HOME

TheInfoList



OR:

HBGary is a subsidiary company of ManTech International, focused on technology security. In the past, two distinct but affiliated firms had carried the HBGary name: ''HBGary Federal'', which sold its products to the
US Government The Federal Government of the United States of America (U.S. federal government or U.S. government) is the national government of the United States. The U.S. federal government is composed of three distinct branches: legislative, execut ...
, and ''HBGary, Inc.'' Its other clients included
information assurance Information assurance (IA) is the practice of assuring information and managing risks related to the use, processing, storage, and data transmission, transmission of information. Information assurance includes protection of the data integrity, inte ...
companies, computer emergency response teams, and computer forensic investigators. On 29 February 2012, HBGary, Inc. announced it had been acquired by IT services firm ManTech International. At the same time, HBGary Federal was reported to be closed.


History

The company was founded by Greg Hoglund in 2003. In 2008, it joined the
McAfee McAfee Corp. ( ), formerly known as McAfee Associates, Inc. from 1987 to 1997 and 2004 to 2014, Network Associates Inc. from 1997 to 2004, and Intel Security Group from 2014 to 2017, is an American proprietary software company focused on online ...
Security Innovation Alliance. The CEO made presentations at the
Black Hat Briefings Black Hat Briefings (commonly referred to as Black Hat) is a computer security conference that provides security consulting, training, and briefings to hackers, corporations, and government agencies around the world. Black Hat brings together ...
, the
RSA Conference The RSA Conference is a series of IT security conferences. Approximately 45,000 people attend one of the conferences each year. It was founded in 1991 as a small cryptography conference. RSA conferences take place in the United States, Europe, Asia ...
, and other
computer security conference A computer security conference is a convention for individuals involved in computer security. They generally serve as meeting places for system and network administrators, hackers, and computer security experts. Common activities at hacker conven ...
s. HBGary also analyzed the GhostNet and
Operation Aurora Operation Aurora was a series of cyber attacks performed by advanced persistent threats such as the Elderwood Group based in Beijing, China, with associations with the People's Liberation Army. First disclosed publicly by Google (one of the vic ...
events. HBGary Federal had been set up with Aaron Barr as CEO instead of Hoglund to provide services and tools to the US government, which might require security clearance. As HBGary Federal could not meet revenue projections, in early 2011 negotiations about the sale of HBGary Federal were in progress with two interested companies. HBGary was acquired by ManTech International in February 2012.


WikiLeaks, Bank of America, Hunton & Williams, and Anonymous

In 2010, Aaron Barr, CEO of HBGary Federal, alleged that he could exploit
social media Social media are interactive technologies that facilitate the Content creation, creation, information exchange, sharing and news aggregator, aggregation of Content (media), content (such as ideas, interests, and other forms of expression) amongs ...
to gather information about
hacker A hacker is a person skilled in information technology who achieves goals and solves problems by non-standard means. The term has become associated in popular culture with a security hackersomeone with knowledge of bug (computing), bugs or exp ...
s. In early 2011, Barr claimed to have used his techniques to infiltrate
Anonymous Anonymous may refer to: * Anonymity, the state of an individual's identity, or personally identifiable information, being publicly unknown ** Anonymous work, a work of art or literature that has an unnamed or unknown creator or author * Anonym ...
, partly by using
IRC IRC (Internet Relay Chat) is a text-based chat system for instant messaging. IRC is designed for group communication in discussion forums, called '' channels'', but also allows one-on-one communication via private messages as well as chat ...
,
Facebook Facebook is a social media and social networking service owned by the American technology conglomerate Meta Platforms, Meta. Created in 2004 by Mark Zuckerberg with four other Harvard College students and roommates, Eduardo Saverin, Andre ...
,
Twitter Twitter, officially known as X since 2023, is an American microblogging and social networking service. It is one of the world's largest social media platforms and one of the most-visited websites. Users can share short text messages, image ...
, and by social engineering. His e-mails depict his intention to release information on the identities of Anonymous members at the B-Sides conference and to sell it to possible clients, including the FBI. In the e-mails, Barr explained that he identified his list of suspected Anonymous "members" by tracing connections through social media, while his main programmer criticized this methodology. In a
communiqué A press release (also known as a media release) is an official statement delivered to members of the news media for the purpose of providing new information, creating an official statement, or making an announcement directed for public releas ...
, Anonymous denied association with the individuals that Barr named. On 5–6 February 2011, Anonymous compromised the HBGary website, copied tens of thousands of documents from both HBGary Federal and HBGary, Inc., posted tens of thousands of both companies' emails online, and usurped Barr's Twitter account in apparent revenge. Anonymous also claimed to have wiped Barr's
iPad The iPad is a brand of tablet computers developed and marketed by Apple Inc., Apple that run the company's mobile operating systems iOS and later iPadOS. The IPad (1st generation), first-generation iPad was introduced on January 27, 2010. ...
remotely. The Anonymous group responsible for these attacks became part of
LulzSec LulzSec (a contraction for Lulz Security) is a Grey hat, grey hat computer hacking group that claimed responsibility for several high profile attacks, including the 2011 PlayStation Network outage, compromise of user accounts from PlayStation N ...
.


