Anonymous Releases 400 MB of FBI Contractor Data

An anonymous reader writes "Anonymous, as they have claimed they would, finally released 400 megabytes of files (NSFW language) allegedly stolen from ManTech, a cyber security firm contracted by the FBI. Anonymous stated, 'The FBI is outsourcing cybersecurity to the tune of nearly $100 million to a Washington-area managed services company. The deal shows a willingness in the federal government to place IT services more and more in the hands of third parties as agencies don't have enough staff on hand to do the job.'"

No surprise

[History's Coming To]

Well that's embarrassing. Not entirely surprising, and not a big deal to be honest, but yet again we have it demonstrated that short of being physically disconnected from the internet and placed in a lead lined box there's no such thing as 100% security. If you want secure, don't put it on a computer and certainly don't plug the computer into the interwebs.

(Disclaimer: No, that's still not 100% secure.)

Re:

[Pieroxy]

The problem is that putting stuff in the hands of third parties is in my view the equivalent of saying "I don't care about it." The problem with that is that IT is at the heart of everything now. If you don't care about it, that's a problem. A big one.

Of course, that's not just true for government.

Re:

[Anonymous Coward]

Instead of an unaccountable law-enforcement agency, it's an unaccountable contractor. Not much difference for most citizens.

Re:

[Thad Zurich]

"3. Management Security Policy [...] c. System and Services Acquisition. In accordance with DOJ IT Security Standard – System and Services Acquisition (SA) Control Family, Components shall: [...] (6) Ensure third-party providers are contractually required to comply with this policy to employ adequate security measures to protect information, applications and/or services outsourced from the Department." [http://www.justice.gov/jmd/publications/doj2640-2f.pdf] I've got a banana peel that says the ManTe

Which gets back to the core problem.

[khasim]

They're outsourcing the IT department ... which leaves them with no one in-house capable of verifying that the outsourcing service is competent or even following data-security processes.

Re:No surprise

[Anonymous Coward]

But...but it's a contractor. They always know more about, well, EVERYTHING than dumb, stupid government employees who just sit around on my dime and do nothing productive. I'll bet contractors even use THE CLOUD and other really secure mysterious high-tech stuff like that which government people, who might even (gasp!) belong to a union have no clue about. That's what Fox News tells me, anyway.

Re:

[Truekaiser]

Thank you i needed that laugh this morning.

Re:

[pixelpusher220]

Original? nope, Fox does lots of things like this.

However, it is completely accurate...

Re:

[Trepidity]

That's true, but I don't think this case even rises to that level. This seems more like typical "inept IT contractor". While it's not really possible to have 100% security while your box is connected to the internet, it is possible to at least have better security than is the norm in IT contracting (and yes, that includes "cybersecurity" contracting).

Re:

[Anonymous Coward]

Embarrassing? Depends on who's embarrassed. Certainly not the government. It's devolved into a bunch of ladder climbers just like the corporate world. Your boss just wants a shiny red button that says "You're Fired" when you don't fill in all the technological blanks for their personal agenda. Outsourcing is already several steps into that abyss of losing any sort of control.

As IT centers grow, they become geometrically more complex and expensive to maintain. What do you think the gubbermint will sacr

We have these already, and they have a function

[Kagura]

"a cyber security firm contracted by the FBI. . . . more and more in the hands of third parties as agencies don't have enough staff on hand to do the job."

No crap, you idiots. They're called contractors!

Re:

[jonpublic]

contractors that are probably charging $300 an hour too.

Re:

[Wiarumas]

Yes, but that $300/hour is cheaper than hiring a government employee. The government will just hire someone unqualified because they pay 2/3s of what private industry pays, but they make up for it with benefits and job security... early retirement, 3 weeks off a year, pension, etc. So instead of paying $300/hour and getting someone half decent, you get someone who might be decent for a decade before they go obsolete and you are stuck with them until retirement. The article makes the contractors sound bad

Re:

[hedwards]

Do you have any actual evidence of that? Or are you just repeating GOP talking points. The reason I ask is that everything I've read suggests that working in the public sector typically pays significantly less than what the private sector would offer.

