It was wickedly funny when Anonymous hacked the computer system of HBGary after the CEO of subsidiary HBGary Federal, Aaron Barr, boasted that he “pwned” Anonymous and was going to expose their identities. Barr, it appears, was a publicity-seeking, fed-contract-seeking fool who got a grand comeuppance, and parent company HBGary was exposed as being the most laughably insecure “security” company on the planet. (So far.)
But since Anonymous put its captured HBGary documents online, the story has gotten thicker and stranger, and the links revealed between the various Gary companies, the feds, and other powerful DC organizations are downright sinister.
Among other things:
Anonymous claims it captured a copy of the infamous Stuxnet Virus from HBGary. You know Stuxnet is no ordinary virus, worm, or trojan. It’s almost certainly the work of “a nation state,” with the hottest speculation calling it a joint U.S.-Israeli project.
Then, as Brad at WendyMcElroy.com reported, it turns out HBGary Federal was nearly broke and trying to sell serious “anti-terrorism” services — that is, offers to infiltrate enemies — to mega-corps and well-connected lobbying groups (e.g. Bank of America and the U.S. Chamber of Commerce). And who were these “enemies” HBGary was so eager to spy on? Ordinary citizen activists. Beyond that, the links between firms like HBGary and government snoop agencies get more and more complex.
Now, as Brad further reports, HBGary has long been in the business of making and selling malware — the very sorts of things that would be illegal if your or I made, used, or sold them. But hey, when you’re hand-in-pocket with the fedgov, you don’t have to worry about being prosecuted for any crime against the mere people. Brad’s got a warning for any of us who might be “on a list” and using Windows computers: The cyberwar has begun, and we’re combatants whether we want to be or not. “We know now that the law will not defend you. Your only choice is to defend yourself.”
just a minor “blip” in the beast grid…
Having a copy of Stuxnet isn’t nearly as damning as having the sources. Every antivirus researcher (including freelancers) should have legitimate reason to have a copy. If I understand correctly the entire virus has not yet been disassembled and fully grokked yet.
Now if they have the actual source code, that would be something entirely different. Not only would it be a giant leap forward toward understanding the code, some serious finger-pointing should also be going on.
(a Fox news story http://www.foxnews.com/scitech/2011/02/15/anonymous-hackers-offer-stuxnet-worm-online/ has probably filtered through several non-technical layers of editorial oversight, but it says “..was quick to clarify that the group hasn’t released the Stuxnet worm itself, but rather a decrypted version of it HBGary had been studying — which could act almost like a building block” –emphasis mine. That sounds like the decompiled code that has been marked-up with comments as it is teased apart. Also, “..The “decompiled” code the group made available is in that sense akin to a recipe book for disaster, he said..” Hyperbole.)
Thanks, Standard Mischief. Good points.
The main point for me, though, is that HPGary and HPGary Federal are producers and marketers of malware. I can see why all manner of researchers might have versions of the Stuxnet virus. But it doesn’t appear that HPGary falls into that category. They seem like total black hats.
well, they probably got cushy jobs waiting for em at the BATF, if nothing else
indeed, Claire, if this is to be believed:
http://crowdleaks.org/hbgary-inc-working-on-secret-rootkit-project-codename-magenta/
To get slightly off topic for a moment.
This looks like a good development in minimizing control over the Internet by the Government.
http://www.nytimes.com/2011/02/16/nyregion/16about.html?_r=2&ref=nyregion
Now they just need to develop the software it seems.
Jim B. — Yep. In fact, I’d already prepped a blog entry and put it in the queue for posting tomorrow on that one. 🙂 (Great minds and all). I don’t know enough about the technology to grok that one, so I’m hoping for the usual good input from others.
Hate to be crass but if you’re fighting the fight and running Windows you’re a dumbass. No worries though, it’s a curable condition. There’s no such thing as 100% security, but there’s a difference between an iron fortress and a yellow brick road when it comes to criminals, and you can guess which one Windows is. Get Linux. Even an unsecured install done by a novice is a *huge* step forward, and it’s worth the learning curve. I recommend Mint or Ubuntu, they’re easy to use and easy to set up (and free, if you didn’t get the note). Once you get a handle on that you can start digging into the advanced topics.
@Claire/Jim: software exists, just needs a bit of elbow grease to make it a bit more friendly. The gadgets are usually called wall wart computers and those are cheap and readily available too (Marvell makes one for $99, google for it). There’s actually nothing special at all about what is discussed in that article, but the idea of an appliance that comes preloaded with the tech and is easy to use is pretty cool. Widespread adoption makes it all work a whole lot better than when it’s a handful of us fiddling around and dodging scuzzbags.
There are a lot of hardcore hackers in the liberty movement who can walk you through learning it all on your own though. They usually come out of the woodwork when the topic is brought up frequently enough 😉