31 January 2013, 13:01

Syrian e-mails hacked on Britam Defense?

Syrian e-mails hacked on Britam Defense?
Download audio file

A British security company, Britam Defence, has been forced to deny claims that it is involved in a plot to destabilise Syria. According to the website Pastebin, news of the alleged plot came from a series of e-mails purportedly coming from a British Security Consultancy, called Britam Defense. VoR contacted Britam to get a comment on that matter.

Pastebin, which is an online source for hacked information, provided a series of e-mails, including one saying, “It’s about Syria, again. Qataris proposed an attractive deal and swear that an idea is approved by Washington.” The e-mail exchange published online also said that a Soviet-made chemical weapon would have to be delivered to Homs and deployed by Ukrainian operatives able to speak Russian. Numerous websites and at least one national British newspaper have now reported that the e-mails were discovered by a Malaysian computer hacker and posted online. When the Voice of Russia contacted Britam, the chief executive Simon had this comment:

We were hacked on last Wednesday, Thursday from our e-mails hosted on a public commercial webhosting domain. Some of the material online is accurate, but unfortunately the hacker went on upon himself to create a number – we’ve seen three now – of completely spurious e-mails – normally two-liners, very inflammatory, talking about chemical weapons, Syria, Qatar, Saudi, Washington – very simplistic in their format, because I can’t imagine in what sort of world would have two-liners with such a combination of words, leading to an obvious conclusion, “God, what on Earth is this all about?” So, they were completely spurious and our company isn’t involved in the defense world at all. We do commercial risk management for oil and gas companies in areas around the world. I can confirm those e-mails are completely spurious.

The computer files have also come to the attention of the prominent U.S. blog site infowars.com, which is run by Alex Jones, the radio show host who recently appeared on Piers Morgan’s CNN TV show. On that occasion, he repeated claims that he believes 9/11 attacks on World Trade Center couldn’t have happened without some level of official collusion. For its part, Britam says it can prove that the e-mail about Syria is a fake, because, it says, two of the e-mails that are claimed to have been hacked from the server have the same unique message I.D. They say, that shows that copying and pasting of e-mail data has taken place. The company says it’s reported the hacking attack to U.K. police. Rick Ferguson is a Director of Security Research at Cyber Security Firm, Trend Micro. He says that in theory an e-mail server would issue different I.D. numbers to different e-mails.

It’s true that e-mail I.D.s are unique, they’re sequential and if they’re generated by the same server, then no two e-mails should have the same I.D. That’s absolutely true. And if they’re both generated by the same server and have the same e-mail I.D., it’d prove that one of them is not legit.

But Ferguson says that proving forgery can be a complex task.

In order for it to be a categorical proof, they have to make source files publicly available for the communications’ questions. That can be forensically dated and proved that they haven’t been tempered since that date – that’s going to be a complex proposition for them.

Rick Ferguson says that even fake reports of hacking incidents can be damaging to a company.

There’re a lot of claims that get published by a bunch of different people, particularly on Twitter, as I said, that turn out to have no substance behind them. Obviously there’re a lot that do, as well.

Britam, the company at the heart of the furore, says it’s a risk management company and not a private military company. According to its company’s website, Britam is broad-ranging risk-management and training consultancy providing corporate security services, police and military training and health and safety. The management team has a background in U.K. Special Forces. The Chief Executive again:

There’s confusion between our market which is commercial private security market and what’s dangerous private military companies, which we’re not. Private military companies are like black water, where a state – in that circumstance, the U.S. – can’t tract out functions to a civilian private military company. That’s completely different from what we do, which is as I said, the commercial sector. It’s often confused. We and our clients don’t want to be described as “private military companies”. We’re not. We’re doing just very legitimate risk assessment investigations, so workers can work in a risk-free environment in areas which are not absolutely risk-free.

There’ve been widely reported fears that President Assad’s forces could employ chemical weapons as a last resort in Syria’s civil war. Israel has warned that such weaponry could fall into the hands of jihadists groups intending to attack it. For its part, Moscow has voiced skepticism over what it described as “alarmists reports”. Meanwhile, President Barack Obama has said that the U.S. will not tolerate the use of chemical weapons inside Syria. In December the American President warned that if there was evidence of chemical weapons being used, he’d consider it “a red line for action”.

    and share via