‘Hacktivists’ retaliate against security expert
By Joseph Menn in San Francisco
February 7 2011 22:53
--ft.com--The cyber-activist group Anonymous reacted quickly over the weekend to infiltration by a US security analyst, hacking into his personal online accounts and computers and distributing thousands of e-mails and other documents.

The attack embarrassed researcher Aaron Barr, head of HBGary Federal, a contractor for US intelligence and other government agencies, while demonstrating that Anonymous has considerable technical abilities.

Members of Anonymous – that last year marshalled attacks which crashed the websites of MasterCard, PayPal and other businesses that had broken ties with whistle-blowing site WikiLeaks – said they hacked into the company to read the documentation behind Mr Barr’s claim, first reported in the Financial Times, that he could identify most of the group’s top leaders.

In statements posted to the web, the activists ridiculed his methods and conclusions, maintained that they are part of a broad movement without established leaders, and claimed that, in spite of his comments to the contrary, Mr Barr had hoped to sell his findings to the Federal Bureau of Investigations.

Mr Barr denied the allegation on Monday, saying that Anonymous misinterpreted a pitch to sell the agency software tools. He said he had received death threats but that his customers were being supportive.

Other security experts said they were alarmed by the hacking attack on HBGary Federal and a part-owner, HB Gary Inc., which employed a combination of tactics, including tricking an administrator into sending a new password.

The incident “makes me want to change all my PWs [passwords] and re-evaluate my processes”, Jeremiah Grossman, founder of WhiteHat Security, wrote on Twitter. “Do not poke the bear.”

Penny Leavy, HB Gary Inc. president, said the data disclosure would cost the two companies millions of dollars and that it would work with the authorities to catch those responsible.

“They have committed a crime against our company and, unfortunately, we are legally bound,” she said. “I wish it had been handled differently.”

Mr Barr again said on Monday that he did not intend to publish the names of Anonymous leaders, adding that his research, to be presented later this month at a security conference in San Francisco, was part of a study on how social networking sites make it easier for hackers to penetrate secretive organisations.

In the Anonymous case, he matched Facebook log-in times with the times when group members signed in to Anonymous’s internet relay chat groups. At a nuclear plant and a US military outfit, he used LinkedIn, Classmates and Facebook to assume identities and build trust before inducing targets to click on internet links that could have infected their machines with spy software.

Anonymous has been under pressure from a co-ordinated international law enforcement effort that has included five arrests in the UK and 40 court-authorised searches in the US. But it continues to organise what it sees as legitimate protests, including attacks on Egyptian government websites, and has now signalled that it is more than willing to take the fight elsewhere.