HBGary explained

HBGary
Foundation:2003
Founder:Greg Hoglund
Location:Offices in Sacramento, California, Washington, D.C., and Bethesda, Maryland.
Fate:Bought out
Key People:Greg Hoglund
(Founder & CEO)
Penny Leavy
(President)
Aaron Barr
(Former CEO of HBGary Federal)
Industry:Computer software
Computer security
Homepage:HBGary Inc.

HBGary is a subsidiary company of ManTech International, focused on technology security. In the past, two distinct but affiliated firms had carried the HBGary name: HBGary Federal, which sold its products to the US Government,[1] and HBGary, Inc. Its other clients included information assurance companies, computer emergency response teams, and computer forensic investigators. On 29 February 2012, HBGary, Inc. announced it had been acquired by IT services firm ManTech International.[2] At the same time, HBGary Federal was reported to be closed.[2]

History

The company was founded by Greg Hoglund in 2003. In 2008, it joined the McAfee Security Innovation Alliance. The CEO made presentations at the Black Hat Briefings, the RSA Conference, and other computer security conferences. HBGary also analyzed the GhostNet and Operation Aurora events.

HBGary Federal had been set up with Aaron Barr as CEO instead of Hoglund to provide services and tools to the US government, which might require security clearance. As HBGary Federal could not meet revenue projections, in early 2011 negotiations about the sale of HBGary Federal were in progress with two interested companies.

HBGary was acquired by ManTech International in February 2012.[2]

WikiLeaks, Bank of America, Hunton & Williams, and Anonymous

In 2010, Aaron Barr, CEO of HBGary Federal, alleged that he could exploit social media to gather information about hackers.

In early 2011, Barr claimed to have used his techniques to infiltrate Anonymous,[3] [4] partly by using IRC, Facebook, Twitter, and by social engineering. His e-mails depict his intention to release information on the identities of Anonymous members at the B-Sides conference and to sell it to possible clients, including the FBI.[5] In the e-mails, Barr explained that he identified his list of suspected Anonymous "members" by tracing connections through social media, while his main programmer criticized this methodology. In a communiqué, Anonymous denied association with the individuals that Barr named.[6]

On 5–6 February 2011, Anonymous compromised the HBGary website, copied tens of thousands of documents from both HBGary Federal and HBGary, Inc., posted tens of thousands of both companies' emails online, and usurped Barr's Twitter account in apparent revenge.[7] [8] Anonymous also claimed to have wiped Barr's iPad remotely. The Anonymous group responsible for these attacks became part of LulzSec.[9]

Content of the emails

Some of the documents taken by Anonymous show HBGary Federal was working on behalf of Bank of America to respond to WikiLeaks' planned release of the bank's internal documents. "Potential proactive tactics against WikiLeaks include feeding the fuel between the feuding groups, disinformation, creating messages around actions to sabotage or discredit the opposing organization, and submitting fake documents to WikiLeaks and then calling out the error."[10]

As a means of undermining Wikileaks, Aaron Barr suggested faking documents to damage Wikileaks' reputation and conducting "cyber attacks against the infrastructure to get data on document submitters. This would kill the project". He also suggested pressuring journalist Glenn Greenwald and other supporters of Wikileaks, who, Barr suggested, would choose to abandon support for Wikileaks in order to preserve their careers.[11]

In the emails, two employees of HBGary referenced a blog post that endorsed manipulating translation software in order to 'mitigate' damaging content within information leaks.[12]

Emails indicate Palantir Technologies, Berico Technologies, and the law firm Hunton & Williams, which was acting for Bank of America at the recommendation of the US Justice Department, all cooperated on the project. Other e-mails appear to show the U.S. Chamber of Commerce contracted the firms to spy on and discredit unions and liberal groups.

Fallout

The conflict with Anonymous caused substantial public relations damage. As a result, the involved organizations took steps to distance themselves from HBGary and HBGary Federal:

Astroturfing

It has been reported that HBGary Federal was contracted by the US government to develop astroturfing software which could create an "army" of multiple fake social media profiles.[17] [18]

Malware development

HBGary had made numerous threats of cyber-attacks against WikiLeaks. The hacked emails revealed HBGary Inc. was working on the development of a new type of Windows rootkit, code-named Magenta, that would be "undetectable" and "almost impossible to remove."

In October 2010, Greg Hoglund proposed to Barr creating "a large set of unlicensed Windows 7 themes for video games and movies appropriate for the Middle East & Asia" which "would contain back doors" as part of an ongoing campaign to attack support for WikiLeaks.

Acquisition by ManTech International

On 29 February 2012, ManTech International announced its purchase of HBGary, Inc.[19] Financial terms of the acquisition were not disclosed other than to say it was an "asset purchase", which excludes legal and financial liabilities.[19]

