Difference between revisions of "HBGary"

From Wikispooks
Jump to navigation Jump to search
 
(3 intermediate revisions by 3 users not shown)
Line 1: Line 1:
 
{{group
 
{{group
 
|wikipedia=https://en.wikipedia.org/wiki/HBGary
 
|wikipedia=https://en.wikipedia.org/wiki/HBGary
|type=
+
|titular_logo=1
 
|logo=HBGary.png
 
|logo=HBGary.png
 
|constitutes=Cyberwarfare contractor
 
|constitutes=Cyberwarfare contractor
Line 12: Line 12:
 
|interests=Astroturfing, Sock puppets, Malware, Anonymous, WikiLeaks
 
|interests=Astroturfing, Sock puppets, Malware, Anonymous, WikiLeaks
 
}}
 
}}
'''HBGary''' was founded by [[Greg Hoglund]] in [[2003]] as a company offering IT services.<ref name="webcache.googleusercontent.com1">https://web.archive.org/web/20090328044411/http://www.hbgary.com/company/about/</ref><ref name="dr1">http://www.darkreading.com/database-security/167901020/security/news/225700716/index.html</ref> '''HBGary Federal''' had been set up with [[Aaron Barr]] as CEO instead of Hoglund to provide services and tools to the [[US government]], which might require security clearance.<ref name="salom20110216">http://www.salon.com/news/politics/war_room/2011/02/16/hbgary_federal </ref> As HBGary Federal could not meet revenue projections, in early [[2011]] negotiations about the sale of HBGary Federal were in progress <ref name="arstechnica20110225">https://arstechnica.com/tech-policy/news/2011/02/anonymous-vs-hbgary-the-aftermath.ars/2 </ref> and the company was acquired by [[ManTech International]] in February [[2012]].<ref>http://www.bizjournals.com/sacramento/news/2012/02/28/hb-gary-sacramento-man-tech-cyber-securi.html</ref>
+
'''HBGary''' is a company that developed sophisticated software for the control of [[sock puppets]] on behalf of the US government. It was founded by [[Greg Hoglund]] in [[2003]] as a company offering IT services.<ref name="webcache.googleusercontent.com1">https://web.archive.org/web/20090328044411/http://www.hbgary.com/company/about/</ref><ref name="dr1">http://www.darkreading.com/database-security/167901020/security/news/225700716/index.html</ref> HBGary published a document on how to undermine [[WikiLeaks]] <ref>https://web.archive.org/web/20221207203728/https://wikileaks.org/IMG/pdf/WikiLeaks_Response_v6.pdf</ref> and wanted to expose leaders of '[[Anonymous]]'.<ref>https://www.infoworld.com/article/2623436/anonymous-strikes-back-at-hbgary-with-stolen-emails.html saved at [https://web.archive.org/web/20230205004939/https://www.infoworld.com/article/2623436/anonymous-strikes-back-at-hbgary-with-stolen-emails.html Archive.org] saved at [https://archive.is/yvZ7t Archive.is]</ref>
 +
 
 +
==HBGary Federal==
 +
HBGary Federal had been set up with [[Aaron Barr]] as CEO instead of Hoglund to provide services and tools to the [[US government]], which might require security clearance.<ref name="salom20110216">http://www.salon.com/news/politics/war_room/2011/02/16/hbgary_federal </ref> As HBGary Federal could not meet revenue projections, in early [[2011]] negotiations about the sale of HBGary Federal were in progress <ref name="arstechnica20110225">https://arstechnica.com/tech-policy/news/2011/02/anonymous-vs-hbgary-the-aftermath.ars/2 </ref> and the company was acquired by [[ManTech International]] in February [[2012]].<ref>http://www.bizjournals.com/sacramento/news/2012/02/28/hb-gary-sacramento-man-tech-cyber-securi.html</ref>
  
 
== WikiLeaks, Bank of America, Hunton & Williams, and Anonymous ==
 
== WikiLeaks, Bank of America, Hunton & Williams, and Anonymous ==
 
In [[2010]], [[Aaron Barr]], CEO of HBGary Federal, alleged that he could exploit [[social media]] to gather information about [[Hacker (computer security)|hacker]]s.<ref name=":0">https://arstechnica.com/tech-policy/news/2011/02/how-one-security-firm-tracked-anonymousand-paid-a-heavy-price.ars</ref>
 
In [[2010]], [[Aaron Barr]], CEO of HBGary Federal, alleged that he could exploit [[social media]] to gather information about [[Hacker (computer security)|hacker]]s.<ref name=":0">https://arstechnica.com/tech-policy/news/2011/02/how-one-security-firm-tracked-anonymousand-paid-a-heavy-price.ars</ref>
  
In early [[2011]], Barr claimed to have used his techniques to infiltrate [[Anonymous]],<ref name=":0" /><ref>https://www.independent.co.uk/news/media/online/hacktivists-take-control-of-internet-security-firms-2207440.html</ref><ref>https://www.ft.com/content/87dc140e-3099-11e0-9de3-00144feabdc0</ref> partly by using IRC, [[Facebook]], [[Twitter]], and by [[social engineering]].<ref name=":0" /><ref name="arstechnicacom2" /> His e-mails depict his intention to release information on the identities of Anonymous members at the B-Sides conference and to sell it to possible clients,<ref name=":0" /><ref name="parmy_olson">https://blogs.forbes.com/parmyolson/2011/02/07/victim-of-anonymous-attack-speaks-out/</ref> including the FBI.<ref name=":1">https://www.forbes.com/sites/parmyolson/2011/02/07/victim-of-anonymous-attack-speaks-out/</ref> In the e-mails, Barr explained that he identified his list of suspected Anonymous "members" by tracing connections through social media, while his main programmer criticized this methodology.<ref name=":0" /><ref name="techdirt">http://www.techdirt.com/articles/20110211/11013413056/play-play-how-hbgary-federal-tried-to-expose-anonymous-got-hacked-instead.shtml?threaded=false&sp=1</ref> In a [[communiqué]], Anonymous denied association with the individuals that Barr named.<ref name="anonsect14">https://web.archive.org/web/20110207111445/http://img838.imageshack.us/img838/2294/internetsanon.jpg</ref><ref>https://arstechnica.com/tech-policy/2011/02/how-one-security-firm-tracked-anonymousand-paid-a-heavy-price/</ref>
+
In early [[2011]], Barr claimed to have used his techniques to infiltrate [[Anonymous]],<ref name=":0" /><ref>https://www.independent.co.uk/news/media/online/hacktivists-take-control-of-internet-security-firms-2207440.html</ref><ref>https://www.ft.com/content/87dc140e-3099-11e0-9de3-00144feabdc0</ref><ref>https://www.salon.com/2011/02/16/hbgary_federal/</ref> partly by using IRC, [[Facebook]], [[Twitter]], and by [[social engineering]].<ref name=":0" /><ref name="arstechnicacom2" /> His e-mails depict his intention to release information on the identities of Anonymous members at the B-Sides conference and to sell it to possible clients,<ref name=":0" /><ref name="parmy_olson">https://blogs.forbes.com/parmyolson/2011/02/07/victim-of-anonymous-attack-speaks-out/</ref> including the FBI.<ref name=":1">https://www.forbes.com/sites/parmyolson/2011/02/07/victim-of-anonymous-attack-speaks-out/</ref> In the e-mails, Barr explained that he identified his list of suspected Anonymous "members" by tracing connections through social media, while his main programmer criticized this methodology.<ref name=":0" /><ref name="techdirt">http://www.techdirt.com/articles/20110211/11013413056/play-play-how-hbgary-federal-tried-to-expose-anonymous-got-hacked-instead.shtml?threaded=false&sp=1</ref> In a [[communiqué]], Anonymous denied association with the individuals that Barr named.<ref name="anonsect14">https://web.archive.org/web/20110207111445/http://img838.imageshack.us/img838/2294/internetsanon.jpg</ref><ref>https://arstechnica.com/tech-policy/2011/02/how-one-security-firm-tracked-anonymousand-paid-a-heavy-price/</ref>
  
On 5–6 February 2011, Anonymous compromised the HBGary website, copied tens of thousands of documents from both HBGary Federal and HBGary, Inc., posted tens of thousands of both companies' emails online, and usurped Barr's Twitter account in apparent revenge.<ref name="arstechnicacom2">https://arstechnica.com/tech-policy/news/2011/02/anonymous-speaks-the-inside-story-of-the-hbgary-hack.ars</ref><ref>https://www.forbes.com/sites/parmyolson/2011/02/06/anonymous-takes-revenge-on-security-firm-for-trying-to-sell-supporters-details-to-fbi/</ref><ref>https://web.archive.org/web/20131208062435/http://www.h-online.com/security/features/Anonymous-makes-a-laughing-stock-of-HBGary-1198176.html</ref> Anonymous also claimed to have wiped Barr's [[iPad]] remotely.<ref name=":0" /><ref name="parmy_olson" /><ref name="ft2">http://www.ft.com/cms/s/0/0c9ff214-32e3-11e0-9a61-00144feabdc0.html </ref><ref name="arstechnicacom0">https://arstechnica.com/tech-policy/news/2011/02/virtually-face-to-face-when-aaron-barr-met-anonymous.ars</ref> The Anonymous group responsible for these attacks became part of [[LulzSec]].<ref>http://content.usatoday.com/communities/technologylive/post/2011/06/whos-who-among-key-lulzsec-hackitivists/1</ref>
+
On 5–6 February [[2011]], Anonymous compromised the HBGary website, copied tens of thousands of documents from both HBGary Federal and HBGary, Inc., posted tens of thousands of both companies' emails online, and usurped Barr's Twitter account in apparent revenge.<ref name="arstechnicacom2">https://arstechnica.com/tech-policy/news/2011/02/anonymous-speaks-the-inside-story-of-the-hbgary-hack.ars</ref><ref>https://www.forbes.com/sites/parmyolson/2011/02/06/anonymous-takes-revenge-on-security-firm-for-trying-to-sell-supporters-details-to-fbi/</ref><ref>https://web.archive.org/web/20131208062435/http://www.h-online.com/security/features/Anonymous-makes-a-laughing-stock-of-HBGary-1198176.html</ref> Anonymous also claimed to have wiped Barr's [[iPad]] remotely.<ref name=":0" /><ref name="parmy_olson" /><ref name="ft2">http://www.ft.com/cms/s/0/0c9ff214-32e3-11e0-9a61-00144feabdc0.html </ref><ref name="arstechnicacom0">https://arstechnica.com/tech-policy/news/2011/02/virtually-face-to-face-when-aaron-barr-met-anonymous.ars</ref> The Anonymous group responsible for these attacks became part of [[LulzSec]].<ref>http://content.usatoday.com/communities/technologylive/post/2011/06/whos-who-among-key-lulzsec-hackitivists/1</ref>
  
 
The conflict with Anonymous caused substantial public relations damage. As a result, the involved organizations took steps to distance themselves from HBGary and HBGary Federal.
 
The conflict with Anonymous caused substantial public relations damage. As a result, the involved organizations took steps to distance themselves from HBGary and HBGary Federal.
Line 26: Line 29:
 
Some of the documents taken by Anonymous show HBGary Federal was working on behalf of [[Bank of America]] to respond to [[WikiLeaks|WikiLeaks]] planned release of the bank's internal documents.<ref name="james_wray_and_ulf_stabe">https://web.archive.org/web/20110211024334/http://www.thetechherald.com/article.php/201106/6798/Data-intelligence-firms-proposed-a-systematic-attack-against-WikiLeaks?page=1</ref><ref name="register">https://www.theregister.co.uk/2011/02/17/hbgary_hack_redux/</ref> "Potential proactive tactics against WikiLeaks include feeding the fuel between the feuding groups, disinformation, creating messages around actions to sabotage or discredit the opposing organization, and submitting fake documents to WikiLeaks and then calling out the error."<ref name=":2">https://web.archive.org/web/20110212063613/http://www.thetechherald.com/article.php/201106/6804/Firm-targeting-WikiLeaks-cuts-ties-with-HBGary-apologizes-to-reporter</ref>
 
Some of the documents taken by Anonymous show HBGary Federal was working on behalf of [[Bank of America]] to respond to [[WikiLeaks|WikiLeaks]] planned release of the bank's internal documents.<ref name="james_wray_and_ulf_stabe">https://web.archive.org/web/20110211024334/http://www.thetechherald.com/article.php/201106/6798/Data-intelligence-firms-proposed-a-systematic-attack-against-WikiLeaks?page=1</ref><ref name="register">https://www.theregister.co.uk/2011/02/17/hbgary_hack_redux/</ref> "Potential proactive tactics against WikiLeaks include feeding the fuel between the feuding groups, disinformation, creating messages around actions to sabotage or discredit the opposing organization, and submitting fake documents to WikiLeaks and then calling out the error."<ref name=":2">https://web.archive.org/web/20110212063613/http://www.thetechherald.com/article.php/201106/6804/Firm-targeting-WikiLeaks-cuts-ties-with-HBGary-apologizes-to-reporter</ref>
  
As a means of undermining Wikileaks, Aaron Barr suggested faking documents to damage Wikileaks' reputation and conducting "cyber attacks against the infrastructure to get data on document submitters. This would kill the project". He also suggested pressuring journalist [[Glenn Greenwald]] and other supporters of Wikileaks, who, Barr suggested, would choose to abandon support for Wikileaks in order to preserve their careers.<ref>https://arstechnica.com/tech-policy/2011/02/the-ridiculous-plan-to-attack-wikileaks/</ref>
+
As a means of undermining Wikileaks, [[Aaron Barr]] suggested faking documents to damage Wikileaks' reputation and conducting "cyber attacks against the infrastructure to get data on document submitters. This would kill the project". He also suggested pressuring journalist [[Glenn Greenwald]] and other supporters of Wikileaks, who, Barr suggested, would choose to abandon support for Wikileaks in order to preserve their careers.<ref>https://arstechnica.com/tech-policy/2011/02/the-ridiculous-plan-to-attack-wikileaks/</ref>
  
 
In the emails, two employees of HBGary referenced a blog post that endorsed manipulating translation software in order to 'mitigate' damaging content within information leaks.<ref>http://wikileaksdecrypted.com/bankofamerica-wikileaks-hbgary-palantir/</ref>
 
In the emails, two employees of HBGary referenced a blog post that endorsed manipulating translation software in order to 'mitigate' damaging content within information leaks.<ref>http://wikileaksdecrypted.com/bankofamerica-wikileaks-hbgary-palantir/</ref>
Line 49: Line 52:
  
 
{{SMWDocs}}
 
{{SMWDocs}}
 +
 
==References==
 
==References==
 
{{reflist}}
 
{{reflist}}

Latest revision as of 18:21, 11 June 2023

Group.png HBGary  
(Cyberwarfare contractorWebsiteRdf-entity.pngRdf-icon.png
HBGary.png
Formation2003
FounderGreg Hoglund.jpg Greg Hoglund
InterestsAstroturfing, Sock puppets, Malware, Anonymous, WikiLeaks
Interest ofBarrett Brown
Company that developed sophisticated software for the control of sock puppets.

HBGary is a company that developed sophisticated software for the control of sock puppets on behalf of the US government. It was founded by Greg Hoglund in 2003 as a company offering IT services.[1][2] HBGary published a document on how to undermine WikiLeaks [3] and wanted to expose leaders of 'Anonymous'.[4]

HBGary Federal

HBGary Federal had been set up with Aaron Barr as CEO instead of Hoglund to provide services and tools to the US government, which might require security clearance.[5] As HBGary Federal could not meet revenue projections, in early 2011 negotiations about the sale of HBGary Federal were in progress [6] and the company was acquired by ManTech International in February 2012.[7]

WikiLeaks, Bank of America, Hunton & Williams, and Anonymous

In 2010, Aaron Barr, CEO of HBGary Federal, alleged that he could exploit social media to gather information about hackers.[8]

In early 2011, Barr claimed to have used his techniques to infiltrate Anonymous,[8][9][10][11] partly by using IRC, Facebook, Twitter, and by social engineering.[8][12] His e-mails depict his intention to release information on the identities of Anonymous members at the B-Sides conference and to sell it to possible clients,[8][13] including the FBI.[14] In the e-mails, Barr explained that he identified his list of suspected Anonymous "members" by tracing connections through social media, while his main programmer criticized this methodology.[8][15] In a communiqué, Anonymous denied association with the individuals that Barr named.[16][17]

On 5–6 February 2011, Anonymous compromised the HBGary website, copied tens of thousands of documents from both HBGary Federal and HBGary, Inc., posted tens of thousands of both companies' emails online, and usurped Barr's Twitter account in apparent revenge.[12][18][19] Anonymous also claimed to have wiped Barr's iPad remotely.[8][13][20][21] The Anonymous group responsible for these attacks became part of LulzSec.[22]

The conflict with Anonymous caused substantial public relations damage. As a result, the involved organizations took steps to distance themselves from HBGary and HBGary Federal.

Content of the emails

Some of the documents taken by Anonymous show HBGary Federal was working on behalf of Bank of America to respond to WikiLeaks planned release of the bank's internal documents.[23][24] "Potential proactive tactics against WikiLeaks include feeding the fuel between the feuding groups, disinformation, creating messages around actions to sabotage or discredit the opposing organization, and submitting fake documents to WikiLeaks and then calling out the error."[25]

As a means of undermining Wikileaks, Aaron Barr suggested faking documents to damage Wikileaks' reputation and conducting "cyber attacks against the infrastructure to get data on document submitters. This would kill the project". He also suggested pressuring journalist Glenn Greenwald and other supporters of Wikileaks, who, Barr suggested, would choose to abandon support for Wikileaks in order to preserve their careers.[26]

In the emails, two employees of HBGary referenced a blog post that endorsed manipulating translation software in order to 'mitigate' damaging content within information leaks.[27]

Emails indicate Palantir Technologies, Berico Technologies, and the law firm Hunton & Williams, which was acting for Bank of America at the recommendation of the US Justice Department,[14] all cooperated on the project.[25] Other e-mails appear to show the U.S. Chamber of Commerce contracted the firms to spy on and discredit unions and liberal groups.[28]

An archive of the e-mails is kept at the OCCRP.[29]

Astroturfing

It has been reported that HBGary Federal was contracted by the US government to develop astroturfing software which could create an "army" of multiple fake social media profiles.[30][31]

Malware development

HBGary had made numerous threats of cyber-attacks against WikiLeaks. The hacked emails revealed HBGary Inc. was working on the development of a new type of Windows rootkit, code-named Magenta,[14] that would be "undetectable" and "almost impossible to remove."[32]

In October 2010, Greg Hoglund proposed to Barr creating "a large set of unlicensed Windows 7 themes for video games and movies appropriate for the Middle East & Asia" which "would contain back doors" as part of an ongoing campaign to attack support for WikiLeaks.[33]

Wikipedia.png This page imported content from Wikipedia on 10 April 2023.
Wikipedia is not affiliated with Wikispooks.   Original page source here


 

Related Documents

TitleTypePublication dateAuthor(s)Description
Document:Anonymous Surpasses Wikileaksarticle17 February 2011John Young
Document:Romas/COINWikispooks Page2011Barrett Brown
Many thanks to our Patrons who cover ~2/3 of our hosting bill. Please join them if you can.



References

  1. https://web.archive.org/web/20090328044411/http://www.hbgary.com/company/about/
  2. http://www.darkreading.com/database-security/167901020/security/news/225700716/index.html
  3. https://web.archive.org/web/20221207203728/https://wikileaks.org/IMG/pdf/WikiLeaks_Response_v6.pdf
  4. https://www.infoworld.com/article/2623436/anonymous-strikes-back-at-hbgary-with-stolen-emails.html saved at Archive.org saved at Archive.is
  5. http://www.salon.com/news/politics/war_room/2011/02/16/hbgary_federal
  6. https://arstechnica.com/tech-policy/news/2011/02/anonymous-vs-hbgary-the-aftermath.ars/2
  7. http://www.bizjournals.com/sacramento/news/2012/02/28/hb-gary-sacramento-man-tech-cyber-securi.html
  8. a b c d e f https://arstechnica.com/tech-policy/news/2011/02/how-one-security-firm-tracked-anonymousand-paid-a-heavy-price.ars
  9. https://www.independent.co.uk/news/media/online/hacktivists-take-control-of-internet-security-firms-2207440.html
  10. https://www.ft.com/content/87dc140e-3099-11e0-9de3-00144feabdc0
  11. https://www.salon.com/2011/02/16/hbgary_federal/
  12. a b https://arstechnica.com/tech-policy/news/2011/02/anonymous-speaks-the-inside-story-of-the-hbgary-hack.ars
  13. a b https://blogs.forbes.com/parmyolson/2011/02/07/victim-of-anonymous-attack-speaks-out/
  14. a b c https://www.forbes.com/sites/parmyolson/2011/02/07/victim-of-anonymous-attack-speaks-out/
  15. http://www.techdirt.com/articles/20110211/11013413056/play-play-how-hbgary-federal-tried-to-expose-anonymous-got-hacked-instead.shtml?threaded=false&sp=1
  16. https://web.archive.org/web/20110207111445/http://img838.imageshack.us/img838/2294/internetsanon.jpg
  17. https://arstechnica.com/tech-policy/2011/02/how-one-security-firm-tracked-anonymousand-paid-a-heavy-price/
  18. https://www.forbes.com/sites/parmyolson/2011/02/06/anonymous-takes-revenge-on-security-firm-for-trying-to-sell-supporters-details-to-fbi/
  19. https://web.archive.org/web/20131208062435/http://www.h-online.com/security/features/Anonymous-makes-a-laughing-stock-of-HBGary-1198176.html
  20. http://www.ft.com/cms/s/0/0c9ff214-32e3-11e0-9a61-00144feabdc0.html
  21. https://arstechnica.com/tech-policy/news/2011/02/virtually-face-to-face-when-aaron-barr-met-anonymous.ars
  22. http://content.usatoday.com/communities/technologylive/post/2011/06/whos-who-among-key-lulzsec-hackitivists/1
  23. https://web.archive.org/web/20110211024334/http://www.thetechherald.com/article.php/201106/6798/Data-intelligence-firms-proposed-a-systematic-attack-against-WikiLeaks?page=1
  24. https://www.theregister.co.uk/2011/02/17/hbgary_hack_redux/
  25. a b https://web.archive.org/web/20110212063613/http://www.thetechherald.com/article.php/201106/6804/Firm-targeting-WikiLeaks-cuts-ties-with-HBGary-apologizes-to-reporter
  26. https://arstechnica.com/tech-policy/2011/02/the-ridiculous-plan-to-attack-wikileaks/
  27. http://wikileaksdecrypted.com/bankofamerica-wikileaks-hbgary-palantir/
  28. http://emptywheel.firedoglake.com/2011/02/10/will-the-chamber-continue-wits-hbgary-work-now-that-theyve-been-hacked/
  29. https://aleph.occrp.org/datasets/1061
  30. https://web.archive.org/web/20110224055843/http://blogs.computerworld.com/17852/army_of_fake_social_media_friends_to_promote_propaganda
  31. http://www.boingboing.net/2011/02/18/hbgarys-high-volume.html
  32. https://web.archive.org/web/20110217201027/http://crowdleaks.org/hbgary-inc-working-on-secret-rootkit-project-codename-magenta/
  33. https://arstechnica.com/tech-policy/news/2011/02/the-ridiculous-plan-to-attack-wikileaks.ars