22 February 2011

HBGary, Anonymous, and Wikileaks

This is turning into one of the best stories so far this year, and yet it seems doomed to only be known by geeks. Still spinning quickly, with new revelations daily, but it goes a little something like this:

  1. Three security firms--Palantir Technologies, HBGary Federal, and Berico Technologies--are hired by law firm Hunton and Williams to neutralize the potential threat posed by Wikileaks' releases.
  2. Aaron Barr at HBGary proposes leveraging his experience with social networks to expose the identities of active Anonymous members.
  3. HBGary/Barr publicly discuss their investigations of Anonymous; Anonymous then retaliates with a DDoS on the HBGary web site.
  4. Barr then approaches Anonymous members in an IRC chat as part of his preparation for an upcoming presentation. Soon after: Anonymous compromised the company's website and then copied internal documents and 60,000+ e-mails to BitTorrent for anyone to download. For further fun, they also vandalized Barr's Twitter and LinkedIn. To state the obvious: this was all done in short order and to a presumably skilled security company who had major contracts with the US government.
  5. The leaked documents are poured over by journalists. They reveal that HBGary was hired to spread lies about Wikileaks, its leader Assange, civil rights lawyer and vocal supporter of Wikileaks Glenn Greenwald, and Anonymous. Anonymous has done much digital mischief in support of Wikileaks, including DDoS attacks on the web sites of Visa, Mastercard, and PayPal--all corporations who refused to honor individuals' donations to Wikileaks. Barr viewed Anonymous as both appropriate collateral damage and good publicity.
  6. Further examination reveals that the US govt was behind many of the HBGary plans, including proposed attacks on unions. How timely, Wisconsin.

Interesting links:

[ posted by sstrader on 22 February 2011 at 10:11:28 PM in Internet | tagged anonymous, wikileaks ]