Project Vigilant, a division of BBHC Global LLC (an information security firm), is a private, semi-secret, volunteer-based organization of “cyber spies” that is sometimes employed by the U.S. government to give insight into situations that might require the attention of a more technologically skillful organization than most government agencies are at present.
If the name of the organization doesn’t ring a bell it is because it has not sought the attention of the public in the past. But, this last couple of days we heard the name repeated over and over again, and it is because its director Chet Uber has chosen Defcon to be the place where he would reveal some details of the organization’s goals and methods, involvement in recent happenings, and broadcast their need for more volunteers to swell its ranks.
According to Andy Greenberg, Chet Uber was the person who convinced Adrian Lamo – the ex-hacker who notified government officials about Bradley Manning’s involvement in the leaking of confidential government documents to Wikileaks – to do his “patriotic duty” and step forward with the information. Accidentally, Lamo was (is?) a Project Vigilant volunteer himself.
Uber also revealed that in order to gather intelligence, the organization resorts to many methods – including collecting information from regional ISPs whose EULA allows them to share such information tied to their users’ activities with third parties. This information is then used by the organization when compiling reports for federal agencies.
Project Vigilant has currently around 600 members, and this number supposedly includes former US cyber spies and CTOs at many top firms. But, the organization has also members who work in the field and collect intelligence the old-fashioned way. “We go into bars, look for lists of bad actors, get tips from people…” says Uber.
But, mostly, they get the information they need from monitoring Internet traffic and searching for clues that will allow them to track the activity of terrorists, organized crime syndicates, drug cartels and other malicious individuals and organizations.
“This was never supposed to have been a public thing,” says Uber. So what made them decide to make the world at large aware of the organization’s existence? They want to attract more volunteers – 1,750 more, to be exact.
According to AFP, they are searching for technology experts, psychologists, sociologists, and experts from many other fields, to man the 100 projects that the organization is currently working on and to start some more.
“We are good people not out to hurt anybody,” Uber says, and claims that the volunteers must and do stay within US law. Anything that can be legally accessed will be, but that which is supposed to be private by law – such as email correspondence and encrypted transactions – is never touched.