Opening the HivePosted: February 22, 2011
We’ve been following the Wikileaks saga here at Sky Dancing, and at the end of January/beginning of February, an interesting twist appeared in the story. As you might know, a ‘hacktivist’ group called Anonymous brought down commercial servers and did various other things on the ‘net in support of Wikileaks back when the story about Assange’s alleged rapes surfaced late last year. This was in response to giants like Visa and Mastercard refusing to process donations to Wikileaks. The damage Anonymous did was real, but fleeting and group sunk momentarily back into the dark regions of the ‘net.
Aaron Barr*, the CEO of a company called HBGary Federal (an offshoot of cyber security firm HBGary) had his company develop a plan to bring down Wikileaks, partly by leaning on its big name supporters such as Glenn Greenwald.
Barr’s company developed this plan after pitching another plan to the US Chamber of Commerce which was meant to provide cyber spying, data collection and other services to the Chamber. And they came up with a proposal for the US Air Force (in response to a call for submissions) to create software allowing massive astroturfing via ‘persona management software’.
Barr decided to prove his company’s abilities by attempting to discover the identities of the key members of Anonymous. He did so by visiting IRC chat-rooms used by Anonymous and correlating what was said there with Tweets, Facebook posts and so on. He would then examine the corresponding Facebook users friends to determine location and so on. After a while, he claimed to have identified 3 main members of Anonymous, and released that news, without naming names, at the end of January. He boasted about what he had supposedly done to Anonymous in IRC. The FBI picked up on the press releases and Barr was planning to present data about Anonymous in a meeting with agency reps on Feb 11. Although Barr claimed he did not intend to release identities, no-one believed him. Internal company emails suggest Barr wanted to use the brouhaha with Anonymous, the members of which he seemed to think were the equivalent of script kiddies, to gin up publicity for his failing company.
The best laid plans… On Feb 5th and 6th Anonymous struck back, controlling and defacing HBGary’s websites, penetrating their webserver and email server, copying and releasing thousands of emails, snooping on Barr’s electronic activity for over 30 hours (undetected), hacking into and controlling Barr’s Twitter account, wiping his IPad and destroying about 1TB of company backups on company servers, and more in a series of sophisticated attacks using both technology and social engineering. It was so bad that HBGary’s president went to the IRC chatrooms to beg Anonymous to leave off. Their reaction? Fire Barr and give some money to the Bradley Manning defense fund, and we will. They also pointed out that they released the emails and documents supposedly identifying them, scoffing that they were nonsense and innocent people were going to get arrested.
The whole story is at Ars Technica in a series of excellent articles. Instead of recounting the saga here, I’m going to send you there. The story is fascinating. I’ll wait here until you are through :).
Read this and the one noted below for the full story:
How one man tracked down Anonymous—and paid a heavy price By Nate Anderson
Another important article:
Spy games: Inside the convoluted plot to bring down WikiLeaks By Nate Anderson
One of the most fascinating parts to me about this story is the sheer hubris of Aaron Barr. An experienced man with a military background, he ignored the advice of his lead programmer, who was very dubious that the methods Barr was advocating would work. He ignored the potential of the members of Anonymous with which he was toying, he ignored the boundaries between good and evil, between private and public. Of course his company was going under and he needed to drum up business. I suppose this is always the excuse, isn’t it?
It’s amazing to me that a cyber security company left their website open to SQL injection. I’m not the best of programmers, and even I know to avoid this. Its leadership did not seem to think that their company could be attacked or penetrated, and do not seem to have run routine security checks on the company’s internet presence, officers and more. I mean, an SQL injection? Sheez. Of course, Anonymous used some pretty nifty social engineering to get the proper password and account names for the CEO of HBGary.
That they could do so is astonishing. I suppose HBGary Federal is on the bumbling side of what the cyber community, white and black hats, can do with computers and the internet. It’s scary to think what the efficient people can do.
I’m also fascinated by the things our government will buy, or start to buy, in this case. As BB wrote about recently, our government can get taken suprisingly easily by high tech fraudsters. Now, I don’t think Barr was actually committing fraud. He believed what he had was true (and maybe it IS true, who knows?). But Barr, and our government, show a startling inability to separate reality from wishful thinking. ‘Experts’ from little companies like HBGary Federal, ‘scientists’ employed by big corporations like Monsanto, load the deck in their favor. The government rarely looks beyond these presentations and reports and does the citizens of this country a costly disservice by being so blind.
Anonymous has recently turned it’s hive mind attention to Libya, and I leave you with their parting salutation in their message to the UN:
We are Anonymous
We are Legion.
We do not forget,
We do not forgive.
*For the life of me, I can’t stop myself reading Aaron BURR every time I see Barr’s name. Anyone else do that?