The computer security company hacked by members of activist group Anonymous has gone to ground as further revelations about its activites leak online.
HBGary has cancelled its appearances at public events, saying that members of staff had been threatened.
It follows the release of internal documents which appear to show the firm offered to smear Wikileaks' supporters.
HBGary officials said the online messages could have been altered prior to publication.
The company's founder, Greg Hoglund had been scheduled to give a talk at the RSA Security conference in San Francisco this week, but pulled out at the last minute.
The company also withdrew from an associated exhibition.
"In an effort to protect our employees, customers and the RSA Conference community, HBGary has decided to remove our booth and cancel all talks," it said in a statement posted on its website.
According to e-mails that Anonymous claims to have taken from HBGary's servers, the company had proposed a plan to undermine Wikileaks.
At the time, the whistleblowing website was planning to release documents relating to Bank of America.
The leaked emails also suggest that HBGary had discovered evidence that US officials were attempting to monitor visitors to websites affiliated to al Qaeda.
These messages have been posted online via the Anonymous-supported site Anonleaks.ru.
Government payloadWhat is Anonymous?
<!-- pullout-items--> <!-- pullout-body-->'Anonymous' describes itself as an 'internet gathering'. The term is used to describe a collective of people who come together online, commonly to stage a protest.
The groups vary in size and make-up depending on the cause. Members often identify themselves in web videos by wearing the Guy Fawkes masks popularised by the book and film V for Vendetta.
Its protests often take the form of disrupting websites and services.
Its use of the term Anonymous comes from a series of websites frequented by members, such as the anarchic image board 4Chan.
These allow users to post without having to register or provide a name. As a result, their comments are tagged "Anonymous".
In the past, groups have staged high-profile protests against plans by the Australian government to filter the internet and the Church of Scientology.
Many Anonymous protests tackle issues of free speech and preserving the openness of the net.
<!-- pullout-links-->In a message to colleagues, dated 16 November 2009, Mr Hoglund allegedly wrote that he had obtained a document taken from a jihadist website.
"I think it has a US govvy payload buried inside," the e-mail said.
The note also urges colleagues not to open the programme unless they were in a locked-down environment.
"Don't let it fone (sic) home unless you want black suits landing on your front acre," it adds.
In e-mails from early January 2011, it is claimed that Mr Hoglund sent out proposals to develop a spying program, known as a rootkit, that would run on Windows-based computers.
"There isn't anything like this publicly," the proposal stated. It would be "almost impossible to remove" or detect.
Penny Leavy, the president of HBGary said the volume of messages published online made it impossible to verify whether any of the content had been changed.
Highly suspect"We do have e-mails that were changed and posted," she told BBC News. "Given that Anonymous has had these e-mails for days I would be highly suspect of them."
Members of Anonymous hacked into HBGary's corporate systems after discovering that Aaron Barr, the chief executive of a subsidiary, HBGary Federal, had been threatening to reveal the identify of some of the group.
The hackers were able to access sensitive business systems, including its e-mail, and take over the company website, as well as some personal Twitter accounts.
"Start Quote
End Quote Penny Leavy HBGaryGiven that Anonymous has had these e-mails for days I would be highly suspect of them"
Thousands of e-mails which the group claimed came from HBGary were then published on peer-to-peer networks.
The fallout from the affair will be difficult to overcome, said Graham Cluley of rival security firm Sophos.
"The damage to HBGary's reputation from this incident is, quite frankly, enormous," he said.
"No company deserves to be on the sharp end of a hacking attack like the one which hit HBGary, but it's particularly damaging when the victim is a specialist in the field of computer security," he added.
"You brought this upon yourself," Anonymous said in a statement detailing its actions.
"Let us teach you a lesson you'll never forget: don't mess with Anonymous."
Anonymous, which has its roots in the notorious 4Chan internet messageboard, has been involved in campaigns against the Church of Scientology and in support of Wikileaks.
0 comments:
Post a Comment