Monday, September 27, 2021

Epic hack of Epik website-hosting firm provides roughly 10 years of data about the rise of right-wing extremism that led to January 6 attack on U.S. Capitol

(Associated Press)
 

The story of perhaps the most important data breach in U.S. history has erupted over roughly the past two weeks. The tale is in its infancy, so it's too early to say in what direction it might head. But it clearly could provide revelations about Alabama's toxic political and legal culture -- mainly because Montgomery-connected extremist Ali (Akbar) Alexander appears to be a central character. Here are at least three questions the breach could help answer:

(1) Who was behind the Jan. 6 assault on the U.S. Capitol by apparent supporters of outgoing President Donald Trump?

(2) Who is behind right-wing corruption in Alabama, and beyond, and what forms does it take?

(3) How did one of our two major political parties turn into a haven for those wracked by disinformation, race-based fears and hatred, and disrespect for the rule of law -- becoming essentially a cult of personality, with few (if any) defining governing principles beyond maintaining power, at all costs?  

What is the gist of the story? Here is an explainer from CNN

The hacking collective Anonymous last week claimed to have stolen and leaked reams of data held by Epik, a website hosting firm popular with far-right organizations like the Proud Boys.

The more than 150 gigabytes of data swept up in the breach shine a light on years of online activities from far-right groups, including those who tried to overturn the 2020 presidential election. While researchers are still sifting through the data, Epik has historically provided web hosting services to an array of conspiracy theorists, and for conservative media networks like Parler and Gab. 
The breach also undercuts Epik's pledge to customers that it can safeguard their anonymity, no matter what dangerous conspiracy theories they spread online. For that reason, experts told CNN the hack could have repercussions for how far-right groups organize and try to protect themselves online.

"A breach like this will force some of these actors to find security providers outside of North America to possibly step up their security game," Gabriella Coleman, a professor of anthropology at Harvard University, told CNN. Coleman said the data dump "confirmed a lot of the details of the far-right ecosystem."

Emily Crose, a cybersecurity analyst who studies online extremism, said the breach "will be another factor causing paranoia among far-right communities online." Crose said those groups already feel like they're under surveillance, given their violent attempts to overturn the 2020 presidential election

Emma Best, co-founder of Distributed Denial of Secrets, a non-profit that itself has published hacktivist data, said researchers could be poring over the Epik leaks for months for clues into how different people and far-right organizations are linked.
 

How epic was the Epik hack? Reports CNN:

In a statement to CNN on Tuesday night, Epik said the information that Anonymous released included data on 15 million people that was already public.
 
Epik has been a trusted resource for many years and our highest priority will always be security and privacy," the firm said.

A report at The Wasington Post/Seattle Times provides insight on the scope of the hack, calling it "huge":

Extremism researchers and political opponents have treated the leak as a Rosetta Stone to the far right, helping them to decode who has been doing what with whom over several years. Initial revelations have spilled out steadily across Twitter since news of the hack broke last week, often under the hashtag #epikfail, but those studying the material say they will need months and perhaps years to dig through all of it.

“It’s massive. It may be the biggest domain-style leak I’ve seen and, as an extremism researcher, it’s certainly the most interesting,” said Megan Squire, a computer science professor at Elon University who studies right-wing extremism. “It’s an embarrassment of riches — stress on the embarrassment.”

Epik, based in the Seattle suburb of Sammamish, has made its name in the internet world by providing critical web services to sites that have run afoul of other companies’ policies against hate speech, misinformation and advocating violence. Its client list is a roll-call of sites known for permitting extreme posts and that have been rejected by other companies for their failure to moderate what their users post.

Online records show those sites have included 8chan, which was dropped by its providers after hosting the manifesto of a gunman who killed 51 Muslims in Christchurch, New Zealand, in 2019; Gab, which was dropped for hosting the anti-Semitic rants of a gunman who killed 11 in a Pittsburgh synagogue in 2018; and Parler, which was dropped by Amazon Web Services due to lax moderation related to the Jan. 6 Capitol attack.

Epik also provides services to a network of sites devoted to extremist QAnon conspiracy theories. Epik briefly hosted the neo-Nazi site Daily Stormer in 2019 after acquiring a cybersecurity company that had provided it with hosting services, but Epik soon canceled that contract, according to news reports. Epik also stopped supporting 8chan after a short period of time, the company has said.

The hack produced roughly 10 years' worth of data about the far right, according to a report at Business Insider.

Epik oficials have said they take data security seriously, but that claim now appears to have been mostly window dressing. From the WaPo/Seattle Times article: 

Since the hack, Epik’s security protocols have been the target of ridicule among researchers, who’ve marveled at the site’s apparent failure to take basic security precautions such as routine encryption that could have protected data about its customers from becoming public.