Re:

[anegg]

Government used to pay less than private industry... now it pays about the same, but with better benefits and job security, at least in the Washington, DC area. That started back when the government said they had to raise salaries in order to "remain competitive" with private industry. They raised the salaries, but kept the excellent benefits and the government union derived job lock-ins. The whole scene is a real mess. A shell of government employees filled with large amounts of creamy contractor filli

Re:

[CodeBuster]

Government used to pay less than private industry... now it pays about the same, but with better benefits and job security

Here in California, government jobs not only pay better but have superior benefits; rivaling even the US Government. For example, there are at least several hundred pensioners, retired from state employment, here in California that collect more the $250,000 per year in pension benefits, not including health care which further increases the value of the pension, and pensions of $100,000 and up are not at all uncommon. The vaunted job security has been on the decline in recent years, in tandem with California

Re:

[pixelpusher220]

You know why most of the gov't positions have pretty good benefits and other protections? Because the gov't uses them as political pawns.

You know how we're currently paying our bills? By raiding the pensions of retired federal workers. linky [washingtonpost.com]

Seriously, what would you do if your employer raided your 401k to pay it's bills? Moreover what would you do in negotiating your compensation next time you were up for it? You'd demand serious benefits and pay to cover the fact that your employer is stealing

Re:

[CodeBuster]

Seriously, what would you do if your employer raided your 401k to pay it's bills?

Well, first off they can't because I own the account. Pensions are not always set up as legally separate trusts and so become vulnerable to broken promises. However, pensions also promise relatively high rates of return for what people once perceived (incorrectly) to be essentially zero risk. In a 401k or any other real investment the value goes up and down depending upon the actual or likely future value of the assets contained within it. My point is this: there's risk in any investment, even a "safe" pens

Re:

[pixelpusher220]

Well, first off they can't because I own the account.

Whoosh. Yes you do own your 401k, feds don't. Which is my entire point. They are pawns in ways you can't be, so yes they do have added protections and benefits because of that.

You don't seem to understand a 'pension'. The risk is assumed by the *employer*, not the employee. I work for you 20/30 years at lower than normal salary in return you give me a retirement program. Pensions don't offer great returns, it's pretty low, much like Social Security returns are low. It's meant and designed to be

Re:

[CodeBuster]

You don't seem to understand a 'pension'. The risk is assumed by the *employer*, not the employee

Except that they don't really assume much risk because pension promises are regularly burned in bankruptcy court during Chapter 11 restructurings. The airlines have done it on multiple occasions, United comes to mind, and of course the automakers did it (except that the UAW managed to pin that one on the taxpayers with the bailout). Smart lawyers and private equity buyout groups have turned pension promises, which are rare outside government agencies now in the US anyway, into speed bumps which they drive o

Re:

[thermopile]

Well said.

The only other comment I would make is that the government has made a stark change away from hard, technically inclined people to "soft," general-management types ... and by so doing, has lots its ability to properly manage the projects it seeks to execute.

Stories like yours above, where the DoD was paying 4x your salary for the services of one, are examples of where some government PM didn't know better. I suppose it's also possible that you were working on some super-classified system, fo

Re:

[Wiarumas]

You must have misread. I said that the government pays less than the private sector (about 2/3rds of what you can get in the private sector). The difference is that you pay $300 for specialized labor for the duration of the project or system (let's day 2-10 years then you end the project) versus hiring an employee until retirement (2/3rds the pay but for 40 years, plus pension and benefits). So contractors are expensive, but specialized and disposable making them cheaper.

Re:

[guruevi]

Trust me, those contracting agencies will just hire the same person the company (or Fed) would've hired. The only benefit is that management can now claim the contractor did it and wash their hands of any blame. The contractor (or at worst, the contracting company) gets fired and another one gets hired with the same or even less qualifications, rinse and repeat.

