That was Greg Hoglund (right) the front man for disgraced security company HBGary whose Aaron Barr claimed he’d penetrated the inner circle of Anonymous, the ungroup that’s brought a bright new dawn to a world until now controlled by a small band of vicious, unprincipled corporate gangsters and politicians.
And people such as Hoglund and Barr who tried to sell the results of Barr’s labours to the FBI, including names of alleged Anonymous ‘leaders’.
In retribution, Anonymous penetrated HBGary and splashed confidential company emails — 50,000 or more — online.
Infuriated, Hoglund was going to show Anonymous you don’t mess with him!
Result? His entire MySQL database backup went online, released by Anonymous.
After other damning revelations which followed the initial Anonymous attack, Hoglund’s company which, he claims, provides “classified services to the Department of Defense, the Intelligence Community and other U.S. Government agencies to meet their unique requirement”, is now effectively on the trash heap.
Aaron Barr and others
On Ars Technica, Nate Anderson, poured through the leaked emails and put together a blow-by-blow account of the fiasco.
But what’s really fascinating “is the back-and-forth between HBGary Federal CEO Aaron Barr and others at HBGary Federal, including his main technical guy, who clearly thinks Barr’s methodology is worthless”, writes Mike Masnick on TechDirt, continuing >>>
It becomes clear that the technical guy sympathizes with Anonymous and Wikileaks and Barr even calls him on this point (admitting that he too sort of feels that way, but he recognizes this as a PR opportunity). The coder at one point mocks the whole plan as:
Step 1 : Gather all the data
Step 2 : ???
Step 3 : Profit
Yup. That’s a coder alright. Then there’s this fascinating argument where the coder points out that the statistical basis for Barr’s claims (basically analyzing who people’s friends on Facebook are is about as accurate as your daily horoscope:
Barr: [I want to] check a persons friends list against the people that have liked or joined a particular group.
Coder: No it won’t. It will tell you how mindless their friends are at clicking stupid shit that comes up on a friends page. especially when they first join facebook.
Barr: What? Yes it will. I am running throug analysis on the anonymous group right now and it definately would.
Coder: You keep assuming you’re right, and basing that assumption off of guilt by association.
Barr: Noooo….its about probabilty based on frequency…c’mon ur way smarter at math than me.
Coder: Right, which is why i know your numbers are too small to draw the conclusion but you don’t want to accept it. Your probability based on frequency right now is a gut feeling. Gut feelings are usually wrong.
Coder: [some information redacted] Yeah, your gut feelings are awesome! Plus, scientifically proven that gut feelings are wrong by real scientist types.
Barr: [some information redacted] On the gut feeling thing…dude I don’t just go by gut feeling…I spend hours doing analysis and come to conclusions that I know can be automated…so put the taco down and get to work!
Coder: I’m not doubting that you’re doing analysis. I’m doubting that statistically that analysis has any mathematical weight to back it. I put it at less than .1% chance that it’s right. You’re still working off of the idea that the data is accurate. mmmm…..taco!
That same coder later warned another company exec saying that “I feel his arrogance is catching up to him again and that has never ended well…for any of us.” Fascinating read all around.
‘Understanding the attacker’
“The cyber world has grown out of control”, says Hoglund, on his company site, going on >>>
State and national law enforcement mechanisms are not equipped to deal with the rapidly evolving threat. The complexity of information systems has far exceeded the ability to secure them, while reliance on these systems has only increased. HBGary has an intimate understanding of this problem; We know that understanding the attacker and his methods is the only way to defeat him. This is the core strength of HBGary and why our technology and services outperform the competition.
To us, it’s personal.
Good to know.
With that in mind, what’s equally fascinating is how HBGary was undone.
At the end of his breakdown, “who were Barr and his company up against in all this?” – Anderson asks, adding:
“According to Anonymous, a five-member team took down HBGary Federal and rootkit.com, in part through the very sort of social engineering Barr had tried to employ against Anonymous.
“One of those five was allegedly a 16-year old girl, who ‘social engineered your admin jussi and got root to rootkit.com,’ one Anonymous member explained in IRC.”
Meanwhile, “Anonymous has already posted around 50,000 emails of Aaron Barr, the CEO of sister organisation HPGary Federal, which revealed a report by the firm looking at ways to sabotage WikiLeaks in collaboration with Palantir Technologies and Berico Technologies”, posts Parmy Olson on Forbes, pointing out >>>
The emails also show that Bank of America, a potential target of WikiLeaks, was to hear the proposal via its outside law firm Hunton & Williams. The proposal’s recommendations included a disinformation campaign against WikiLeaks and cyber attacks on its Web site.
A source from Anonymous says that most of the new e-mails from Hoglund are still unchecked and it is unclear who will be most liable when the information is made public, but added that briefly skimming the emails had revealed “three different malware archives, two bots, an offer to sell a botnet, a genuine stuxnet copy, and various malware lists.” Not entirely surprising given that HBGary is a security firm, but the source speculates that botnets aren’t typically rented out for “research.”
“Judging by the fact that they’d attack WikiLeaks’ operations, [we] wouldn’t be surprised if they’re up to something fishy,” the source added. “We’ll let Anon and other public devour the emails.”
A subset of Anonymous members, or Anons, who use Internet Relay Chat to communicate, are currently working on a web viewer for all the e-mails as part of the launch of a new front for the movement, AnonLeaks.
And in an update, “Security firm Berico Technologies has just joined Palantir in cutting off ties to peer HBGary, following controversial revelations that the three companies had collaborated on a proposal aimed at helping Bank of America cause disruptions to WikiLeaks. Read the official statement here“, Olson adds in Forbes.
What does Berico have to say?
Among other things >>>
Our leadership does not condone or support any effort that proactively targets American firms, organizations or individuals. We find such actions reprehensible and are deeply committed to partnering with the best companies in our industry that share our core values. Therefore, we have discontinued all ties with HBGary Federal. We are conducting a thorough internal investigation to better understand the details of how this situation unfolded and we will take the appropriate actions within our company.
Definitely stay tuned.
claimed he’d penetrated – Anonymous dumps 50,000 HBGary emails online, February 7, 2011
released by Anonymous – HBGary MySQL Backup online for download, February 10, 2011
Ars Technica – How One Man Tracked Down Anonymous — And Paid a Heavy Price, February 10, 2011
TechDirt – Play By Play Of How HBGary Federal Tried To Expose Anonymous… And Got Hacked Instead, February 11, 2011
Forbes – Anonymous Ready To Dump More HBGary E-mails, Launch AnonLeaks, February 11, 2011
First they ignore you, then they laugh at you, then they fight you, then you win ~ Mahatma Gandhi
World War III will be a global information war with no division between civilian & military participation ~ Marshall McLuhan
Net access blocked by government restrictions? Use Psiphon from the Citizen Lab at the University of Toronto. Go here for details.