Skip the navigation

Hacked and now vandalized, HBGary pulls out of RSA

By Robert McMillan
February 16, 2011 02:28 AM ET

IDG News Service - The California security company that is at the center of a controversy over a plan to discredit WikiLeaks and its supporters abruptly pulled itself out of the RSA security conference in San Francisco this week, citing security concerns.

The company's subsidiary, HBGary Federal, also cancelled a talk it had planned to give on the Internet activist group, Anonymous. It was news of this talk that riled Anonymous and precipitated the controversy last week.

HBGary has been under fire for several days now after its Web sites, corporate email system and Twitter accounts were hacked, and details of a company business proposal to discredit WikiLeaks were posted to the Internet. The attack was apparently launched by Anonymous in response to HBGary Federal's CEO Aaron Barr's talk, which had been slated for Monday morning. Barr said he had discovered the identities of many of Anonymous's leaders, and had planned to discuss his investigation in a talk at the BSides San Francisco conference, which runs in tandem with RSA.

"I was receiving death threats," Barr said in an interview Tuesday. "There was lots of talk that was being made of in the Anonymous IRC channels of harassing us at our booth and sending people to heckle [HBGary speakers at the conference]."

The company decided to strike its booth from the RSA conference floor, however, after it was vandalized on Sunday, said Jim Butterworth, HBGary's vice president of services. "We... came back the next morning and it was very apparent that the group responsible for the activities in the news had decided to make another statement," he said.

The IDG News Service obtained a photo of HBGary's vandalized booth. Someone had placed a large paper poster on the HBGary booth that read, "Anon... in it 4 the lulz.." Lulz is Internet slang meaning 'laughs.'

Instead of a show booth, HBGary's spot on the RSA exhibition floor is now empty, except for a small sign explaining the company's decision to withdraw from the show.

HBGary founder Greg Hoglund had been scheduled to speak at RSA, but those talks have now been cancelled too, Barr said. He declined to comment further on the controversy surrounding his work, or the cyber-attacks on his company.

But according to the published company emails, Barr knew last month that his talk would make HBGary a target.

Clearly, though, he had no idea how bad things would get. HBGary -- a minor but once-well-respected security company -- has now suffered what may be a fatal hit to its reputation.

For a security company to suffer such a major breach is embarrassing, but buried in the 67,000 company emails published by Anonymous were even more damaging material such as a proposal to help Bank of America's law firm, Hunton & Williams, discredit WikiLeaks ahead of the expected release of secret bank documents. In the proposal, Barr suggested that HBGary Federal could work with two other security companies -- Palantir and Berico Technologies -- to launch cyberattacks, seed WikiLeaks with fake documents and dig up dirt on its supporters.

BofA publicly distanced itself from HBGary following the incident, while Palantir and Berico Technologies have severed ties with the firm.

Robert McMillan covers computer security and general technology breaking news for The IDG News Service. Follow Robert on Twitter at @bobmcmillan. Robert's e-mail address is robert_mcmillan@idg.com

Reprinted with permission from IDG.net. Story copyright 2014 International Data Group. All rights reserved.
Our Commenting Policies
Internet of Things: Get the latest!
Internet of Things

Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!