Who hired the hackers targeting #ExxonKnew?

All you need to know about the criminal investigation of a hacking scheme targeting #ExxonKnew activists.

Good morning, and Happy Friday. This week, we ask you to please keep your screams inside your heart while reading this newsletter, especially if you’re reading in a public place.

While covering two new lawsuits against Exxon and their partners in deception and denial, a growing number of legal setbacks for Big Oil, and the continued climate destruction caused by the industry’s deception, we haven’t yet had time to discuss one particularly disturbing piece of #ExxonKnew-related news from the last month: a large-scale, hacking-for-hire operation that targeted environmental groups, journalists, government officials, and others involved in exposing Exxon’s now-famous campaigns to spread disinformation and climate denial.

Yes, you read that right. According to a report from Citizen Lab, a cybersecurity watchdog group, hackers sent phishing emails to thousands of people on six continents over four years — all in an attempt to collect information from individuals and groups that worked to publicize Exxon’s record of deception on climate change and hold the company accountable. 

The New York Times reports that federal prosecutors in Manhattan are conducting a criminal investigation into the hacking, which Citizen Lab concludes with “high confidence” was conducted by a company in India. At least one person, a private investigator from Israel, has been arrested and charged with four criminal counts, including conspiracy to commit computer hacking.

So … who could have hired overseas hackers to target people working to expose what #ExxonKnew? We haven’t the foggiest idea.

Last week, a new wrinkle was added to the mystery: U.S. Senator Sheldon Whitehouse of Rhode Island, a longtime critic of Exxon and Big Oil, wrote a letter to U.S. Attorney General William Barr expressing concern that Trump’s Department of Justice is tampering with this very investigation. 

In an interview with Reuters, Senator Whitehouse said that unnamed sources had alerted his office of the DOJ’s out-of-the-ordinary probing into the issue. “Based on those conversations, I have concerns that the Southern District’s investigation into this matter will fall victim to political pressure from Washington,” Senator Whitehouse wrote to Barr.

“A robust civil society is one of the foundations of our democracy, and any effort to illegally hack, spy upon, or harass civil society organizations deserves to be thoroughly investigated,” the letter continued. “There are so many red flags flying around this matter now that I felt it necessary to contact you directly.” 

Whitehouse suggested that given just how many “favors” the Trump administration and DOJ have done for the industry — on top of its attempts to walk back prosecutions of the president’s buddies, not to mention the recent firing of the Acting U.S. Attorney for the Southern District of New York where the hacking investigation is being carried out — he has more than enough reason to worry that the Department might get in the way.

To be clear: Exxon has not (yet) been officially accused of any wrongdoing. But if this whole situation wasn’t already fishy, the potential entrance of the Trump DOJ as an interested party would clearly make it stink to high heaven. 

Just this year, investigations revealed that the DOJ worked in cahoots with Big Oil on efforts to derail climate cost recovery lawsuits filed by U.S. cities. In one of 178 emails exchanged between the Department and the industry over four months in 2018, an assistant U.S. attorney general referred to DOJ attorneys and industry lawyers as a “team.” In others, members of the Department discussed meetings with Republican state officials to advocate against the cities’ lawsuits on the industry’s behalf.

This all begs the question: what the hell is going on, exactly? 

In Senator Whitehouse’s letter, he asks the DOJ to provide a log of all contacts between its employees and the Southern District of New York. Will they comply? And if so, what will that information reveal? We will keep you posted. 

In the meantime, let this all be a reminder to never click on suspicious looking links or emails that might be phishing attacks. But please do encourage all your friends and loved ones to subscribe to #ExxonKnews to learn all the latest developments that Big Oil would rather you didn’t see. 

ICYMI News Roundup

Until next week!