BlueLeaks
BlueLeaks, sometimes referred to by the Twitter hashtag #BlueLeaks, refers to 269 gigabytes of internal U.S. law enforcement data obtained by the hacker collective Anonymous and released on June 19, 2020 by the activist group Distributed Denial of Secrets, which called it the "largest published hack of American law enforcement agencies."[1]
The data — internal intelligence, bulletins, emails, and reports — was produced between August 1996 and June 2020[2] by more than 200 law enforcement agencies, which provided it to fusion centers. It was obtained through a security breach of Netsential, a web developer that works with fusion centers and law enforcement.
The leaks were released at hunter.ddosecrets.com and announced on the @DDoSecrets Twitter account. The account was banned shortly after for "dissemination of hacked materials" and "information that could have put individuals at risk of real-world harm."[3] Wired reported that Distributed Denial of Secrets attempted to remove sensitive information from the data before publication. National Fusion Center Association (NFCA) officials confirmed the authenticity of the data, according to documents obtained by security journalist Brian Krebs; the organization warned its members that hackers may use the leaked information to target them.[4]
Background
The Blue Leaks data comes largely from the intelligence gathered by fusion centers. After the September 11, 2001 terrorist attacks, the United States government sought to improve communication between different levels of law enforcement to better discover and prevent terrorist attacks. They encouraged state and local governments to create fusion centers: physical locations where representatives of different law enforcement agencies share and collectively analyze intelligence before distributing reports back to their respective agencies. Fusion centers have since begun working with private "data brokers" with little public oversight.[5]
Fusion centers have been criticized as privacy-invading, ineffective, and targeted at political groups. In 2012, the Senate Permanent Subcommittee on Investigations found that over the 13 months of review, fusion centers did not contribute to the identification or prevention of a terrorist plot,[6]:2 and that of the 386 unclassified fusion center reports it reviewed, three-quarters had no connection to terrorism at all.[6]:32 In 2008, the Department of Homeland Security identified a number of privacy-related concerns created by fusion centers. The Department noted that the excessive secrecy of fusion centers led to comparisons with COINTELPRO, and that fusion center reports sometimes distribute inaccurate or incomplete information.[7]:28–9 The 2012 Senate report points to a report issued by an Illinois fusion center in 2011. The report wrongly claimed that Russian hackers were to blame for a broken water pump, and despite the Department of Homeland Security publicly stating the report was false, its Office of Intelligence and Analysis included the claims in its report to Congress.[8]
After the killing of George Floyd and other instances of police violence in 2020, law enforcement in the United States came under renewed scrutiny. In early June, the hacker collective Anonymous announced its intent to expose police misconduct.[9] The collective did high-profile hacks in the 2000s and early 2010s. In 2011, Antisec, a subgroup of Anonymous, released law enforcement information in support of Occupy Wall Street protestors, but the collective had few significant operations within the United States since then.[4]
Findings
The BlueLeaks collection includes internal memos, financial records, and more from over 200 state, local, and federal agencies.[4] More than one million documents were leaked from law enforcement fusion centers.[1] In leaked documents, officers track individual, group, and event pages with protest or anti-law enforcement rhetoric.[10] Some of the documents contain material related to the attitudes of law enforcement and their response to the Black Lives Matter movement, George Floyd protests, and COVID-19 pandemic.
During the George Floyd protests, law enforcement agencies monitored protesters' communications over social media and messaging apps. Reports leaked found that the police were aware of the potential for their surveillance to violate the Constitution. They distributed documents to police filled with rumors and warnings that the protests would become violent, sparking fear among police officers.[11]
The documents also show a much broader trend of surveillance. They show details about the data that police can obtain from social media sites including Facebook, Twitter, TikTok, Reddit and Tumblr, among others. Fusion centers also collect and distribute detailed data from automatic license plate readers.[12]
Surveys from law enforcement training programs reveal that some instructors were prejudiced and unprofessional. Classes taught biased, outdated, and incorrect content. Some contain sexual content unrelated to the class, and there was one report of an instructor admitting to lying in court frequently.[13]
In Maine, legislators took interest in BlueLeaks thanks to details about the Maine Information and Analysis Center, which is under investigation. The leaks showed the fusion center was spying on and keeping records on people who had been legally protesting or had been "suspicious" but committed no crime.[14]
Documents also contain reports about other countries from the Department of Homeland Security, U.S. Department of State and other agencies. Officials discussed cyber attacks from Iran and concerns about further attacks in early 2020.[15] Another report discusses possible Chinese espionage at natural gas facilities.[16] Homeland Security also discussed Russian interference with American elections, attempts to hack the 2020 census, and manipulation of social media discussion.[17]
Google's CyberCrime Investigation Group
On August 21, The Guardian revealed, based on the leaked documents, the existence of Google's "CyberCrime Investigation Group" (CIG). The group focused on voluntarily forwarding detailed information of Google, YouTube and Gmail users, among other products, to members of the Northern California Regional Intelligence, a counter-terrorist fusion center, for content threatening violence or otherwise expressing extremist views, often associated with the far right. The company has also been said to report users who appeared to be in mental distress, indicating suicidal thoughts or intent to commit self-harm.[18]
One way Google identified its users in order to report them to law enforcement was by cross-referencing different Gmail accounts that eventually led them to a single Android phone. In some cases the company did not ban the users they reported to the authorities, and some were said to still have accounts on YouTube, Gmail and other services.[18][19]
Response
Shortly after the leaks were released, on June 23, Twitter permanently banned DDoSecrets's Twitter account for distributing hacked materials. Twitter also censored all links to the DDoSecrets website.[20]
German authorities seized a server used by DDoSecrets at the request of U.S. authorities. The server had hosted the BlueLeaks files, but the documents remained available for download through BitTorrent and other websites.[21]
On July 9, Reddit banned r/BlueLeaks, a community created to discuss BlueLeaks, claiming they had posted personal information.
