BAE Systems

From Project PM
Jump to: navigation, search

BAE Systems, according to its website, "offers significant capabilities in intelligence, surveillance, reconnaissance, information warfare, mission management, and communications systems." From the HBGary e-mails, it's known that the firm holds a contract with ARSTRAT for "COSMIC PROGRAM," a $500 million project that lasts through 2017 and which may involve nuclear weapons security.

BAE's board of directors includes former DHS secretary Michael Chertoff, who has been criticized for having assisted the firm in winning a major contract presumably via his insider status in the security world.

Ties to HBGary

BAE was involved with HBGary throughout 2010. Early on in the relationship, HBGary employee Ted Vera noted to the company, "We have offensive capabilities which are not advertised on our website." BAE also seems to have arranged for HBGary to provide those same "offensive" capabilities to other clients.

In this exchange on 8/13/10, Ted Vera announces to others at HBGary:

I forgot to mention... ARSTRAT asked BAE if they can coordinate a classified HBGary capabilities brief. Can you travel to CO soon? It sounds like they have a near-term project.

Here, Joe Maier of BAE responds to Vera's e-mail from a month earlier with an offer to get the firm in touch with an unknown client for a demonstration:

 
Begin forwarded message:

From: "Maier, Raymond \"Joe\" (US SSA) (US ASTSS Huntsville)" <[email protected]>

Date: August 27, 2010 7:54:54 AM MDT

To: Ted Vera <[email protected]>

Subject: RE: HBGary

Ted,

My customer is looking for a demonstration of your capabilities potentially at the SCI level.
 
If you have time, please give me a call.

joe
 
 
Joe Maier

719.235.1898 - Mobile

719.325.8445 - Work
 
From: Ted Vera [mailto:[email protected]] 

Sent: Thursday, 22 July, 2010 09:22 AM

To: Chisholm, Chris (US SSA)

Cc: Maier, Raymond "Joe" (US SSA) (US ASTSS Huntsville); [email protected]

Subject: HBGary
 
Chris,
 
It  was a pleasure meeting with you yesterday.  Please stay in touch and  let me know when you're in town.  When should I expect to see a draft  teaming agreement?
 
I've  attached some of our product sheets for your review.  Our software can  be especially helpful for organizations who conduct incident response,  digital forensics 
investigations, vulnerability research /  proof-of-concept exploit development, and malware reverse engineering /  analysis.  If you have any such organizations within
BAE I'd really  appreciate an introduction.
 
Also  as we discussed, HBGary has offensive cyber capabilities (we don't  advertise).  I have several 0-day proof-of-concept exploits on the shelf  ready for
 weaponization.  If you have any qualified customers who would  be interested, I can send you summary descriptions.
 
Regards,
Ted


At one point, the two organizations discussed working together on a federal procurement called Asteroid, with Vera signing an NDA from BAE for the purpose. At another point, Vera "did a whois search on www.arin.net to identify the IP netblocks associated with the BAE Systems organization," as he notes in an e-mail to Barr. Those IPs are:

63.172.159.0;63.172.159.127
209.203.96.0;209.203.96.255
206.190.72.224;206.190.72.239
206.251.232.32;206.251.232.39
63.172.69.80;63.172.69.95
65.168.28.0;65.168.28.1566.222.90.192;66.222.90.19966.222.92.248;66.222.92.255
69.129.140.168;69.129.140.175
129.86.0.0;129.86.255.255
206.231.13.0;206.231.13.255
65.162.149.0;65.162.149.15
216.54.73.32;216.54.73.47
207.47.18.72;207.47.18.79
68.93.24.224;68.93.24.255
74.211.178.112;74.211.178.127
67.121.46.240;67.121.46.247
209.78.105.0;209.78.105.127
68.93.24.0;68.93.24.127
68.93.24.128;68.93.24.191
67.121.46.48;67.121.46.55208.253.77.56;208.253.77.63
65.216.148.40;65.216.148.47
63.98.204.144;63.98.204.159
208.250.102.192;208.250.102.255216.253.2.168;216.253.2.175
162.39.9.144;162.39.9.15165.199.216.48;65.199.216.63
64.9.116.192;64.9.116.199
66.55.255.168;66.55.255.175
66.55.255.184;66.55.255.191
209.172.103.240;209.172.103.247
67.58.89.96;67.58.89.103
75.76.140.56;75.76.140.63
207.47.18.64;207.47.18.71
209.217.208.48;209.217.208.6370.89.246.184;70.89.246.191
98.141.248.24;98.141.248.31
64.26.174.192;64.26.174.223
208.253.69.0;208.253.69.31
208.250.64.208;208.250.64.223
208.250.65.224;208.250.65.239
65.210.20.224;65.210.20.239
69.230.9.32;69.230.9.39
69.229.147.232;69.229.147.239
69.218.60.16;69.218.60.23
69.229.59.248;69.229.59.255
69.109.91.200;69.109.91.207
69.237.115.128;69.237.115.135
141.156.28.0;141.156.28.127
141.157.159.160;141.157.159.175
99.148.161.192;99.148.161.199
69.177.248.64;69.177.248.79
66.120.113.120;66.120.113.127
66.121.204.192;66.121.204.199
66.120.102.216;66.120.102.22363.138.240.72;63.138.240.79
63.138.240.104;63.138.240.111
74.10.52.96;74.10.52.103
74.10.52.160;74.10.52.167
74.10.52.152;74.10.52.159