Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Security IT

Attacked By Anonymous, HBGary Pulls Out of RSA 415

itwbennett writes "HBGary Federal cancelled a talk the company's CEO Aaron Barr was planning to give at the BSides San Francisco conference on his investigation of WikiLeaks. 'I was receiving death threats,' Barr said in an interview Tuesday. 'There was lots of talk that was being made of in the Anonymous IRC channels of harassing us at our booth and sending people to heckle [HBGary speakers at the conference].' The company has also decided to pull its booth from the RSA Conference floor after it was vandalized on Sunday, said Jim Butterworth, HBGary's vice president of services. 'We... came back the next morning and it was very apparent that the group responsible for the activities in the news had decided to make another statement,' he said."
This discussion has been archived. No new comments can be posted.

Attacked By Anonymous, HBGary Pulls Out of RSA

Comments Filter:
  • Anatomy of the Hack (Score:5, Informative)

    by eldavojohn ( 898314 ) * <eldavojohn@gSTRAWmail.com minus berry> on Wednesday February 16, 2011 @10:18AM (#35221104) Journal
    Ars has a really good summary of the attack [arstechnica.com] that used really run-of-the-mill stuff from social engineering via e-mail to an SQL injection of HBGary's CMS using this URL: http://www.hbgaryfederal.com/pages.php?pageNav=2&page=27 [hbgaryfederal.com]
    • by cabjf ( 710106 ) on Wednesday February 16, 2011 @10:35AM (#35221270)
      I liked this article [arstechnica.com] better. Not very technical, but it does show what kind of person Aaron Barr really is. The greatest part is that he tried to play Anonymous just to drum up government business and seemed to think there would be no repercussions.
      • by DarkOx ( 621550 )

        Right a few things are evident from what has happened so far.

        1. HB Gary is run by people who are arrogant, fool hardy, and hope to seek a public rent scoring themsevels a government security contract or two when they clear have nothing of value to add.

        2. HB Gary as an organization is incompetent. When computer/network security is your business and you get hacked no matter how clever the hack is its a FAIL on your part. In this case while not exactly crude Anonymous ow3n4g3 of their site was not the most

        • by SmallFurryCreature ( 593017 ) on Wednesday February 16, 2011 @11:08AM (#35221610) Journal

          You are still in Fox mode, trying to see the conspiracy behind events because your mind cannot grasp that shit just happens.

          Anonymous has no organization, it cannot by its very nature. Some people who HAVE grouped together have used the name for themselves BUT by that they have seized to become Anonymous.

          Is it really that hard to grasp? Just because you know the identity of ONE A. Nonymous author doesn't mean that every other book written under that name is linked to it in anyway. Anonymous, the concept to give a mystic to the random actions of people that sometimes seem to work together and groups calling themselves anonymous are NOT the same thing.

          • The distinction is meaningless. If you kill/imprison the people calling themselves Anonymous the attacks stop either way regardless if they're one group or many groups.

            • by ElectricTurtle ( 1171201 ) on Wednesday February 16, 2011 @11:22AM (#35221784)
              It does matter, because if you kill/capture "people calling themselves Anonymous" and the attacks don't stop because somebody completely new/different steps in to do the same things, you're creating martyrs that create more Anons. Anonymous is a headless horseman. You can't cut off its head because it doesn't have one.
              • The people calling themselves "Anonymous" isn't some rebel movement willing to die for the cause, most of them are kids doing it for the lulz, do you really think anyone of them wants to be a martyr?

            • If you kill/imprison the people calling themselves Anonymous the attacks stop either way regardless if they're one group or many groups.

              I am Spartacus!

      • by Azureflare ( 645778 ) on Wednesday February 16, 2011 @11:10AM (#35221648)

        Just read the article. Is this guy for real? He sounds like he stepped out of a webcomic about wannabe-hacker IRC lurkers.

        It's very frightening that someone could get 3 (potential?) innocents arrested with little to no evidence.

        I mean honestly, using badly thought out heuristics to analyze social networking data and guaranteeing "100% Success"? This guy obviously never attended a CS class.

        P.S. I am not condoning the actions of Anonymous in any way, this guy just seems like he could use some more schooling. (and he got some schooling in the great college of Real Life!)

