Alex Constantine - March 17, 2014
"... The company started by ex ISS and CIA executives promises (in private) 'to provide our customers with the highest quality offensive CNA/CNE (Computer Network Attack/Computer Network Exploitation) software in the world.' ..."
FireDogLake, July 2, 2013
The contractor the NSA pays to help hack your cell phone has an interesting history woven within the larger story of the explosive growth of cyberwarfare companies in the Post 9/11 era. The massive growth of the cyberweapons industry has been driven by governments, principally the United States, who in the name of defense have instigated an arms race for offensive weapons.
The start of Endgame begins at Internet Security Systems (ISS), which was started in 1994 and acquired by IBM in 2006 for $1.3 billion. ISS developed an array of products perhaps most notably a highly successful systems scanner that performs a vulnerability assessment on a computer system. In 2010, former executives from ISS and former executives at the CIA started Endgame, Inc. with investments from Bessemer Venture Partners, Columbia Capital, Kleiner Perkins Caufield & Byers, and TechOperators totaling $29 million.
In 2011 the company was, due to a hack by Anonymous, revealed to be selling vulnerabilities to systems unknown even to the manufacturer or “zero-day exploits” – a business of questionable legality.
In an early email to [HBGary CEO] Aaron Barr, Endgame Systems made it clear that they had “been very careful NOT to have public face on our company.” The CEO of Endgame Systems was clear: “Please let HBgary know we don’t ever want to see our name in a press release.”
So what exactly do the secretive Endgame Systems do? The company started by ex ISS and CIA executives promises (in private) “to provide our customers with the highest quality offensive CNA/CNE (Computer Network Attack/Computer Network Exploitation) software in the world”.
Notice the term offensive. The hundreds of billions of dollars that have flowed into the cybersecurity sector from the federal government – that Endgame gets a piece of – were supposed to be for defensivepurposes. But it is not hard to understand why Endgame has such a belligerent and nefarious strategy when you look at who runs the company.
The Endgame Board of Directors is led by Christopher Darby of CIA backed In-Q-Tel and includes the former Director of the NSA, Kevin Minihan. Quite a well connected team. Methinks they may know a few people in the intelligence community who make recommendations for federal contracts.
Endgame is part of the new wave of cyberweapons firms making ridiculous amounts of money off the taxpayers while helping to instigate a war where they stand to benefit from increased business. Palantir Technologies is another firm doing well taking federal money to datamine the internet, though it recently expanded its operations to helping create license plate tracking technology. Due to the Anonymous hacking scandal HBGary is now part of ManTech International, a firm that received a $300 million federal contract to support US forces in Iraq and Afghanistan. Business is good.
While the government is secretly interpreting the Patriot Act it is also outsourcing some of its lawbreaking to private firms – cashing in on their government connections with government contracts. What could go wrong?
fatster contributed to this report.
Endgame Systems (founded 2008) has been of interest to this investigation due to the firm's close association with corrupt HBGary CEO Aaron Barr, their stated intent to avoid public attention towards its work with the federal government, its longtime collaboration with Palantir employee Matthew Steckman (whom Palantir fired in the wake of the Team Themis affair, quite improbably claiming that Steckman had acted on his own), and its creation of a report on Wikileaks and Anonymous which was provided to Team Themis for use in its campaign against both entities. In July of 2011, an investigation by Business Week revealed the probable reasons for the firm's secrecy:
- People who have seen the company pitch its technology—and who asked not to be named because the presentations were private—say Endgame executives will bring up maps of airports, parliament buildings, and corporate offices. The executives then create a list of the computers running inside the facilities, including what software the computers run, and a menu of attacks that could work against those particular systems. Endgame weaponry comes customized by region—the Middle East, Russia, Latin America, and China—with manuals, testing software, and “demo instructions.” There are even target packs for democratic countries in Europe and other U.S. allies. Maui (product names tend toward alluring warm-weather locales) is a package of 25 zero-day exploits that runs clients $2.5 million a year. The Cayman botnet-analytics package gets you access to a database of Internet addresses, organization names, and worm types for hundreds of millions of infected computers, and costs $1.5 million. A government or other entity could launch sophisticated attacks against just about any adversary anywhere in the world for a grand total of $6 million...
- Endgame’s price list may be the most important document in the collection. If the company were offering those products only to American military and intelligence agencies, such a list would be classified and would never have shown up in the HBGary e-mails, according to security experts. The fact that a nonclassified list exists at all—as well as an Endgame statement in the uncovered e-mails that it will not provide vulnerability maps of the U.S.—suggests that the company is pitching governments or other entities outside the U.S. Endgame declined to discuss the specifics of any part of the e-mails, including who its clients might be. Richard A. Clarke, former Assistant Secretary of State and special adviser to President George W. Bush on network security, calls the price list “disturbing” and says Endgame would be “insane” to sell to enemies of the U.S.
Endgame bills itself thusly:
Endgame Systems provides innovative software solutions to meet customers security needs in cyberspace. Our products include real-time IP reputation data, protection of customers' critical information, proactive data analysis, and cutting edge vulnerability research. Endgame's highly skilled workforce provides a full range of engineering services and solutions that raise awareness of emerging threats, and help prevent and respond to those threats globally. The company was founded by a proven leadership team with a record of success in the information security industry and is headquartered in Atlanta, GA.
Endgame's clients have included a number of U.S. intelligence agencies including the NSA. The firm has a subsidiary called ipTrust. Beyond a presence at Shmoocon 2012, little has been heard from the company publicly since they deleted their website in summer 2011 following the release of this text and presumably after inquiries by Business Week on the subject of their offensive capabilities and price list.