HBGary Federal CEO Aaron Barr Resigns

Tuesday, March 01, 2011



HBGary Federal CEO Aaron Barr has chosen to resign from the company in the wake of an devastating breach and the subsequent criticism regarding some of the company's business practices.

HBGary Federal was recently the target of a hacking operation conducted by the rogue movement Anonymous which resulted in the unauthorized access of the company's network, followed by the release of tens-of-thousands of emails.

Anonymous used a combination of SQL injections and social engineering to gain access to gain access to the HBGary systems. Analysis of the breach points to poor security measures and the use of weak passwords for the unauthorized access.

The attack was precipitated by statements from HBGary Federal's Aaron Barr, who claimed to have infiltrated the Anonymous network in an effort to uncover the identities of those in leadership rolls.

“I need to focus on taking care of my family and rebuilding my reputation. It’s been a challenge to do that and run a company. And, given that I’ve been the focus of much of bad press, I hope that, by leaving, HBGary and HBGary Federal can get away from some of that. I’m confident they’ll be able to weather this storm," Barr said in an interview with ThreatPost.

Revelations about HBGary Federal's business practices have proved embarrassing to say the least, as details of several covert operations released post-breach have been the subject of a great deal of criticism.

HBGary Federal was involved in developing WikiLeaks counter-operations strategies for Bank of America that included disinformation campaigns, cyber attacks against network systems, and manipulating journalist Glenn Greenwald.

Other information released in the breach show the company was engaged in developing strategies to infiltrate the activist group Chamber Watch, and in plans to use social media for distributing government propaganda.

There is also evidence that HBGary Federal was involved in creating an undetectable, full command and control cyber offensive weapon called "Magenta":

"Magenta would be a new breed of windows based rootkit, which HBGary refers to as a multi-context rootkit... The magenta rootkit body is injected into kernel memory via the DriverEntry partial-load technique. Once loaded into kernel memory, Magenta would automatically identify an active process/thread context to inject itself into via an APC... " wrote Infosec Island's J. Oquendo.

"To offer a parallel explanation in non-computing terms, imagine that the scientists who study viruses such as Anthrax, Ebola and other deadly viruses decided to release one of these viruses as a bioweapon," Oquendo continued.

Debate has since ensued about whether private security companies should be actively developing strategies that include potentially illegal acts, engaging in disinformation and propaganda campaigns on behalf of the government, and developing powerful cyber offensive weapons.

Barr's resignation may turn down the heat a bit for HBGary Federal, but the company's name will continue to pop up is discussions about professional ethics and the nature of public/private partnerships in the information security sector for years to come.

Possibly Related Articles:
Government Headlines Anonymous Bank of America breach HBGary Federal Aaron Barr Magenta
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.