The Complex

Palantir Now Fighting Human Traffickers, Instead of the U.S. Army

The sharp-elbowed, ultra-connected data mining firm Palantir may be best known around Washington these days for its war with Army over its intelligence software. But the company is also making inroads in Foggy Bottom, where it's using its terror-hunting tech to help State Department fight human traffickers. And it's getting assists from unlikely allies like Google and LexisNexis.

Since 2012, Foggy Bottom's National Human Trafficking Resource Training Center and the Polaris Project, an NGO that fights human trafficking, have been using Palantir's software to analyze data they collect from victims and tipsters.

They use Palantir's software to identify patterns in information about traffickers and victims that are gathered by anti-trafficking hotlines around the globe. Basically, Palantir lets Polaris take information other anti-trafficking groups receive and put it into one large database -- making it easier to connect cases of trafficking, map trends, and create plans to combat trafficking operations in a specific area.

All of this gives non-technical people a "view of the world as discrete objects, relationships and their describing data," according to the firm's website.

Palantir isn't the only tech firm that's working with State and the Polaris Project to fight human trafficking. Google provided Polaris and similar NGOs -- Liberty Asia and La Strada International -- with $3 million to tie their hotlines together so they could use Palantir's computing power to "identify illicit patterns and provide victims with more effective support," according to a State Department announcement about its 2013 report on human trafficking, which was released today.

LexisNexis also developed a tool allowing these organizations to quickly mine news articles from 6,000 worldwide sources for information on human trafficking.

As for the company's fight with the Army, Plantir was used some troops in Afghanistan instead of the service's existing tool designed to do similar things, the Distributed Common Ground System Army (DCGS-A; pronounced dee-sigs a, seriously).

When glowing reports of Palantir's system began popping up in the Army, the backers of DCGS-A brought out the knives, even accusing the general who wanted Palantir sent to Afghanistan as having the firm ghost write his request to the Pentagon for the software. They also accused Palantir lobbyists of getting lawmakers to include cash for the software in wartime funding packages. Other Army documents knocking DCGS and insisting that Palantir should be used in Afghanistan were ordered destroyed and replaced with nearly identical documents save for the fact they don't recommend Palantir.

This fight was behind Gen. Ray Odierno's famous smackdown of Rep. Duncan Hunter during a House hearing earlier this year after the Congressman said the service was ignoring soldier complaints about DCGS. Army Secretary John McHugh said after the exchange that the service has purchased Palantir's software and is integrating it into DCGS.

Despite Palantir's reputation for providing spies with the tools they need to see everything - and clawing out the eyes of any bureaucrat that tries to stop 'em -- it looks like this is a case where Palantir's software is being used for something unmistakably good. Of course, that makes for good headlines, which can lead to more government contracts.

Getty Images

National Security

Chinese Cyberspies Use PRISM (and Petraeus) As Bait

Cyberspies have wasted no time exploiting the release of secret document about the National Security Agency's digital surveillance methods. Just this week, a new spearphishing campaign that tries to lure its victims by sending a malware-laden email that claims to have information on PRISM, the NSA's famous program that collects information on people's Internet activities.

The best part about this email? It's designed to look like it's from Jill Kelley, the woman who played a role in revealing David Petraeus' affair with Paula Broadwell.

The email itself contains a malicious Microsoft Word document, titled Monitored List 1.doc that attempts to infect victims' machines with malware that matches that used by the Chinese hacker crew known as Red Star APT, according to Brandon Dixon, who first discovered the attack.

(Red Star APT is the team that cybersecurity firm Kaspersky Lab revealed as being behind the NetTraveler attacks that we wrote about earlier this month.)

Red Star is believed by Kaspersky to be a state-backed hacking team similar to Unit 61398 of the PLA, better known as APT1, the alleged Chinese-government hacker crew whose exploits were revealed by cybersecurity firm Mandiant in February. APT1 was found by Mandiant to be stealing "hundreds of terabytes of data" from businesses around the world whose secrets the Chinese government had a strong interest in obtaining.

"The industries APT1 targets match industries that China has identified as strategic to their growth, including four of the seven strategic emerging industries that China identified in its 12th Five Year Plan," reads Mandiant's report on APT1.

The only known victim of this attack (so far) belongs to the Regional Tibet Youth Conference -- an organization the Chinese government likely has a strong interest in keeping tabs on -- another fact that makes security researchers like Dixon and the staff at Kaspersky Lab think that the Red Star APT crew are behind the attack. 

The latest email is full of terribly-written English text about the Edward Snowden affair, making it seem like this particular attack was designed by one of the newer recruits to Red Star or whichever organization is behind the attack.

"Omnipotent CIA agent, was a sudden, the CIA wanted his club hunt, Spy Game Hollywood blockbuster this week staged in reality true," reads the email's first sentence.

Dixon notes that if this is Red Star -- he hasn't yet been able to find the IP address or command and control server behind the email --, they don't seem too concerned about the fact that everyone knows what they're up to.

"It's funny to note that these actors are keeping up with their same techniques and infrastructure [not all of it] despite being 100% outed," he writes in his analysis of the email. "Again, this sort of behavior shows poor operational security or a complete lack of care."

"The NetTraveler attackers have been going strong since the early 2007-2008?s and I doubt they will be stopping anytime soon," he noted.

The publication of Mandiant's report earlier this year combined with recent news about the NSA's vast overseas Internet spying operations (though neither of these were necessarily news to anyone paying attention), we might just be entering a new era in cyber conflict, where instead of operating in the shadows, state actors rifle through the world's secrets in plain view.

Wikimedia Commons