Recently, a group of Internet vigilante hackers calling themselves Anonymous hacked a US security firm that was investigating them. This hack is the most recent shot fired between the two groups in their ongoing cyber battle.
The US firm, HBGary Federal, provides various classified cybersecurity services to US government agencies and fortune 500 companies. One such agency is the US Department of Defense.
Recently, HBGary began to investigates the actions of Anonymous. For months, members of Anonymous have been attacking various sites that “boycotted” Wikileaks at the behest of the US federal government.
This boycotting is usually in the form of suspended services, such as PayPal’s refusal to process WikiLeaks’ donations or Amazon’s refusal to host WikiLeaks.
Such refusals prompted the group of hackers to launch an attack on the behalf of WikiLeaks. However, the group claims to have no real affiliation with the whistle-blowing website. Their attacks are based on the idea that Anonymous and WikiLeaks share the same philosophy of transparency.
The group states:
While we don’t have much of an affiliation with WikiLeaks, we fight for the same reasons. We want transparency and we counter censorship. The attempts to silence WikiLeaks are long strides closer to a world where we can not say what we think and are unable to express our opinions and ideas.
We can not let this happen. This is why our intention is to find out who is responsible for this failed attempt at censorship. This is why we intend to utilize our resources to raise awareness, attack those against and support those who are helping lead our world to freedom and democracy.
Until the recent attack on HBGary, the hacker group seemed to stay away from government agencies or corporations affiliated with government agencies, even when the FBI and the United Kingdom’s Metropolitan Police Service began executing search warrants and making arrests. However, the boasting of HBGary’s CEO about the company’s “infiltration” of the group made the company a prime target.
Troublemakers or Freedom Fighters?
This latest strategic move made by Anonymous, compounded by their previous attacks, sparked the mainstream media to label the group as “troublemakers.” Although the attacks on Amazon and PayPal had little effect on business, the attack on HBGary brought the company to a screeching halt.
While hacking a corporation with malicious intent is certainly illegal and should be investigated by the FBI, it is curious to note that HBGary is a private security firm and has no real legitimate reason to investigate a group of private individuals.
Such an act is equivalent to AlliedBarton Security Services taking it upon themselves to investigate a drug ring. Also, if HBGary did have relevant information pertinent to a FBI investigation, why was this information not immediately handed over to the FBI? Instead, the security firm thought it to be more beneficial to make a public announcement which, more than likely, did more to hinder the FBI’s efforts than help.
This event also casts the firm in a very negative light. The corporation states that they have “an intimate understanding [of cybersecurity]; We know that understanding the attacker and his methods is the only way to defeat him.” However, the company did not understand Anonymous enough to appropriately protect themselves from the anonymous group of hackers.
How Did A Civilian Volunteer Group Beat a Security Firm?
Keep in mind, this group of hackers is a civilian based group. It is a safe bet that they do not have corporate or government resources to help them with their mission. And yet, without much effort the group was able to bring a large corporation on the government payroll to their knees. The only way HBGary was able to get back up and running was to negotiate with the group.
Anonymous, though their tactics are illegal, has brought to light questions that government agencies should really take time to answer.
Questions such as, if HBGary cannot protect themselves from a group of civilian hackers with “volunteer” resources, how can they begin to protect the sensitive material of the US government from organized, militaristic cyber threats; and If HBGary can exercise such poor judgment with the release of that “infiltration” information, then in what other facets of their business are they exercising such poor judgment?Originally published on TopSecretWriters.com