Anonymous strikes back at HBGary with stolen emails

Anonymous posts 27,000 more stolen internal emails from discredited security company HBGary. Are you or your organization mentioned?

In case anyone had any remaining doubts, threatening Anonymous mightn't be the wisest of strategies -- particularly when the group holds thousands of possibly incriminating emails pilfered from your company. Yesterday's posting of all of the stolen HBGary emails on a Russian website underscores the lesson.

You know about WikiLeaks and the group calling itself Anonymous, which has been defending WikiLeaks in seemingly illegal ways, but if you haven't been following the HBGary Federal saga, here's a two-minute recap. Late last week, Robert X. Cringely posted details about the most recent turn of events.

A massive U.S. corporation [Bank of America] is targeting whistleblowing websites and mainstream American journalists, with the help of several data/security/consulting firms with strong ties to the U.S. government. It sounds like the plot of a Hollywood summer blockbuster. It's not.

Aaron Barr is CEO of HBGary Federal, one of the security consulting firms mentioned in Cringe's column. Two weeks ago, Mr. Barr told the Financial Times that his firm had "penetrated Anonymous" and "he had collected information on the core leaders, including many of their real names, and that they could be arrested if law enforcement had the same data." At the time, it sounded as if Mr. Barr, HBGary Federal, and its sister organization, HBGary, were carrying out covert operations that would put the bad guys behind bars. The plot thickens.

Anonymous scoffed. To prove their point, one or more of the Anonymous clan hacked the HBGary Federal server, stealing tens of thousands of internal emails and many documents. Anonymous then sent out torrents containing copies of emails from Aaron Barr, Ted Vera (HBGary COO), and Phil Wallish (HBGary Principal Consultant). They also posted documents, including "The WikiLeaks Threat" (PDF), a PowerPoint presentation created by HBGary Federal, Palantir Technology, and Berico Technologies for Bank of America that talks about undermining WikiLeaks by, among other things, submitting fake documents to WikiLeaks and discrediting columnist Glenn Greenwald.

And the crowd scattered. Palantir Technology and Berico Technologies have cut off ties with HBGary Federal. A BofA spokesman told USA Today, "We've never seen the presentation, never evaluated it, and have no interest in it."

Ars Technica paints a picture of Mr. Barr attempting to bail out a failing company, using intimidation, digital stalking, and lies.

Originally, Anonymous held onto one big bunch of emails, sitting on the mail from HBGary co-founder Greg Hoglund. Yesterday, though, the group (or at least one of the people in possession of the pilfered emails) changed its mind, apparently in response to a post by Mr. Hoglund on the HBGary website: "We are taking this crime seriously and are working with federal, state, and local law enforcement authorities and redirecting internal resources to investigate and respond appropriately."

Anonymous didn't take the threat well, taunting Mr. Hoglund, "Your leaked communications reveal that your companies were entangled in highly dubious and most likely illegal activities, including a smear campaign against WikiLeaks, its supportive journalists, and adversaries of the U.S. Chamber of Commerce and Bank of America. Evidence even suggests that this was done with full knowledge of the U.S. Department of Justice."

To add injury to insult, the group known as Anonymous has posted all of the HBGary emails on a Russian website, replete with a search engine. There are several mirror sites, offering copies of the same fare, with more undoubtedly to follow.

Curious about whether your company or organization makes an appearance?

This story, "Anonymous strikes back at HBGary with stolen emails," was originally published at Get the first word on what the important tech news really means with the InfoWorld Tech Watch blog. For the latest business technology news, follow on Twitter.

Copyright © 2011 IDG Communications, Inc.

How to choose a low-code development platform