The only things it does circumvent is unionization (which is the biggest problem in other departments among large companies and government). That's

Re:

[Ryanrule]

yeah, ive worked for one. the people doing the work are salary, get 30-40k. some exec get a fat bonus. probably friends with some appropriations asshole in the fbi.

Re:

[elucido]

contractors that are probably charging $300 an hour too.

Contractors are hired to save money for the US government. No healthcare. No benefits. The contractor has to buy these themselves.

There are pro's and con's to being a contractor and the lack of benefits is one of the cons. The pro is you wont have to answer to a boss and you wont be micromanaged.

Re:

[pixelpusher220]

The pro is you wont have to answer to a boss and you wont be micromanaged.

Well assuming you can find a goverment contract who will hire just 'you'. Most contracts are large enough they aren't going to a single person, they are going to a company. That company might sub-contract out some of the work to a smaller company who might do the same thing to hire 'you'.

Instead of one layer of gov't mgmt, you now have the same gov't mgmt plus 2-3 layers of corporate mgmt. It ain't so 'cheap', nor are you ever likely to work without a boss and micromanagement.

Default

[kc9jud]

I'm pretty sure that the government shutting down on Tuesday isn't going to help this at all. :P

Re:Default

[KiloByte]

To the contrary. Nothing in this data is really interesting, except for the fact that the FBI is paying mountains of taxpayers' money to their friends for basically nothing. What AnonSec proved here (yet again) is that these "security contractors" have nothing to do with security.

Re:

[ShakaUVM]

>>Nothing in this data is really interesting

Really? I found it quite interesting that a company called "Man Tech, Inc." can get millions in government funding.

Re:

[impaledsunset]

Not only does it prove that the security contractor didn't provide any security, the leaked data also seems to suggest the same. From the comments at TPB: "hey, I was just looking at file 23223140 003.pdf and it looks like someone is getting WAY over billed on the materials. is it just me or are they charging $500 for a $30 wrench?"

Re:

[rbrausse]

I don't know, one of the commenters at piratebay wrote "Wow, what a worthless bunch of crap...pictures, purchase orders, resumes, rosters, inventories. *Yawn*."

probably boring for the sensationalistic bay-crowd but not "nothing" in the sense of "unimportant".

But they're Cyber Contractors!

[todrules]

But they used the word cyber on their website 3 times describing their mission! They must be good!

Mission and Cyber Support

We tackle some of the most challenging cyber security problems facing our nation, including identifying and neutralizing external cyber attacks, managing security operations centers (SOCs), developing robust insider threat detection programs, and creating enterprise vulnerability management programs.

Re:

[mmcuh]

Ironically, the word "cybernetic", the original use of the cyber- prefix in English, comes from the Greek ÎÏ...ÎÎÏνÎÏÎÎÏOEÏ (kybernetikos) meaning "skilled in governing".

Re:

[mmcuh]

That was meant to be greek letters. Stupid Slashdot doesn't appear to handle UTF-8 input.

Re:

[FreakyGreenLeaky]

speak ascii or die.

utf8 shmutf8 ;)

Re:

[Samantha Wright]

Technically we have Latin-1, you just need to use the æntities—correctly.

Re:

[Anonymous Coward]

I'd love to link to XKCD here, but I can be more original than that. Guess what? Women don't want to be reminded that they are a woman EVERY FUCKING TIME they post something on a tech forum. You are not being funny, you are not being insightful, you are not making women feel any more welcome. So chill, sparky.

Re:

[Samantha Wright]

I probably shouldn't tell you about Vi Hart's math doodles [vihart.com], then.

Re:

[rbrausse]

not only Cyber but they use in the Excel sheets Comic Sans as default font.

They are so professional!

Re:

[Iamthecheese]

I think it's safe to say font choice is the single least important aspect of their proven unprofessionalism.

Re:

[Larryish]

The new firm will be called WomanTech.

Every 28 days they will do an intensive audit of everyone else.

i would download it, but...

