Jack the Dripper & Zelensky the Ripper: Enterprise-IT-as-a-Service & Digital Mercenaries
Imagine a little child with cake all over their face saying “I didn’t eat it.” Today grown adults seem to think they can surf around the internet and no one but themselves will know about it. Those who are sophisticated enough to troll around the dark web are even surer that their online persona cannot be tracked back to their real-life identity. Nothing could be further from the truth. Our digital twins leave indelible footprints in the snow of the digital world. That’s what Jack the Dripper just discovered. You would think that someone who has worked on the inside of government as an IT specialist would know this. But perhaps one of the telling qualities of those who like lurking on the dark side is that they believe that the technical skills they need to operate on say 4Chan via Tor renders them untouchable. It does not. Instead, it seems increasingly clear that the preferred method for catching bad guys is to track them for long periods and once enough evidence is amassed, then swoop in. That’s what happened to young Jack Teixeira, the 21-year-old National Guardsman who was working as an IT specialist for the Air Force.
But, the story is much more complex. This is not about one leaker. It is about the outsourcing of military IT systems to private contractors, specifically to young people who are more preoccupied with building a striking online presence on the dark side than with upholding national Security. Jack the Dripper (named as such for dripping classified documents via Discord) is part of a new private army of recruits who are part of the military’s move into “Enterprise-IT-as-a-Service” or EITaaS. In 2022, the Air Force awarded $5.7B for EITaaS to “free up airmen for more specialized network defense tasks and mission assurance.” It makes sense. But it also means a whole bunch of young IT specialists have access to highly classified information at a time when the superpowers are edging into direct confrontation. CBS wrote, “Teixeira is an Airman 1st Class in the Guard's 102nd Intelligence Wing with an E-3 ranking, meaning he's had very little time in the military. Enlisting in 2019 as a cyber transport systems specialist, the Air Force lists minimum requirements for the job as a GED or high school diploma.” How many more are there? Many. The US and NATO militaries have been moving more and more activities off-balance sheet, outsourcing everything from IT to operations. Private contracting has been booming. These outsourced workers, like Jack The Dripper, can be thought of as digital IT mercenaries. They are guns for hire. Here’s the deeper problem: you can outsource IT but not military discipline or loyalty to the country. Both take time and energy to inculcate properly.
It's hard to inculcate national security ideals into hackers. This is partly because they are aware of all the vulnerabilities. They recognize their own power in a world where Congressmen reveal they have no idea how Facebook or Tik Tok work. Also, hackers have an elevated opinion of themselves for good reason. Rafael Moreu wrote the eponymous screenplay that turned hackers into cultural icons. He said of his film, Hackers, "In fact, to call hackers a counterculture makes it sound like they're a transitory thing; I think they're the next step in human evolution." They are icons and the guardians of a system of electronic power that even experts find hard to comprehend. So, they may work for an employer, but they also know how to destroy that employer and probably in a way that leaves few fingerprints. Jack the Dripper chose to exercise his bragging rights on Discord. Talk about a public venue! Had he been more discreet and gone out on the deep web instead of the dark web, he might never have been found out. Cybersixgill’ just released a new report built on data from 10 million posts on encrypted platforms. It defines these in the following ways:
· Clear web: Any site that is accessible via a regular browser and not needing special encryption to access (e.g., CNN.com, ESPN.com, WhiteHouse.gov).
· Deep web: Sites that are unindexed by search engines, or sites that are gated and have restricted access.
· Dark web: Sites that are only accessible using encrypted tunneling protocols such as Tor (the onion router browser), ZeroNet and I2P.
It says, “Telegram is the most popular messaging platform for threat actors. Others include:
· Discord is a messaging platform favored by gamers.
· ICQ was first introduced in the 1990s and purchased by a Russian company in 2010.
· QQ is a popular communication platform in China.
· Wickr is a New York-based unit of Amazon Web Services.
· Signal is a free and open source, encrypted service.
· Tox is also a FOSS, peer-to-peer system.”
My bet is a whole lot of business leaders have never heard of any of these but their IT team knows how to operate them all. Heck, many major business leaders I talk to haven’t yet heard of substack!
It may turn out to be a case of seduction as well. Was there an effort by foreign nationals to draw out young contractors who are working with sensitive materials but not deeply indoctrinated or committed to the organization they are working for? The efforts by Russia and China to infiltrate the tech sector are, in my view, hugely underestimated. Add to this the fact that surveillance-for-hire is now an industry. Google’s Threat Analysis Group says they found that spyware vendors targeting Android devices with zero-day exploits.” Wired wrote, “Now the FBI, the US Department of State, and the US Treasury have warned that thousands of North Korea’s IT workers—including app and software developers—have been freelancing at businesses around the world and sending money home. Many of them are based in China or Russia, the officials say. The risks of hiring North Korean workers range from “theft of intellectual property, data, and funds to reputational harm and legal consequences, including sanctions under both US and United Nations authorities.” I’m not saying the US Government is outsourcing to North Korean IT experts (although it’s a fair question). I am saying that all young IT experts inhabit at least two worlds. They have day jobs and night jobs. The day job is seen as a cool thing to do. It gives you bragging rights. What cooler job than to be handling classified docs at the age of 21, armed with nothing but a High School Diploma?
The night job is inevitably on the dark side of the net in a digital underworld. This is where these IT folks share notes and have to work hard to keep up with the cutting-edge of tech. But, it is a competitive space. You have to show off there. You have to bring information that makes you worthy of being taken seriously there. The dark side of the net is dominated by gang warfare. Dares drive behaviors. It is hard to imagine how you can be truly excellent in IT and not participate in, or at least being regularly briefed on, what’s being discussed amongst these experts. Would this be a perfect community for sussing who might be an outsourced IT mercenary? Are these young people susceptible to various forms of honey traps? You bet your bottom dollar. Does honey mean sex these days? No, it means gaining entry into ever-exclusive circles on the dark side. Who else is vulnerable to this?
(I sincerely appreciate subscribers because they allow me to keep writing on this platform. Come join me for more by subscribing)…