Hacked and now vandalized, HBGary pulls out of RSA
IDG News Service - The California security company that is at the center of a controversy over a plan to discredit WikiLeaks and its supporters abruptly pulled itself out of the RSA security conference in San Francisco this week, citing security concerns.
The company's subsidiary, HBGary Federal, also cancelled a talk it had planned to give on the Internet activist group, Anonymous. It was news of this talk that riled Anonymous and precipitated the controversy last week.
HBGary has been under fire for several days now after its Web sites, corporate email system and Twitter accounts were hacked, and details of a company business proposal to discredit WikiLeaks were posted to the Internet. The attack was apparently launched by Anonymous in response to HBGary Federal's CEO Aaron Barr's talk, which had been slated for Monday morning. Barr said he had discovered the identities of many of Anonymous's leaders, and had planned to discuss his investigation in a talk at the BSides San Francisco conference, which runs in tandem with RSA.
"I was receiving death threats," Barr said in an interview Tuesday. "There was lots of talk that was being made of in the Anonymous IRC channels of harassing us at our booth and sending people to heckle [HBGary speakers at the conference]."
The company decided to strike its booth from the RSA conference floor, however, after it was vandalized on Sunday, said Jim Butterworth, HBGary's vice president of services. "We... came back the next morning and it was very apparent that the group responsible for the activities in the news had decided to make another statement," he said.
The IDG News Service obtained a photo of HBGary's vandalized booth. Someone had placed a large paper poster on the HBGary booth that read, "Anon... in it 4 the lulz.." Lulz is Internet slang meaning 'laughs.'
Instead of a show booth, HBGary's spot on the RSA exhibition floor is now empty, except for a small sign explaining the company's decision to withdraw from the show.
HBGary founder Greg Hoglund had been scheduled to speak at RSA, but those talks have now been cancelled too, Barr said. He declined to comment further on the controversy surrounding his work, or the cyber-attacks on his company.
But according to the published company emails, Barr knew last month that his talk would make HBGary a target.
HBGary Federal quits RSA over Anonymous WikiLeaks email
Clearly, though, he had no idea how bad things would get. HBGary -- a minor but once-well-respected security company -- has now suffered what may be a fatal hit to its reputation.
For a security company to suffer such a major breach is embarrassing, but buried in the 67,000 company emails published by Anonymous were even more damaging material such as a proposal to help Bank of America's law firm, Hunton & Williams, discredit WikiLeaks ahead of the expected release of secret bank documents. In the proposal, Barr suggested that HBGary Federal could work with two other security companies -- Palantir and Berico Technologies -- to launch cyberattacks, seed WikiLeaks with fake documents and dig up dirt on its supporters.
BofA publicly distanced itself from HBGary following the incident, while Palantir and Berico Technologies have severed ties with the firm.
RSA Security Conference
- RSA: Act now on cyberwar, security experts caution
- Bulk of browsers found to be at risk of attack
- Attack mitigation tools fall short, security vendors say
- Hacked and now vandalized, HBGary pulls out of RSA
- Microsoft has a change of heart on how to keep Internet safe
- Virtualization can be key to cloud security, RSA chief says
- Tablets, smartphones force Cisco to rethink security
- iPhone security, IP route hijack prevention on tap at RSA
- RSA 2011: Cloud security challenges dominate
- Radicati: Cloud Business Email - Market Quadrant 2013 Google was named the top cloud business email provider in a recent report by research firm Radicati. Out of 14 key players, Google...
- Tablets in the Enterprise: A Checklist for Successful Deployment How can you enterprise manage and secure tablets in order to protect corporate data while providing access to the information and applications employees...
- Enterprise Mobility: A Checklist for Secure Containerization The advantages and disadvantages of the multiple approaches to containerization. Learn More>>
- Enterprise File Sync & Share Checklist File sync and share has changed the way people work and collaborate in today's tech-savvy world. Gone are the email roadblocks, clunky FTP...
- Live Webcast LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy... All Security White Papers | Webcasts