'Anonymous' Hacker Group Teaches Shady Cyber-Security Companies a Lesson They'll Never Forget
February 17, 2011
Gary Null in Anonymous, Cyber-Security, Homeland Security, Media, Wikileaks

By Scott Thill

Aaron Barr must feel like he's wearing clown shoes.  

Shortly after the overreaching CEO of Sacramento's so-called cybersecurity outfit, HBGary Federal, assembled an online attack plan against pro-Wikileaks supporters like Salon journalist Glenn Greenwald and prematurely bragged about "pwning" the upstart hacker collective Anonymous privately to his employees and publicly to the Financial Times, Anonymous quickly retaliated by raiding his drives, releasing 40,000 HBGary Federal emails, remotely wiping his iPad and engendering a scathing public disconnection from those who have known and employed him. Evidently, if you fuck with the Internet bull, you still get the real-time horns. 

"Rarely in the history of the cybersecurity industry has a company become so toxic so quickly as HBGary Federal," Andy Greenberg blogged Feb. 15 for Forbes' Firewall column. "Over the last week, many of the firm’s closest partners and largest clients have cut ties with the Sacramento start-up. And now it’s canceled all public appearances by its executives at the industry’s biggest conference in the hopes of ducking a scandal that seems to grow daily as more of its questionable practices come to light." 

Competitive Intelligence, Rampant Idiocy 

Of course, HBGary and Barr are tiny potatoes, especially for the code-savvy web heads of Anonymous, which is why his shamed mug has lately been making the media rounds. In fact, the finest breakdown of Barr and HBGary's conspiratorial plan has taken shape in Ars Technica's exhaustive spook farce, "Spy Games: Inside the Convoluted Plot to Bring Down Wikileaks," which pegged Barr as "The Man Who Knew Too Little" as a parting pop-cult stab. 

But Forbes is fooling itself, and you, if it really believes that Barr and HBGary are simply rogue information agents engaging in "questionable practices." In the insidious world of officially sanctioned hacking -- also known as "cybersecurity" or "competitive intelligence," the preferred corporate nomenclature -- Barr and HBGary's expendable presence extends from the U.S. Department of Justice and the well-connected legal monolith Hunton & Williams  to the corrupt finance titans of Bank of America and the Chamber of Commerce. They have all been swept up in HBGary's discredited wake, as they try to distance themselves from what was basically a routine disinformation campaign to hack and discredit transparency champs like Wikileaks and Anonymous, whose startling disclosures have rocked the previously airtight machinery of the political and economic powers-that-be. 

Barr and HBGary's plan was to put together proposals for Hunton & Williams -- which represents conservative corporations like Bank of America, the Chamber of Commerce and Koch Industries --  that would scrape the internet, including social networking outlets like Facebook, LinkedIn and Classmates.com, for informational dirt that could be distilled into disinformation attacks that could potentially to bring down supporters of Anonymous and Wikileaks, which has been hinting that it's about to dump hugely embarrassing data on Bank of America for weeks. On its face, this is nothing new: As former Associated of Certified Fraud Examiners chairman and "competitive intelligence" professional Jonathan Turner told the New York Times, the industry boasts nearly 10,000 companies and a $2 billion market. 

HBGary planned to tag-team Wikileaks and Anonymous with Palantir Technologies and Berico Technologies, which has publicly admitted that it was asked to develop a proposal analyzing internal security and public relations problems for a law firm, without naming names. Palantir quickly apologized, explaining that the "right to free speech and the right to privacy are critical to a flourishing democracy" and personally apologizing to pro-Wikileaks supporters like Glenn Greenwald, who it was planning to personally discredit. For its part, Hunton & Williams hasn't publicly commented on the clusterfuck, although Anonymous' data dump featured emails between Barr and Hunton & Williams' partner and corporate investigator John W. Woods. Not so with the much better-known Bank of America, which openly derided HBGary's PowerPoint presentation to Hunton & Williams: "We've never seen the presentation, never evaluated it, and have no interest in it." 

That categorical denial rings hollow, given Bank of America's itinerant controversy, which includes inhaling bailout billions in taxpayer cash, purchasing toxic mortgage scammers like Countrywide Financial, nailing loyal customers with skyrocketing interest rates, robosigning foreclosures and even shutting down payment transfers to Wikileaks, lamely claiming "reasonable belief that WikiLeaks may be engaged in activities that are, among other things, inconsistent with our internal policies for processing payments." Add it together with the shady "competitive intelligence" practices of the Chamber of Commerce -- which solicited Palantir, Berico and HBGary to scrape the Internet for personal data on Chamber opponents like Brad Blog, Change to Win, CodePink and others -- and what is immediately apparent is that all of the included parties are sorry for mostly one thing: Getting caught with their pants down. 