There is a federal investigation relating to BlueLeaks. Various Freedom of Information Act requests filed about BlueLeaks and DDoSecrets were rejected due to an ongoing federal investigation. Homeland Security Investigations has questioned at least one person, seeking information about BlueLeaks and DDoSecrets.[22]
See also
References
- Karlis, Nicole (2020-06-22). "Inside "Blue Leaks," a trove of hacked police documents released by Anonymous". Salon. Archived from the original on 2020-06-23. Retrieved 2020-06-24.
- "'BlueLeaks' Exposes Files from Hundreds of Police Departments — Krebs on Security". Krebs on Security. 2020-06-22. Archived from the original on 2020-06-22. Retrieved 2020-06-22.
- Cimpanu, Catalin (2020-06-23). "Twitter bans DDoSecrets account over 'BlueLeaks' police data dump". ZDNet. Archived from the original on 2020-06-24. Retrieved 2020-06-24.
- Greenberg, Andy (2020-06-22). "Anonymous Stole and Leaked a Megatrove of Police Documents". Wired. ISSN 1059-1028. Archived from the original on 2020-06-23. Retrieved 2020-06-24.
- Monahan, T. (2009). "The Murky World of 'Fusion Centres'" (PDF). Criminal Justice Matters. 75 (1): 20–21. doi:10.1080/09627250802699715. Archived (PDF) from the original on 2019-07-11. Retrieved 2020-06-24.
- "Senate report" (PDF). Archived (PDF) from the original on 2019-11-12. Retrieved 2020-06-24.
- "DHS report" (PDF). Archived (PDF) from the original on 2020-03-29. Retrieved 2020-06-24.
- Zetter, Kim (2012-10-03). "DHS Issued False 'Water Pump Hack' Report; Called It a 'Success'". Wired. ISSN 1059-1028. Archived from the original on 2020-06-24. Retrieved 2020-06-24.
- Molloy, David; Tidy, Joe (2020-06-01). "The return of the Anonymous hacker collective". BBC News. Archived from the original on 2020-06-04. Retrieved 2020-06-24.
- "Yes, the police are watching what you post on Facebook about protests". The Daily Dot. 2020-06-29. Archived from the original on 2020-07-13. Retrieved 2020-07-09.
- Hvistendahl, Mara; Brown, Alleen (2020-06-26). "Law Enforcement Scoured Protester Communications and Exaggerated Threats to Minneapolis Cops, Leaked Documents Show". The Intercept. Archived from the original on 2020-06-27. Retrieved 2020-06-28.
- Maharrey, Mike (2020-06-27). "Document Unmasks Fusion Center's Participation in License Plate Surveillance". Tenth Amendment Center. Archived from the original on 2020-07-06. Retrieved 2020-07-11.
- Hagerty, Colleen (2020-07-10). "'This is a time bomb'—Leaked docs reveal homophobic, racist police instructors". The Daily Dot. Archived from the original on 2020-07-10. Retrieved 2020-07-11.
- Neumann, Dan (2020-06-30). "Lawmakers call to defund Maine's secretive police intelligence agency". Beacon. Retrieved 2020-07-11.
- Slapinski, Mark (2020-07-01). "BlueLeaks: US Law Enforcement feared Iranian hackers". Toronto Today. Archived from the original on 2020-07-09. Retrieved 2020-07-11.
- Petti, Matthew (2020-07-07). "Exclusive: Did Chinese Agents Try To Stake Out American Natural Gas Plants With Drones?". The National Interest. Retrieved 2020-07-11.
- Slapinski, Mark (2020-07-06). "Homeland Security prepared for Russian interference in 2020 Census". Toronto Today. Archived from the original on 2020-07-11. Retrieved 2020-07-11.
- Wilson, Jason (17 August 2020). "Google giving far-right users' data to law enforcement, documents reveal". the Guardian. Retrieved 6 September 2020.
- Low, Cherlynn (17 August 2020). "Google reportedly sent identifying info of extremist users to law enforcement". Engadget. Retrieved 6 September 2020.
- "Twitter has permanently banned the group that published the 'BlueLeaks' police files obtained by hackers". Business Insider Nederland (in Dutch). 2020-06-24. Archived from the original on 2020-07-09. Retrieved 2020-07-09.
- Bajak, Frank (9 July 2020). "Germany seizes server hosting pilfered US police files". Associated Press. Archived from the original on 9 July 2020. Retrieved 11 July 2020.
- Franceschi-Bicchierai, Lorenzo (2020-07-20). "ICE Questions an Admin of The-Eye Archive Site That Hosted 'Blue Leaks'". Vice. Archived from the original on 2020-07-20. Retrieved 2020-07-20.