In a Wednesday email to its readers, Strator claimed responsibility in its failure to protect customers from hackers who leveled a series of attacks on the site, including theft of credit card data, emails, and other personal information.
George Friedman, founder and CEO of Austin, Texas-based Stratfor, called his company’s handling of the hacking incident “a failure” in noting the compromise of its customer base, and laid the failure on the back of the company’s “rapid growth.”
The email revealed Stratfor first was hacked in early December, immediately initiating an FBI investigation. The FBI told Stratfor the belief was hackers would expose the damaging theft, and Friedman stated
We were under no illusion that this was going to be kept secret. We knew our reputation would be damaged by the revelation, all the more so because we had not encrypted the credit card files.
The company’s failure to protect client credit card information brought on a wave of condemnation by various media sources.
Friedman added it was unclear who the hackers were, and the company decided to protect the investigation by not acknowledging the hacking attack. He said he believed with the credit card information stolen, Stratfor had weathered the storm. He was soon proved wrong, as the hackers returned on Christmas Eve, announcing on Stratfor’s website the credit card data had been stolen, along with the email thefts and destruction of four of Stratfor’s servers, effectively shutting down the site. He noted
We had expected they [hackers] would announce the credit card theft. We were dismayed that emails had been taken. But our shock was at the destruction of our servers. This attack was clearly designed to silence us by destroying our records and the website, unlike most attacks by such groups.
According to the narrative between Stratfor and the hackers, “people claiming to speak for Anonymous and related groups,” the emails were the primary target, with the credit card data theft a bonus. Friedman said the emails could be seen as “stupid or subject to misinterpretation,” but the hackers’ interpretation of who Stratfor is was “wildly off base.” He added it was unknown if the hackers would feel remorse upon discovering the geopolitical analyst is not who they expected.
Stratfor expected to be attacked again, and last week it was. Emails were sent out from a fake Stratfor address calling the hackers “deranged, sexually deviant criminal hacker terrorist masterminds,” and included Friedman’s mobile and home phone numbers.
Friedman noted the Internet has become “the village commons of the planet,” yet this global commons allows anonymity, a “great virtue” but also a “terrible weakness.”
Technology which drives the Internet is the very factor undermining its accountability, with its integrity in the hands of unknown identities with unknown motives, and with the ability “to cause substantial harm.”
Friedman’s disappointment over the hacking incidents continued, when he noted
The consequence of this will not be a glorious anarchy in the spirit of Guy Fawkes, but rather a massive repression.
Stratfor’s core business is to “objectively acquire, organize, analyze and distribute information,” Friedman continued. In closing comments of the email, he added the company will continue publishing security analysis, and as of Thursday, the site was up and running.