[FudRucker]

i wont want a knock on my door, or have it kicked in by a government goon squad, i will wait until someone else downloads sorts through it for all the best parts and read about it on some conspiracy nut's website :)

Re:

[Anonymous Coward]

I'm not a lawyer (I feel compelled to point this out, even though only an idiot would assume I am one without me saying so), but here is what I've learned from other leaks of US government documents in the last few years:

Downloading it is not illegal, the document has now been released to the public. The public has no obligation to protect the secrecy of documents. 'Classified' simply means, if your job gives you permission to access the document, you can't leak it. That's why Bradley Manning is in trouble:

Some things to consider...

[Jawnn]

• Honey pots
• Disinformation
• False flag

This whole thing reeks of these types of charades.

Re:

[Jawnn]

Perhaps, but I can think of at least a couple of reasons why one do that very thing. Keep in mind that "the public trust" is not always the highest priority.

Lowering Tax

[MM-tng]

So you don't hire enough people to do the job. This to save money. Then you realize, you need some help. You hire a contractor to do the job for 4 times the money. I don't get it. If you don't work with consultants the smart people who like a challenge realize. Hay if I want to do the cool stuff, I need to be in government.

Re:

[kenh]

The cost of an employee is not 1/4th the cost of a contractor - comparing paycheck to paycheck is misleading.

A government employee has salary cost (the number on the pay check) as well as employer side taxes & fees, healthcare benefits, and retirement benefits (pension), all of which are owed & paid, but are not reflected on a paycheck. Contractors have all those expenses included in the number on their hourly rate.

And don't forget, it is infinitely easier to fire contractor as needs/workloads chang

Will this lead me to...

[kenh]

Neil Caffery, the White Collar crimes consultant that works with the FBI?

send in mulder and scully

[Joe_Dragon]

and then you can find out the real FBI is like.

Re:

[TheLink]

I don't know about the rest of you but if I'm going to waste my life, reading Slashdot and surfing the rest of the Internet is still better than counting ceiling tiles...

So how much more is he being paid? If it's a million dollars a year, I'd skip slashdot and do that job for a year or maybe two :).

ManTech's Friend

[poena.dare]

Apparently ManTech and HBGary work together ( http://publicintelligence.net/hbgary-mantech-internet-and-social-media-reconnaissance-presentation/ [publicintelligence.net] ), so this could be more fallout from the HBGary/Aaron Barr/Anonymous story.

WHICH, as a matter of fact, I just wrote a small journal article about (sorry to shill, but I really think it's relevant!) http://slashdot.org/journal/269108/Aaron-Barr-amp-The-Jester [slashdot.org]

One day the complete Anonymous story is going to make a great book and several bad movies.

Re:

[poena.dare]

Hey Richard Armitage is on the board of directors!

http://www.mantech.com/about/board.asp [mantech.com]

We haven't seen that ol' spookette in a while.

significance?

[pinkeen]

Since when we measure significance of a breach by the raw amount of data?

What could go wrong?

[HangingChad]

Faceless corporations with nothing in the way of accountability and very little oversight with the keys to the FBI and other government data systems. I don't see how anything could go wrong with that arrangement.

Why pay attention to that when you have those darn teacher's unions trying to live high off the taxpayer hog?

the most pathetic part

[sixsixtysix]

is that the fbi has to contract out for this. all government agencies should be completely self-sufficient. none of these third party money grabs. this is where most of the government waste lies. all those industries jockeying for a piece of the pie while demonizing the poor and disheveled. this is the real problem. no one should profit of the government.

Re:

[inglorion_on_the_net]

no one should profit of the government.

I rather think everybody, or at least most people, should profit from the government. Otherwise, what would be the point? But I think we are trying to say the same thing in different ways: when government money is stuffed in pockets and no service of at least equivalent value is performed, almost everybody loses, and that's a Bad Thing.