External links

Notes and References

  1. Web site: Anderson . Nate . 2011-02-10 . How one man tracked down Anonymous—and paid a heavy price . 2022-07-27 . Ars Technica . en-us . 9 May 2012 . https://web.archive.org/web/20120509132651/http://arstechnica.com/tech-policy/news/2011/02/how-one-security-firm-tracked-anonymousand-paid-a-heavy-price.ars . live .
  2. News: Anderson. Mark. Cyber security firm HBGary bought by ManTech International. 29 February 2012. Sacramento Business Journal. 29 February 2012. 26 October 2012. https://web.archive.org/web/20121026062936/http://www.bizjournals.com/sacramento/news/2012/02/28/hb-gary-sacramento-man-tech-cyber-securi.html. live.
  3. Web site: 2011-02-08 . Hacktivists take control of internet security firms . 2022-07-27 . The Independent . en . 12 February 2011 . https://web.archive.org/web/20110212112758/http://www.independent.co.uk/news/media/online/hacktivists-take-control-of-internet-security-firms-2207440.html . live .
  4. Web site: Menn . Joseph . 2011-02-04 . Cyberactivists warned of arrest . 2022-12-19 . Financial Times . 27 July 2022 . https://web.archive.org/web/20220727185741/https://www.ft.com/content/87dc140e-3099-11e0-9de3-00144feabdc0 . live .
  5. Web site: Olson . Parmy . Victim Of Anonymous Attack Speaks Out . 2022-07-27 . Forbes . en . 27 July 2022 . https://web.archive.org/web/20220727185741/https://www.forbes.com/sites/parmyolson/2011/02/07/victim-of-anonymous-attack-speaks-out/ . live .
  6. Web site: How one man tracked down Anonymous—and paid a heavy price. Ars Technica. 10 February 2011. 2016-02-20. 7 July 2017. https://web.archive.org/web/20170707134721/https://arstechnica.com/tech-policy/2011/02/how-one-security-firm-tracked-anonymousand-paid-a-heavy-price/. live.
  7. Web site: Olson . Parmy . Anonymous Takes Revenge On Security Firm For Trying To Sell Supporters' Details To FBI . 2022-07-27 . Forbes . en . 27 July 2022 . https://web.archive.org/web/20220727185732/https://www.forbes.com/sites/parmyolson/2011/02/06/anonymous-takes-revenge-on-security-firm-for-trying-to-sell-supporters-details-to-fbi/ . live .
  8. Web site: Anonymous makes a laughing stock of HBGary - the H Security: News and Features. https://web.archive.org/web/20131208062435/http://www.h-online.com/security/features/Anonymous-makes-a-laughing-stock-of-HBGary-1198176.html. 8 December 2013.
  9. News: Acohido. Byron. Who's who among key LulzSec hackitivists. 3 June 2013. USA Today. 20 June 2011. 23 June 2011. https://web.archive.org/web/20110623044109/http://content.usatoday.com/communities/technologylive/post/2011/06/whos-who-among-key-lulzsec-hackitivists/1?. live.
  10. Web site: 2011-02-12 . Firm targeting WikiLeaks cuts ties with HBGary - apologizes to reporter - Security . 2022-07-27 . https://web.archive.org/web/20110212063613/http://www.thetechherald.com/article.php/201106/6804/Firm-targeting-WikiLeaks-cuts-ties-with-HBGary-apologizes-to-reporter . 12 February 2011 .
  11. Web site: Anderson . Nate . Spy games: Inside the convoluted plot to bring down WikiLeaks . Ars Technica . 17 October 2021 . en-us . 14 February 2011 . 17 October 2021 . https://web.archive.org/web/20211017160613/https://arstechnica.com/tech-policy/2011/02/the-ridiculous-plan-to-attack-wikileaks/ . live .
  12. Web site: 辽宁住宿票 餐饮票-辽宁开酒店票-晋中出租车票-的士票 . 30 November 2016 . 1 December 2016 . https://web.archive.org/web/20161201080615/http://wikileaksdecrypted.com/bankofamerica-wikileaks-hbgary-palantir/ . live .
  13. Web site: Berico Technologies severs ties with HBGary over WikiLeaks plot . 27 January 2012 . 2 January 2012 . https://web.archive.org/web/20120102111303/http://www.thetechherald.com/articles/Berico-Technologies-severs-ties-with-HBGary-over-WikiLeaks-plot . dead .
  14. Web site: HBGary Federal CEO Aaron Barr Steps Down. Paul Roberts. 28 February 2011. threatpost.com. dead. https://web.archive.org/web/20110302032344/http://threatpost.com/en_us/blogs/hbgary-federal-ceo-aaron-barr-steps-down-022811. 2 March 2011.
  15. Web site: Democrats call for probe of top D.C. law firm. Justin Elliott. 1 March 2011. salon.com. 1 March 2011. 5 March 2011. https://web.archive.org/web/20110305172611/http://www.salon.com/news/politics/war_room/2011/03/01/hunton_williams_investigation. live.
  16. Congress Asks to Review DoD and NSA Contracts With HBGary . Wired . Kim . Zetter . 17 March 2011 . 7 March 2017 . 8 August 2013 . https://web.archive.org/web/20130808073315/http://www.wired.com/threatlevel/2011/03/congress-and-hbgary/ . live .
  17. Web site: Army of fake social media friends to promote propaganda. Darlene Storm. 22 February 2011. Computerworld Inc.. 2011-02-24. https://web.archive.org/web/20110224055843/http://blogs.computerworld.com/17852/army_of_fake_social_media_friends_to_promote_propaganda. 24 February 2011. dead.
  18. Web site: HBGary's high-volume astroturfing technology and the Feds who requested it. Cory Doctorow. 18 February 2011. BoingBoing. 2011-02-25. 21 February 2011. https://web.archive.org/web/20110221091653/http://www.boingboing.net/2011/02/18/hbgarys-high-volume.html?. live.
  19. News: Leyden . John . US gov IT services vendor swallows HBGary . 26 April 2012 . The Register . 29 February 2012 . 13 April 2012 . https://web.archive.org/web/20120413155147/http://www.theregister.co.uk/2012/02/29/hbgary_mantech/ . live .