      • by Black Parrot ( 19622 ) on Wednesday February 16, 2011 @12:28PM (#35222570)

        I liked this article [arstechnica.com] better. Not very technical, but it does show what kind of person Aaron Barr really is. The greatest part is that he tried to play Anonymous just to drum up government business and seemed to think there would be no repercussions.

        He also got caught managing a dirty tricks campaign to smear Wikileaks and critics of the US Chamber of Commerce. He was disseminating personal information about the people he wanted smeared, but threw a crybaby fit when his name came out in connection with it.

    • Earth First! (Score:2, Insightful)

      by sycodon ( 149926 )

      So Anonymous is kind of like Earth First folks. Loosely organized, with sociopathic tendencies.

      Except instead of burning down construction sites and SUVs, they crash websites and break into systems.

      They both apparently make death threats.

      • So Anonymous is kind of like Earth First folks.

        Have you ever seen them in the same room? Maybe they're the same person!

  • Vandalized? (Score:5, Informative)

    by sureshot007 ( 1406703 ) on Wednesday February 16, 2011 @10:24AM (#35221152)
    Vandalized booth = a sign that says "Anon...In it 4 The LuLz..." http://yfrog.com/gzbvtllj [yfrog.com] I was expecting the booth to have been burned to the ground or something.
    • Re:Vandalized? (Score:5, Insightful)

      by TaoPhoenix ( 980487 ) <TaoPhoenix@yahoo.com> on Wednesday February 16, 2011 @10:26AM (#35221184) Journal

      Nice tidbit.

      So a "security company" is afraid of a sign?

      I'd sooner place my bets they're in the Long Con to paint "Anonymous" (there can be only one, right?) as a Threat. Then everyone in power profits when draconian measures come along.

      • Re:Vandalized? (Score:4, Interesting)

        by Kokuyo ( 549451 ) on Wednesday February 16, 2011 @10:41AM (#35221324) Journal

        I think this is just another perfect example of just how full of himself AND how much of a crybaby Mr. Barr is.

      • They were in the long con. Now they're outed and everyone's so sceptical when they cry "threat!" that people investigate, find out things like the nature of the vandalism, and they come out looking even stupider than they did before.

      • Re: (Score:3, Insightful)

        by Sarten-X ( 1102295 )

        HBGary is not in the business of preventing or withstanding attacks. They're the guys who will investigate events after the fact, compiling nice piles of evidence to hand over to the FBI/police/whomever.

        The sign on the booth is a threat. Note that "vandalized" was ITworld's chosen word. The message is clear: "Anonymous is here, and has the same utter lack of respect in real life as online." Given that there were many threats ranging from harassing the booth staff to heckling the speakers, and even up to dea

        • by Spykk ( 823586 )

          the sign potentially serves as a last warning: Let Anonymous ravage whatever they want, or die.

          No, the sign means that some kid on 4-chan saw that he was coming to his area and decided it would be funny. People who portray anonymous as some sort of sinister agency just don't understand what it is. There is no anonymous. There are no leaders or plans. There is only an anonymous forum where random strangers occasionally post suggestions. If enough people think they are funny they happen.

        • Re:Vandalized? (Score:5, Informative)

          by Kuukai ( 865890 ) on Wednesday February 16, 2011 @11:24AM (#35221812) Journal

          HBGary is not in the business of preventing or withstanding attacks.

          From their website title [hbgary.com]:

          HBGary :: Detect. Diagnose. Respond.

          Anonymous intruded on their network for several days without being detected, eventually just plain revealing themselves. Here's a totally-real testimonial on their front page from the esteemed research organization "Research Organization":

          Greg Hoglund and the team at HBGary provide some of the most innovative products in cyberdefense. Our advantage in staying ahead of the evolving threat is HBGary's predictive knowledge of the entire malware culture and ecosystem. Their capability goes well beyond the usual, reactive response to individual exploits. We consider them one of our best partners.

          Also from their front page:

          HBGary, Inc., a leading provider of next-generation threat intelligence solutions for Fortune 500 and government organizations, announced Inoculator, a innovative, patent-pending enterprise agentless appliance solution designed to detect, remove, and, with its breakthrough Digital Antibody technology, PREVENT re-infection of known malware.

