Attacked By Anonymous, HBGary Pulls Out of RSA

itwbennett writes "HBGary Federal cancelled a talk the company's CEO Aaron Barr was planning to give at the BSides San Francisco conference on his investigation of WikiLeaks. 'I was receiving death threats,' Barr said in an interview Tuesday. 'There was lots of talk that was being made of in the Anonymous IRC channels of harassing us at our booth and sending people to heckle [HBGary speakers at the conference].' The company has also decided to pull its booth from the RSA Conference floor after it was vandalized on Sunday, said Jim Butterworth, HBGary's vice president of services. 'We... came back the next morning and it was very apparent that the group responsible for the activities in the news had decided to make another statement,' he said."

Anatomy of the Hack

[eldavojohn]

Ars has a really good summary of the attack that used really run-of-the-mill stuff from social engineering via e-mail to an SQL injection of HBGary's CMS using this URL: http://www.hbgaryfederal.com/pages.php?pageNav=2&page=27

Re:Anatomy of the Hack

[cabjf]

I liked this article better. Not very technical, but it does show what kind of person Aaron Barr really is. The greatest part is that he tried to play Anonymous just to drum up government business and seemed to think there would be no repercussions.

Re:Anatomy of the Hack

[Black+Parrot]

I liked this article better. Not very technical, but it does show what kind of person Aaron Barr really is. The greatest part is that he tried to play Anonymous just to drum up government business and seemed to think there would be no repercussions.

He also got caught managing a dirty tricks campaign to smear Wikileaks and critics of the US Chamber of Commerce. He was disseminating personal information about the people he wanted smeared, but threw a crybaby fit when his name came out in connection with it.

Vandalized?

[sureshot007]

Vandalized booth = a sign that says "Anon...In it 4 The LuLz..." http://yfrog.com/gzbvtllj I was expecting the booth to have been burned to the ground or something.

Re:Vandalized?

[Kuukai]

HBGary is not in the business of preventing or withstanding attacks.

From their website title:

HBGary :: Detect. Diagnose. Respond.

Anonymous intruded on their network for several days without being detected, eventually just plain revealing themselves. Here's a totally-real testimonial on their front page from the esteemed research organization "Research Organization":

Greg Hoglund and the team at HBGary provide some of the most innovative products in cyberdefense. Our advantage in staying ahead of the evolving threat is HBGary's predictive knowledge of the entire malware culture and ecosystem. Their capability goes well beyond the usual, reactive response to individual exploits. We consider them one of our best partners.

Also from their front page:

HBGary, Inc., a leading provider of next-generation threat intelligence solutions for Fortune 500 and government organizations, announced Inoculator, a innovative, patent-pending enterprise agentless appliance solution designed to detect, remove, and, with its breakthrough Digital Antibody technology, PREVENT re-infection of known malware.

Anyone who hires them after this incident is an idiot who likes bright lights and noise. Amazon, a book store, was totally secure against Anonymous' attacks. There's no excuse for a security firm not to be.

Re:Death threats and vandalism = NOT okay

[GameboyRMH]

This doesn't look like destruction of property:

http://yfrog.com/gzbvtllj

Property = NOT destructed

[mangu]

Protesting is one thing but wanton destruction of property is another

Do you want to see how much property was "destroyed"? Look here

That's it, what they call "vandalism" was a piece of paper with something written. If someone could prove they are "Anonymous" they would have grounds to sue HBGary for libel.

What. The. FUCK

[DavidTC]

...is wrong with editors here?

Having a sign put on your booth is not being 'attacked', you goddamn fucktards. Nor is it a 'threat'. I know the article claims that,but it's clearly insane nonsense.

What the fuck is wrong with you, CmdrTaco? Why are you repeating lies?

And what is wrong with the people who here repeat the 'vandalism' claim without actually look at what was done? Laying a poster on top of someone else's table is not even legally vandalism, and that's a crime with a pretty low bar.

Perhaps, you know, we shouldn't be repeating claims that HGBGray makes, an organization that has been demonstrated they will lie about people they are paid to lie about.

military-industrial-security complex snake oil

[Thud457]

Apparently, with today's abysmal science (or even critical thinking) teaching, it's quite common to sell magic beans to teh gubbemint.
Why should the cybersecurity market be any different?
http://en.wikipedia.org/wiki/ADE_651
http://en.wikipedia.org/wiki/GT200
http://en.wikipedia.org/wiki/Quadro_Tracker
http://en.wikipedia.org/wiki/Sniffex
http://en.wikipedia.org/wiki/Alpha_6

Re:Government fraud

[Zeinfeld]

They are self confessed liars. So why accept the claims of vandalism at face value?

I am at RSA, I was part of a long conversation with Art Coviello last night and he did not mention it. It his his confernce and it is a security conference. If the ckaim was true and had been reported i would have expected it to be mentined.

I think it rather more likely that they did not have the courage to show their faces.

They have been punked for a start. That is an embarrassment. But what would make them pariahs was the proposal to engage in criminal attacks and political misinformation. Many of us are ex law enforcement or ex intelligence. Others work closely with them. You cant do that if you are committing criminal acts yourself.

If i thought there was a chance he might show his face i would have gone to his session earlier. But that was never likely.

Last year he was talking about hacking online games and club penguin.