Hacked and now vandalized, HBGary pulls out of RSA
IDG News Service - The California security company that is at the center of a controversy over a plan to discredit WikiLeaks and its supporters abruptly pulled itself out of the RSA security conference in San Francisco this week, citing security concerns.
The company's subsidiary, HBGary Federal, also cancelled a talk it had planned to give on the Internet activist group, Anonymous. It was news of this talk that riled Anonymous and precipitated the controversy last week.
HBGary has been under fire for several days now after its Web sites, corporate email system and Twitter accounts were hacked, and details of a company business proposal to discredit WikiLeaks were posted to the Internet. The attack was apparently launched by Anonymous in response to HBGary Federal's CEO Aaron Barr's talk, which had been slated for Monday morning. Barr said he had discovered the identities of many of Anonymous's leaders, and had planned to discuss his investigation in a talk at the BSides San Francisco conference, which runs in tandem with RSA.
"I was receiving death threats," Barr said in an interview Tuesday. "There was lots of talk that was being made of in the Anonymous IRC channels of harassing us at our booth and sending people to heckle [HBGary speakers at the conference]."
The company decided to strike its booth from the RSA conference floor, however, after it was vandalized on Sunday, said Jim Butterworth, HBGary's vice president of services. "We... came back the next morning and it was very apparent that the group responsible for the activities in the news had decided to make another statement," he said.
The IDG News Service obtained a photo of HBGary's vandalized booth. Someone had placed a large paper poster on the HBGary booth that read, "Anon... in it 4 the lulz.." Lulz is Internet slang meaning 'laughs.'
Instead of a show booth, HBGary's spot on the RSA exhibition floor is now empty, except for a small sign explaining the company's decision to withdraw from the show.
HBGary founder Greg Hoglund had been scheduled to speak at RSA, but those talks have now been cancelled too, Barr said. He declined to comment further on the controversy surrounding his work, or the cyber-attacks on his company.
But according to the published company emails, Barr knew last month that his talk would make HBGary a target.
HBGary Federal quits RSA over Anonymous WikiLeaks email
Clearly, though, he had no idea how bad things would get. HBGary -- a minor but once-well-respected security company -- has now suffered what may be a fatal hit to its reputation.
For a security company to suffer such a major breach is embarrassing, but buried in the 67,000 company emails published by Anonymous were even more damaging material such as a proposal to help Bank of America's law firm, Hunton & Williams, discredit WikiLeaks ahead of the expected release of secret bank documents. In the proposal, Barr suggested that HBGary Federal could work with two other security companies -- Palantir and Berico Technologies -- to launch cyberattacks, seed WikiLeaks with fake documents and dig up dirt on its supporters.
BofA publicly distanced itself from HBGary following the incident, while Palantir and Berico Technologies have severed ties with the firm.
RSA Security Conference
- RSA: Act now on cyberwar, security experts caution
- Bulk of browsers found to be at risk of attack
- Attack mitigation tools fall short, security vendors say
- Hacked and now vandalized, HBGary pulls out of RSA
- Microsoft has a change of heart on how to keep Internet safe
- Virtualization can be key to cloud security, RSA chief says
- Tablets, smartphones force Cisco to rethink security
- iPhone security, IP route hijack prevention on tap at RSA
- RSA 2011: Cloud security challenges dominate
- Securing Mobility, From Device to Network At one time, the process of managing and securing mobile devices and applications was fairly straightforward. Most organizations worried about one application (email)...
- Data Protection eGuide In this eGuide, CSO and sister publications IDG News Service, Computerworld, and CIO pull together news, trend, and how-to articles about the increasingly...
- Warning: Cloud Data at Risk Experts agree that relying on SaaS vendors to backup and restore your data is dangerous. Yet that's exactly what huge portions of the...
- The Opportunities and Challenges of the Cloud In this report F5 poses questions to IDC analysts, Sally Hudson and Phil Hochmuth, on behalf of F5's customers to better understand the...
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different....
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities. All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!