Stephen Colbert Weighs In On HBGary Scandal
Posted by Pile
(7074 views) [E-Mail link]
|Stephen Colbert explains the details of the recent scandal involving a private security firm who was working on attacking Wikileaks in order to discredit them... which backfired horribly..|
Rarely in the history of the cybersecurity industry has a company become so toxic so quickly as HBGary Federal. Over the last week, many of the firm's closest partners and largest clients have cut ties with the Sacramento startup. And now it's cancelled all public appearances by its executives at the industry's biggest conference in the hopes of ducking a scandal that seems to grow daily as more of its questionable practices come to light.
Last week, the hacker group Anonymous released more than 40,000 of HBGary Federal's emails, followed by another 27,000 from its sister company, HBGary, over the weekend. Those files, stolen in retaliation for an attempt by HBGary Federal CEO Aaron Barr to penetrate Anonymous and identify its members, revealed a long list of borderline illegal tactics. What happened? It proposed services to clients like a law firm working with Bank of America and the U.S. Chamber of Commerce that included cyberattacks and misinformation campaigns, phishing emails and fake social networking profiles, pressuring journalists and intimidating the financial donors to clients' enemies including WikiLeaks, unions and non-profits that opposed the Chamber.
HBGary responded Monday with a statement on its website that it's 'continuing to work intensely with law enforcement on this matter and hopes to bring those responsible to justice.' In the mean time, the firm is canceling all its executives' talks at the RSA conference, the largest cybersecurity industry confab of the year, taking place this week in San Francisco. HBGary chief executive Greg Hoglund had planned to give two presentations at the conference. HBGary Federal CEO Barr last week canceled his talk at the simultaneous B-Sides conference, which would have focused on his expose on Anonymous. The company said in its statement that it had been subject to numerous threats of violence, including some received at its RSA marketing booth.
HBGary's proposal to Bank of America's law firm, in partnership with fellow security firms Palantir and Berico Technologies, was to weaken WikiLeaks with cyberattacks and false documents as well as tracing and threatening its donors and supporters. But new information surfaced Monday about other shady approaches the firm suggested. As part of the company's pitch to the U.S. Chamber of Commerce, HBGary Federal's Barr offered tactics like mining Classmates.com for information about a target individual's friends, then building fake Facebook pages to gain access to subject's personal details. He and Hoglund also discussed using spear phishing, a technique that typically plants malicious software on a user's machine with a carefully spoofed email message.
Barr spoke with Forbes reporter Parmy Olson last week, when the scandal had only reached a small fraction of its eventual size. 'I had expected some potential retribution,' Barr said then. 'I knew some folks would take my research as some kind of personal attack which it absolutely was not. I thought they might take down our Web site with a DDoS attack. I did not prepare for them to do what they did.'
'I'm going to contact people I've exchanged e-mails with and just tell them what's going on,' he added with regard to his tens of thousands of spilled emails. 'The rest I'll deal with as it comes.'
Site with links to HBGary data: Here
Posted by TheusernamejoeWasTaken on 2011-05-13 03:32:14
|If by 'backfired horribly' you mean 'backfired AWESOMELY!!", I agree. :)|