          Anyone who hires them after this incident is an idiot who likes bright lights and noise. Amazon, a book store, was totally secure against Anonymous' attacks. There's no excuse for a security firm not to be.

        • Re: (Score:2, Interesting)

          by PraiseBob ( 1923958 )
          the sign potentially serves as a last warning: Let Anonymous ravage whatever they want, or die.

          A sign that says, 'in it for the lulz' is a death threat? Do you really think that? If so, you must also think that Nelson on the Simpsons, going 'Ha Ha' is a death threat.
        • Re:Vandalized? (Score:5, Insightful)

          by horza ( 87255 ) on Wednesday February 16, 2011 @12:01PM (#35222234) Homepage

          HBGary is not in the business of preventing or withstanding attacks. They're the guys who will investigate events after the fact, compiling nice piles of evidence to hand over to the FBI/police/whomever.

          Did you not read the leaked emails? All the slides about pre-emptive attacks, infiltration, planting of fraudulent documents, etc. Interesting use of the word 'nice' to try and paint HBGary as one of the 'good' guys instead of a company planning criminal acts.

          The sign on the booth is a threat. Note that "vandalized" was ITworld's chosen word. The message is clear: "Anonymous is here, and has the same utter lack of respect in real life as online." Given that there were many threats ranging from harassing the booth staff to heckling the speakers, and even up to death, the sign potentially serves as a last warning: Let Anonymous ravage whatever they want, or die.

          Ok now we know you are astro-turfing for a snake oil security company. Some kid drops a note on a stand with the standard Anon catch-phrase, known by all apart from yourself, and you try and hype up some massive imaginary drama. Pathetic.

          It makes sense for HBGary to step out of the line of fire, just in case somebody's crazy enough to act on those death threats. Death is not their business.

          Or maybe they've been busted, and have the decency to leave out of shame?

          I expect that the sign is being checked for fingerprints, the conference attendee list is being subpoenaed, and security cameras are being reviewed.

          Again the melo-drama. I am sure the whole attendee list is quaking.

          I'd also expect that HBGary will use this incident to paint Anonymous as a group of people who constitute a real threat

          Did you miss the Anon arrests that have already happened?

          They stalk and harass a target organization for as long as they're interested, with expenses and lost income costs rising daily.

          Do you even read Slashdot? Try doing a search for 'scientology'

          This dedication is as much a problem to Anonymous as to their targets, and HBGary is now playing a great game: they're trolling the trolls. With every public move HBGary makes, Anonymous is drawn into acting. That's another 4chan post, another analysis, another page in HBGary's final report on Anonymous, and another customer impressed by the company's thorough attention to detail.

          No, HBGary are screwed.

          Phillip.

          • Wow. Three posts in a row claiming I'm somehow in the employ of HBGary. Since yours is surprisingly the most complete, I'll respond to you.

            I'm not connected to HBGary in any way (that I know of). I'm a software developer who's had projects sit on the receiving end of DDoS attacks, and has a bit of experience in the tactics used to investigate them.

            After any initial threat comes investigation. In my case, I had a list of timestamps and IP addresses. A quick Perl script compiled a list of the most offensive I

      • by jovius ( 974690 ) on Wednesday February 16, 2011 @10:57AM (#35221490)
        )

        Whew!
      • I'd sooner place my bets they're in the Long Con to paint "Anonymous" (there can be only one, right?) as a Threat. Then everyone in power profits when draconian measures come along.

        Right - and some Machiavellian government bureaucrat is sitting back in his high-backed chair, petting a white cat, repeatedly saying "excellent."

        I'd call it differently. Barr has an idea - using public information gleaned to expose relationships and additional information. It's not entirely a bad idea. However, plenty of good ideas have met a sudden end when implementing them effectively proves to be difficult. Barr ignores warnings that his implementation is lacking and generates publicity. As thi

    • by Belial6 ( 794905 )
      Huh, leaving note is vandalism? Apparently my wife vandalized my kitchen table just this morning.

      Seriously, while that certainly could be called harassment, calling it 'vandalism' is an out and out lie.
  • by Even on Slashdot FOE ( 1870208 ) on Wednesday February 16, 2011 @10:25AM (#35221170)

    Let sleeping Agent Smiths lie. Even if they don't have cool matrix moves, there are a lot of them, they are functionally identical for most e-combat related purposes, and of course, they have a record of pulling this kind of stuff off.

    Some_Group: Hey guys, let's attack Anonymous! It'll make us rich if we can hack them, an our security can stop their counterattack, right?
    Anonymous: No it can't. I'm putting all your embarrassing/incriminating email messages onto the net.
    Some_Group: FFFFFFFFFFFFFFFFFFFFUUUUU-

  • Drama Queens (Score:3, Insightful)

    by Anonymous Coward on Wednesday February 16, 2011 @10:27AM (#35221194)

    For supposed 'security experts' they do seem pretty weak.

    Also I suspect this might well be a publicity stunt to get more attention.

  • Right..... (Score:5, Interesting)

    by fuzzyfuzzyfungus ( 1223518 ) on Wednesday February 16, 2011 @10:37AM (#35221286) Journal
    So, let's take a look at this:

    Option 1: Members or associates of a loose-knit group of hackers who are likely subjects of federal interest after illegally penetrating and utterly humiliating a private-sector spook shop decide that it would be a great idea to show up, in person, at an event with some amount of security likely to be in the vicinity, just to heckle somebody they have already pwned good and hard. They think that this is a good idea because showing up in crowded areas and making a disturbance is an excellent way to remain anonymous.

    Option 2: Aaron Barr and the rest of the losers at HBGary really don't want to show their faces at RSA, after having been ruthlessly punked by a bunch of amateurs; but decide to cry about "security threats" in an attempt to look less than totally pathetic.

    Y'know, I don't think that this is a terribly difficult decision...
    • Re:Right..... (Score:4, Interesting)

      by L4t3r4lu5 ( 1216702 ) on Wednesday February 16, 2011 @10:50AM (#35221402)
      I'm in no way associated with Anonymous, 4Chan, or any of the stuff that's gone on, but I've read through this saga with keen interest, and think Barr got exactly what was coming to him. To use the vernacular, he got "served" good and proper.

      The great thing about Anonymous is that, had I been at RSA and placed that sign, I would have been in Anonymous for that time, despite having never been associated with them in any other way. It's an ideal, not a club you apply to join.

      If you still don't get that, you don't get Anonymous at all.
    • They think that this is a good idea because showing up in crowded areas and making a disturbance is an excellent way to remain anonymous.

      Your post seems to suggest that Anonymous is smart enough to not show up in person, and that HBGary is only using this as a scapegoat. You seem to think that Anonymous is logical and believes that staying online is the best course of action to preserve their anonymity.

      I think [wikipedia.org] you [boingboing.net] have [indybay.org] some [tampabay.com] reading [slashdot.org] to [infoshop.org] do. [azcentral.com]

    • Really, though, nobody has any illusions that any member of Anonymous is causally related to any other. "Anonymous" is just a name. A lot of the strength of anonymous as a concept comes from the vast majority of its members just being disaffected kids; which makes identifying the movers and shakers more difficult. It seems to me that the only way to 'stop' Anonymous would be to hold each and every member identified as such accountable for any/all of Anonymous' actions. Ie. make the cost of identifying a
      • While there are horders of kids doing things for the lulz, it will probably stop being funny if there are real life consequences and the subset of people involved in these activities with real technical skills is probably vanishingly small although they should be a bit harder to get hold of (As they should be smart enough to use proxies and whatnot)

        You don't really need to try to dismantle the movement called Anonymous as such, you just need to harshly go after anyone involved in illegal activities.

    • by AmiMoJo ( 196126 )

      *sigh* do people still not get anonymous?

      Any action taken by people claiming to be anonymous is really just them acting alone. Maybe others inspired or encouraged but the simple fact is that no one represents anonymous and the actions of one individual do not represent anything other than themselves.

      • If no one represents Anonymous then everyone represents Anonymous. With no command and control structure to say "that wasn't us" anyone flying the Anonymous flag is (to use some tautology) acting under the Anonymous flag.

        Not having a leader doesn't make the group as a whole immune from responsibility, in fact, it makes the group more vulnerable as it is entirely the members' actions that determine what the group is responsible for.

        Don't agree with some action Anonymous has taken? Too bad. By being a member

    • Almost certainly a sympathizer that happened to be at RSA. As long as Anonymous keeps doing things that are morally right as far as many (most?) people are concerned, they will keep getting this kind of support.

  • Sigh... (Score:2, Interesting)

    by maliamnon ( 1848524 )
    Backing down from your beliefs due to threats and attacks will only breed more attacks and threats. While I'm not necessary against Anon, their acts are that of terrorism in this case, and unfortunately, those tactics work.
  • by davidwr ( 791652 ) on Wednesday February 16, 2011 @10:42AM (#35221330) Homepage Journal

    Protesting is one thing but wanton destruction of property is another. Death threats are well over the top.

    These are not things responsible protests groups do in a situation like this. Next time, keep it to rhetoric and, if you are willing to be !Anonymous, picketing in person.

    • by headhot ( 137860 )

      The only evidence of an actual death threat comes from the "security expert" who had his ass handed to him by a bunch of amateurs. He needed some kind of excuse to keep his embarrassed ass at home.

    • by GameboyRMH ( 1153867 ) <<moc.liamg> <ta> <hmryobemag>> on Wednesday February 16, 2011 @10:49AM (#35221382) Journal

      This doesn't look like destruction of property:

      http://yfrog.com/gzbvtllj [yfrog.com]

    • Are you sure any of these things actually happened? Let's remember which company is making these claims...
    • by mangu ( 126918 ) on Wednesday February 16, 2011 @10:53AM (#35221442)

      Protesting is one thing but wanton destruction of property is another

      Do you want to see how much property was "destroyed"? Look here [yfrog.com]

      That's it, what they call "vandalism" was a piece of paper with something written. If someone could prove they are "Anonymous" they would have grounds to sue HBGary for libel.

      • by DarkOx ( 621550 )

        Yea, it looks like they vandalized HB Gary's booth about as much as Joe's lawn service vandalized my home by hanging their flier on my door knob.

    • by bberens ( 965711 )
      I agree with you completely. Someone above posted a picture of the "vandalism" though, they added a sign to their booth that said "Anon.. in it for the Lulz" or something to that affect. From the looks of it, nothing was destroyed.

      Additionally, it appears Anonymous at least believes they're fighting for freedom of speech and open democracy wrt the wikileaks stuff. It's not the first time Americans have threatened to kill people for those rights.
    • by Hatta ( 162192 )

      Turn about is fair play. Government pressure has cost Wikileaks donations and Assange has been the target of death threats by American officials for months. Let's not pretend Anonymous threw the first stone here.

  • by GoNINzo ( 32266 ) <GoNINzo.yahoo@com> on Wednesday February 16, 2011 @10:44AM (#35221350) Journal
    Anonymous is just the first of many future darknets that will be nearly impossible to destroy. You might take out a ringleader or two, but 4 others would stand up to take their place if they felt that it was unjust. And in the end, it's death by a thousand harmless cuts, or in this case, 1,000 users that don't like something running the their Ion cannons under central control. In this case, this dude is using social networking like facebook to figure out who are hackers. I doubt they have many connections to other hackers on facebook or twitter. It's most likely random unrelated acquaintances, so I think the guy's research is flawed anyway.

    The best example of what one of these organized systems could do is a story by Bruce Sterling called Maneki Neko. [tqft.net] It is what happens when people get organized but maintain some level of anonymity. We are not to this level yet, but I suspect it right around the corner. It will do strictly good at first, but eventually it will ruin someone's life. Just as Anonymous has ruined some people's lives, they've done a little good for some, like a great birthday [urlesque.com]. It doesn't justify the destruction, but it's bored kids on the internet, so what are you going to do?

    The news media will make a big deal about future 'attacks', but some will be harmless kids having fun. But if you start to push that everyone involved in these groups must be destroyed, those people who are marginally involved will suddenly get VERY involved in your destruction. So be careful.
    • by Zironic ( 1112127 ) on Wednesday February 16, 2011 @10:52AM (#35221424)

      Personally I suspect that if a number of "Anonymous" "Ringleaders" got caught by the FBI and sentenced to pretty hefty sentences the overall membership of their activities will probably sharply decline.

