, enabling detailed measures of effects,” as quoted in the report.

While Ars Technica notes that there’s no evidence the proposal was accepted by the government, and the Second Life PsyOps scheme is probably just a footnote in the larger story of Anonymous vs. HBGary Federal, the fact that such an idea was put together with Second Life in mind does raise questions about the vulnerability of SL to other such operations, and whether or not Linden Lab itself is aware of any other psychological warfare or propaganda efforts which have been deployed in world.

Another issue it raises is user privacy and the integrity of third-party clients, given that HBGary proposed modifying an SL client and has experience with phishing, creating rootkits and other forms of espionage, as the Ars Technica piece details.

Linden Labs’ new CEO has spoken recently about his commitment to user privacy, telling Dusan Writer: “People don’t want other people to connect the dots from their avatar to their real life person – or even, for that matter, to an alt. One of the ethical obligations we have is to protect people’s privacy.”

Given that firms like HBGary are, as Forbes' Andy Greenberg notes, involved in: “cyberattacks and misinformation campaigns, phishing emails and fake social networking profiles, pressuring journalists and intimidating the financial donors to clients' enemies including WikiLeaks, unions and non-profits" a statement from Linden Lab and new CEO regarding the HBGary Federal PsyOps proposal and related issues would probably be welcome at this time.

I contacted Linden Lab regarding this, and received this official response from Peter Linden, PR Manager of Linden Lab:

Hi Kanomi,

Thank you for your email. While we appreciate the opportunity, we will not be offering comment on this proposed use of the Second Life platform.

Add to del.icio.usAdd to Technorati Faves♦ ♦Stumble ThisRedditSlashdot it

No comments: