Links 2011-02-15: HBGary, Anonymous  15.2.11

The saga of disruptive publication platforms vs. intelligence intelligentsia continues. And this latest HBGary chapter is stunning on so many dimension: “Security service” companies sitting on piles of 0-day exploits, US CoC hiring security companies to investigate union’s activities, security service company compromised by social hacking, Anonymous ad-hoc creating a leak website.

“Rarely in the history of the cybersecurity industry has a company become so toxic so quickly as HBGary Federal.” (Andy Greenberg, Forbes)

Nate Anderson, arstechnica, has the story. Spy games: Inside the convoluted plot to bring down WikiLeaks

“Barr was brought in from Northrup Grumman to launch the operation. …  Less than a year into the job, HBGary Federal looked like it might go bust. … And then, unexpectedly, came the hope of salvation. … That law firm was DC-based powerhouse Hunton & Williams,… [They] had a client who wanted to do a little corporate investigative work”

“But it soon became clear what this was about: the US Chamber of Commerce wanted to know if certain groups attacking them were “astroturf” groups funded by the large unions.”

“Palantir would provide its expensive link analysis software running on a hosted server, while Berico would “prime the contract supplying the project management, development resources, and process/methodology development.” HBGary Federal would come alongside to provide “digital intelligence collection” and “social media exploitation”—Barr’s strengths.”

“HBGary had long publicized to clients its cache of 0-day exploits—attacks for which there is no existing patch”

“Ironically, when Anonymous later commandeered Greg Hoglund’s separate security site rootkit.com, it did so through a spear phishing e-mail attack on Hoglund’s site administrator—who promptly turned off the site’s defenses and issued a new password (“Changeme123″) for a user he believed was Hoglund. Minutes later, the site was compromised.”

HBGary’s Barr involuntarily shares details on his intelligence successes, “Final – for me. – Sun, 6 Feb 2011 00:40:11 -0500”

“What I did using some custom developed collection and analytic tools and our developed social media analysis methodology was tie those IRC nicknames to real names and addresses and develop an clearly defined hierarchy within the group. Of the apparent 30 or so administrators and operators that manage the Anonymous group on a day to day basis I have identified to a real name over 80% of them.”

Hackers Reveal Offers to Spy on Corporate Rivals – NYTimes.com

Forbes with an update Revenge Still Sweet As Anonymous Posts 27,000 More HBGary E-Mails – Parmy Olson

“Crowdleaks: HBGary wanted to suppress Stuxnet research”

“HBGary Email Viewer: Portal – AnonLeaks”