      Most of them are in it for the lulz after all and lulz are not worth several years in prison or higher fines then you can pay off in your lifetime.

      • by mangu ( 126918 ) on Wednesday February 16, 2011 @12:24PM (#35222524)

        Personally I suspect that if a number of "Anonymous" "Ringleaders" got caught by the FBI and sentenced to pretty hefty sentences the overall membership of their activities will probably sharply decline.

        Most of them are in it for the lulz after all and lulz are not worth several years in prison or higher fines then you can pay off in your lifetime.

        Yes, because the "war on drugs" worked so well its tactics must be adopted everywhere, right?

    • Anonymous is just the first of many future darknets that will be nearly impossible to destroy. You might take out a ringleader or two, but 4 others would stand up to take their place if they felt that it was unjust

      The government folks never learn. We are still after "al-Qaeda"
      • I was under the impression that Al-Qaeda was basically destroyed and currently used mostly as a scarecrow to wave around whenever someone questions military involvement.

  • by caseih ( 160668 ) on Wednesday February 16, 2011 @10:55AM (#35221474)

    I can't comment on what kind of snobs HBGary folks are, but the actions of Anonymous seem quite hypocritical to me in general. So "Anonymous" fights for wikileaks, which is expressly set up for the purpose of sharing secrets and revealing things. Then I read about how someone tried to expose who various members of Anonymous were, after which Anonymous got all upset and attacked him for doing the very things that wikileaks does, which they work to support. Seems like they value secrecy above everything else, kind of like the people that feel the most threatened by wikileaks. Ironic.

    • by TexVex ( 669445 ) on Wednesday February 16, 2011 @11:24AM (#35221814)
      It's not ironic or hypocritical at all!

      When you are in a position of authority over other people, you must be held to a higher standard. With your greater authority comes greater responsibility. Responsibility requires transparency. Therefore, the more power you have, the less secrecy you should be allowed to have, because secrecy allows you to abuse your power.

      All of the above applies to groups as well as individuals. Churches and their clergy, goverments and their bureaucrats, corporations and their executives, military and their officers, ALL have great power over people and therefore must be held accountable for their use of that power. However, private individuals who do not exercise power over others should have no requirement for higher transparency. If you aren't in a position to harm others, any exposition of your private affairs won't do anything to help anyone else. It can only be used to harm you, and is an abuse of power. Therefore, you in fact should have a right to privacy.

      Consider the issue of gun ownership. If you choose to own a gun, you are taking some power. With that power comes responsibility. That gun's characteristics should be on file with law enforcement, so they can potentially match crime scene bullets fired from your gun. Make sense? More power = more transparency.
    • Wikileaks, as you mentioned, works to reveal secrets. As a part of that work they also have to keep some secrets however, for example about their sources.

      This is not the great paradox you make it out to be.

      There is a difference between trying to reveal crimes/unethical behavior/corrupt and all that stuff, and to reveal personal information just out of spite or to harm someone. Not all secrets are bad, but those that are must be exposed.

    • I don't see the hypocrisy. After all, Anon themselves released the information you claim they were trying to suppress.
  • What. The. FUCK (Score:4, Informative)

    by DavidTC ( 10147 ) <slas45dxsvadiv.v ... e r b o x . c om> on Wednesday February 16, 2011 @11:25AM (#35221826) Homepage

    ...is wrong with editors here?

    Having a sign put on your booth is not being 'attacked', you goddamn fucktards. Nor is it a 'threat'. I know the article claims that,but it's clearly insane nonsense.

    What the fuck is wrong with you, CmdrTaco? Why are you repeating lies?

    And what is wrong with the people who here repeat the 'vandalism' claim without actually look at what was done? Laying a poster on top of someone else's table is not even legally vandalism, and that's a crime with a pretty low bar.

    Perhaps, you know, we shouldn't be repeating claims that HGBGray makes, an organization that has been demonstrated they will lie about people they are paid to lie about.

Fast, cheap, good: pick two.

Working...