Re:

[sixsixtysix]

i agree, if you mean we should all benefit from government services, but nothing publicly subsidized should be privately profitable. if industries need the money so badly, perhaps the government should just buy-in and reap the rewards. for certain areas, like the military-industrial complex, i'd even let the government go all eminent domain. if we got rid of most of the ways that the government can funnel tax money into private industry, i'd imagine there'd be less backroom deals and greasy handshakes, whic

Over a decade in the making

[BenEnglishAtHome]

Start with the "Re-Inventing Government" initiative under Gore during the Clinton administration, where some idiot decided that government should be run "more like a business." (Protip - Anytime someone says "Government should be run more like a business" you've just received perfect proof they're an idiot. Govt and business aren't the same and cannot/should not be run the same way.)

Add 8 years of "We hate government. We hate government workers. Government is incompetent at everything it does and, by the way, too-often prevents us from funneling contracts to the big-money corps that help us get elected." under the Bush administration.

Stir in the fact that IT is in the middle of everything nowadays.

Bake a while and what do you get? Everything being outsourced, even to people who have no idea what they're doing and don't give two shits about the concept of "public service."

A couple of months ago, I retired from a once-wonderful IT position with a major U.S. three-letter-agency. I just couldn't stand the whole "Do more with less. Don't worry about all the new, critical changes; they'll be admin'd by contractors, anyway. Bump the efficiency metrics; forget about actually keeping the field guys functioning."

For the first 20 years I was there, we were allowed to do good work, help officers and agents do their jobs, and serve the public. Over the last 10 years, that whole notion of public service got lost in an orgy of fiefdom creation and repayment of favors.

U.S. govt IT is going to hell. It's happening slowly but, I fear, inexorably.

I agree...

[novar21]

If I had mod points, I would give +1 insightful. From a slightly different perspective, I work in IT for a State Government. The Feds and the States are very similar, except that they are reducing compensation at the State level. So recent graduates are not even looking for employment with the State. It is so bad now that we have permanent job postings for IT positions. But the benefits and pay are no where near private sector. They have to have contractors now that so many have retired. The contract

Not specifying "govvies" == meaningless drivel

[BenEnglishAtHome]

...govvies get a lifetime pension and healthcare for life after retirement at the expense of the taxpayer.

No. You obviously don't know how these things work. You're not distinguishing "govvies" by what level of government at which they worked, meaning any comment you make will be demonstrably wrong for a large percentage of the "govvies" at question.

Specifically, I'm a fed retiree. The screwed-up retirement setups are found at the state, county, and city level. The fed fixed their problems during the

NO

[novar21]

- NO. State Employees get a 401K. There is no pension or healthcare. It has been proven over and over, that contracting in this state costs more.

Re:

[gl4ss]

Fake efficiency.

that's the scourge of modern way business way of handling things. as things are just bits and bytes, it's easy to lie about the efficiency without anyone noticing and starting to bitch, as the metrics can be chosen and created accordingly, showing advancement even when nothing is being actually done. when holding meetings become checkpoints on the project instead of working pieces solutions. multiple sourcing does nothing to help it, then just that someone thinks for 6 months which company m

Re:

[Anonymous Coward]

Yeah, that's why the people who rant about "Big Government" and that there should be less Government, are barking up the wrong tree.

It's quality not quantity that matters.

You could just have the president and everything outsourced and things could still be bad. Or even worse, since the contractor's contractor's contractors might not even pretend to follow inconvenient stuff like FOIA.

Trouble is the lack of good people at the top. You need to elect better people and convince the good people to run for electi

Learn some history, please

[BenEnglishAtHome]

No. I'm a very old-timer, one of the few remaining covered under the old Civil Service Retirement System. 100% of my pension is funded by participant contributions.

Additionally, I will never receive Social Security retirement benefits nor will I get govt-subsidized medical care, though my private group insurance payouts will be limited to Medicare rates, thus making me a far less attractive customer to healthcare providers once I get old.