Rebels Without a Central Nervous System 

"Anonymous, in addition to being responsible for 90% of all quotes ever cited, is the source of 91% of all Internet truth and justice," the Wikipedia goof Encyclopedia Dramatica explains of the hacker collective that brought Palantir, Berico and HBGary's plan to a screeching halt. A self-aware exaggeration to be sure, but there is some truth to Anonymous' brand of Internet justice. Since roughly 2006, the loosely associated transparency coalition has variously pranked and outed the Church of Scientology, white supremacist and FBI informant Hal Turner, alleged internet sexual predator Chris Forcand, KISS bassist Gene Simmons and more in the U.S. alone. Abroad, it combated online censorship efforts in Iran and Australia, and even assisted in levying denial-of-service attacks against government Web sites in Tunisia, Zimbabwe and even Egypt.  

Those are some of their more well-meaning Internet revolutions, But the coalition has its dark side. Anonymous has claimed responsibility for plastering racist and fascist imagery across the home pages of sites like AllHipHop.com and the social networking site Habbo. Anonymous even flooded YouTube children's videos with porn, and reportedly leaked personal information of a California teen who managed a site called the No Cussing Club. True responsibility for these attacks and others are hard to pin down, given Anonymous' diaphanous identity, but that too is part of the plan. As HBGary, Palantir and Berico found out the hard way, it's nearly impossible to "pwn" decentralized international cells of Internet smartasses that lack a central nervous system. Like the Internet itself, Anonymous is a sprawling webwork of sometimes aligned and chaotic desires and ideologies. Shutting it down would be like shutting down the Internet itself. 

So like the similarly ascendant Wikileaks which it openly supports, Anonymous' time has come. When Bank of America, PayPal, Mastercard, Visa and other corporations stopped servicing Wikileaks, Anonymous retaliated by attacking their Web sites. Its members often wear creepy Guy Fawkes masks, perhaps more to honor Alan Moore's visionary dystopian comic V For Vendetta than Fawkes himself, whose planned and failed Gunpowder Plot aimed to assassinate King James the First. (In Moore's comic, the mysterious masked revolutionary V takes down an Orwellian regime that, from its total surveillance to its propaganda media to its craven political class that willingly turns prisoners into genetic and social experiments, looks a lot like ours. In fact, one of V's first victims is a raving talking head that could easily serve as the predecessor to Glenn Beck and Bill O'Reilly of Fox News, the oxymoronically named organization whose whistleblowing insider recently called Rupert Murdoch's controversial disinformation peddler a "Stalin-esque mouthpiece for Bush.")

Regardless of their outward appearances and deliberately scattered composition, Anonymous has, accidentally and otherwise, recently transformed from an imageboard prankster to an online Robin Hood combating the monolithic forces of geopolitics and mass media. Which is high irony considering my Wired colleague Ryan Singel once called its members "supremely bored 15-year olds." With killer coding and computer skills, he should have added, that leave so-called professional organizations like HBGary, Palantir and Berico, as well as capitalist powerhouses Bank of America, fumbling over their torpedoed stratagems and half-hearted apologies. No wonder Fox News called Anonymous an "Internet Hate Machine," and went so far as to imply that its recent acquisition of the widely available Windows worm Stuxnet -- which it funnily enough found in HBGary's drives, according to Anonymous member Topiary -- could wreak havoc on something, anything. (Forgetting to mention, of course, that Stuxnet was likely developed by Israel to destabilize Iran's nuclear capabilities.)

In the final analysis, Anonymous may be a far-flung coalition of teen hackers looking to balance the powers-that-be's often uneven playing field. But like the whistle-blowing Wikileaks, it has hit its targets with alarming speed and accuracy. The HBGary fiasco, whose tentacles snake into the hallowed halls of politics and finance, feels like the beginning of an uneasy relationship, for those who champion informational transparency and online civil disobedience. Because if Wikileaks and Anonymous think that Bank of America, the Chamber of Commerce, Hunton & Williams or even the Department of Justice, which recommended the heavyweight law firm to Bank of America's General Counsel, is finished its attack, it's got quite another thing coming. 

But judging by its recently hilarious pranks and preemptive security hacks, it's probably already prepared for the cyberwar that is perhaps on its way.

Scott Thill runs the online mag Morphizm.com. His writing has appeared on Salon, XLR8R, All Music Guide, Wired and others.

 



Article originally appeared on The Gary Null Blog (http://www.garynullblog.com/).
See website for complete article licensing information.