The files include years of website purchase records, internal company emails and customer account credentials revealing who administers some of the biggest far-right websites. The data includes client names, home addresses, email addresses, phone numbers and passwords left in plain, readable text. The hack even exposed the personal records from Anonymize, a privacy service Epik offered to customers wanting to conceal their identity.

Similar failings by other hacked companies have drawn scrutiny from the Federal Trade Commission, which has probed companies such as dating site Ashley Madison for failing to protect their customers’ private data from hackers. FTC investigations have resulted in settlements imposing financial penalties and more rigorous privacy standards.

Where does Ali Alexander, with his Montgomery-based attorney Baron Coleman, fit into this picture? We will have more on that in an upcoming post. 

(To be continued)

12 comments:

Anonymous said...

It's going to take a long time to sift through that much data and find out what is in there.

Anonymous said...

I wonder if law enforcement will try to make use of this, especially re: Jan. 6.

legalschnauzer said...

Good question. the data essentially is stolen, so I'm not sure if law enforcement can use that -- not sure if a court would allow its use as evidence.

Anonymous said...

This data goes back about 10 years? Interesting.

legalschnauzer said...

Yes, and that could encompass a lot of activity, long before Trump took office.

legalschnauzer said...

This is one of many intriguing segments from The Washington Post article:

Extremism researchers and political opponents have treated the leak as a Rosetta Stone to the far right, helping them to decode who has been doing what with whom over several years. Initial revelations have spilled out steadily across Twitter since news of the hack broke last week, often under the hashtag #epikfail, but those studying the material say they will need months and perhaps years to dig through all of it.

“It’s massive. It may be the biggest domain-style leak I’ve seen and, as an extremism researcher, it’s certainly the most interesting,” said Megan Squire, a computer science professor at Elon University who studies right-wing extremism. “It’s an embarrassment of riches — stress on the embarrassment.”

legalschnauzer said...

Florida man fired from his real estate job after hack reveals his holocaust views:

Florida real estate brokerage Travers Miran Realty has fired real estate agent Joshua Alayon after he was swept up in a hack that revealed alleged attempts to register domain names such as theholocaustisfake.com and whitesencyclopedia.com.

Last week, Epik, a domain registrar known for hosting far-right groups, was hit by “hacktivist collective” Anonymous, who proceeded to leak 180 gigabytes of previously private data — including user names, passwords, 15 million email addresses, and other identifying information of Epik’s customers as well as others, according to several news outlets.


https://www.inman.com/2021/09/22/agent-swept-up-in-hack-canned-from-brokerage-for-holocaust-views/

legalschnauzer said...

Via Mikael Thalen at Twitter:

A Canadian government-owned pipeline & energy company says it’s investigating data from the Epik hack that ties one of its consultants to the Proud Boys, which is listed as a terrorist organization in the country.

legalschnauzer said...

Per Tristan Snell at Twitter:

The #EpikFail hack is also a gold mine for prosecutors of January 6 suspects. All the truth will soon come out.

legalschnauzer said...

How big is this data hack. Dan Ehrlich provides an idea, via Twitter:

1/ - Going to be putting all of my #EpikFail analysis / findings here in this thread. First finding, there are 507,417,887 rows of data across 458 database tables. You can see this metadata and more here!

https://docs.google.com/spreadsheets/d/1hNdR2-rgHryrzbbF-1s8aXOnTrbXz5vEe5EBhjKOTsI/edit?usp=sharing @rocco_castoro

legalschnauzer said...

Headline from Esquire: 'The Panama Papers of Hate Groups' Sounds Like a Story


Text: There are some serious questions concerning what use the mainstream press should make of all this data, given its provenance. A real-estate agent in Florida already lost his job when his online activity, which included trying to register several domain names apparently connected to Holocaust denialism, was made public. It’s a one-stop shop. It’s an open window into one of the most serious threats to the stability of the republic since South Carolinians got annoyed with the folks inside Fort Sumter. Given the cross-pollination between the militant right and the anti-vaccination community, you can even argue that there is a public-health aspect to the leak. You can say what you will about how we know what we know, but you cannot say that it’s not a story. More, I am sure, to follow.

legalschnauzer said...

Tweet from Anonymous suggests it's not hard to go through the data, although there is lot of it . . .

Anonymous
@YourAnonNews
Also, go to town on the leak with some 'grep -r -i "HILARIOUSFAILTERM" . > CursedData.txt' fun. You'll be quite surprised what you find. Yes, it's really that easy. #Ep
ikFail