People who think U.S. govt retirees are a budget problem or parasite

This all started with Reagan

[mbone]

While it is certainly true that the US Government has used contractors for a long time, this pernicious reliance on contractors (to the point where many US government agencies have basically no in-house expertise on mission-critical elements of their functioning) started with Ronald Reagan. Remember that he started out with a massive RIF (Reduction in Force), which was followed with (civil service) hiring freezes. If you can't hire permanent employees, and you are tasked with doing more, you have to engage

oh the irony

[Sebastopol]

It is kinda funny how people claim the government is too stupid to get things right (i.e., post office, DMV, roads), but then bitch at them when they try to contract out. Granted, they could do a much better job vetting the contracts, but government is always in a lose-lose.

Re:

[TheLink]

Coz the voters are the stupid ones. Most voters don't realize that ultimately they are part of government.

If the reasoning that less government is always better, than it should also apply to voters: e.g. Fewer voters = better.

But that's not true right? Quality matters more than quantity.

Great 100M

[Osgeld]

For these asswipes to install norton and upgrade to IE8 on some dell contract pc that will be thrown away next year

I'm sure this is shock news if ...

[Viol8]

... you're some basement dwelling teenage virgin whose "friends" are other similar losers that he's never met IRL. Which , lets face it, is the demographic that makes up the self righteous bunch of script kiddies that call themselves anonymous, lulzsec or whatever self agrandising name they've thought up this week.

For your average tax paying adult the fact that government contracts out services is neither news nor shocking. Next...

Re:

[ranpel]

While I think I understand what you're driving at I'm not quite sure I understand your oversimplification of these events. That and your assignment of a generalized 90's adventure grouping of script kiddies is slightly off the mark. Either you're attempting to suppress your inner child and failing, could truly care less, are quite happy with the nonsense of forced consumer news issue number one that is the debt limit, are a self righteous basement virgin your damn self or you're a perfectly content citiz

Re:

[Can't find a usrname]

Blame the government, blame the corporations, blame everyone but yourselves.

Ultimately (barring voting fraud) the government you got is the one you have chosen. Corporations can step over your rights in pursuit of profit because the government you elect to regulate them is too incompetence and too corrupt to put a stop to it.

In the end, voter apathy is the root cause. Democracy requires people to active take part in the running of the country.

You think the Tea Party Jesus Freaks are nuts and voting against

Re:

[ranpel]

I would find it difficult to disagree with much of anything you've said. Your starred bits are kinda poinky though.. If the government can hack, lie, cheat and steal... well.. blah blah - gander, goose, feathers whatever. The general population? You're joking right? Hell, anything that can get the general population in motion, for better or worse and I'm interested - however the "branding" does not come from the general population. A not insignificant segment of general populations believe their own g

Re:

[Viol8]

I'm sorry , but to all of what you posted - yeah and what?

Christ you must be naive if you think any of this is news sonny.

Re:

[ranpel]

"Christ you must be naive if you think any of this is news sonny."

Yeah? Well... Well...!! I'm rubber and your glue, bounces off me and sticks on you!

Contracting government functions has to stop!

[Vitriol+Angst]

First, the "small government" acolytes, starve regulatory agencies -- and the funding for this, comes from companies that Don't want regulation.

Then the "big government agency" downsizes, because it cannot afford to keep people on staff.

For some reason, the Contracting Agency, gets paid about 10 times per employee that we paid for each "big government" worker. You know, like the Mercenaries in Iraq who got $100,000 PLUS to do KP duty and make food for the soldiers.

Eventually, the lack of oversight, means th

Let The Chinese Now Begin...

[littlewink]

to collect information on each and every contractor who deals with the FBI. They'll own the FBI within a year. What an utter clusterf***.

Pfft - nothing to see here

[blahblahwoofwoof]

Nothing of any import in this loadout. Anonymous may have begin righteously, but they're devolving into rancid anklebitery as we watch.

The only sounds I hear are their death gurgles. Too bad - they could have been so much more. Not the first cadre to burn brightly and carbonize themselves. Not the last, either.