Content of the emails

Some of the documents taken by Anonymous show HBGary Federal was working on behalf of
Bank of America The Bank of America Corporation (Bank of America) (often abbreviated BofA or BoA) is an American multinational investment banking, investment bank and financial services holding company headquartered at the Bank of America Corporate Center in ...
to respond to WikiLeaks' planned release of the bank's internal documents. "Potential proactive tactics against WikiLeaks include feeding the fuel between the feuding groups, disinformation, creating messages around actions to sabotage or discredit the opposing organization, and submitting fake documents to WikiLeaks and then calling out the error." As a means of undermining Wikileaks, Aaron Barr suggested faking documents to damage Wikileaks' reputation and conducting "cyber attacks against the infrastructure to get data on document submitters. This would kill the project". He also suggested pressuring journalist
Glenn Greenwald Glenn Edward Greenwald (born March 6, 1967) is an American journalist, author, and former lawyer. In 1996, Greenwald founded a law firm concentrating on First Amendment to the United States Constitution, First Amendment litigation. He began blo ...
and other supporters of
Wikileaks WikiLeaks () is a non-profit media organisation and publisher of leaked documents. It is funded by donations and media partnerships. It has published classified documents and other media provided by anonymous sources. It was founded in 2006 by ...
, who, Barr suggested, would choose to abandon support for Wikileaks in order to preserve their careers. In the emails, two employees of HBGary referenced a blog post that endorsed manipulating translation software in order to 'mitigate' damaging content within information leaks. Emails indicate
Palantir Technologies Palantir Technologies Inc. is an American publicly traded company that specializes in software platforms for big data analytics. Headquartered in Denver, Colorado, it was founded by Peter Thiel, Stephen Cohen, Joe Lonsdale, and Alex Karp in 2 ...
, Berico Technologies, and the law firm Hunton & Williams, which was acting for
Bank of America The Bank of America Corporation (Bank of America) (often abbreviated BofA or BoA) is an American multinational investment banking, investment bank and financial services holding company headquartered at the Bank of America Corporate Center in ...
at the recommendation of the
US Justice Department The United States Department of Justice (DOJ), also known as the Justice Department, is a federal executive department of the U.S. government that oversees the domestic enforcement of federal laws and the administration of justice. It is equi ...
, all cooperated on the project. Other e-mails appear to show the U.S. Chamber of Commerce contracted the firms to spy on and discredit unions and liberal groups.


Fallout

The conflict with Anonymous caused substantial public relations damage. As a result, the involved organizations took steps to distance themselves from HBGary and HBGary Federal: * 7 February 2011: Penny Leavy, President of HBGary Inc., entered an Anonymous IRC channel to negotiate with the group. She distanced her company from their partially owned subsidiary HBGary Federal, clarified the separation of the two, and asked
Anonymous Anonymous may refer to: * Anonymity, the state of an individual's identity, or personally identifiable information, being publicly unknown ** Anonymous work, a work of art or literature that has an unnamed or unknown creator or author * Anonym ...
to refrain from attacks or leaks that would damage HBGary Inc. and its customers. * 10 February 2011: The Chamber of Commerce issued a statement denying they hired HBGary, calling the allegation a "baseless smear," and criticizing the
Center for American Progress The Center for American Progress (CAP) is a public policy think tank, research and advocacy organization which presents a Modern liberalism in the United States, liberal viewpoint on Economic policy, economic and social issues. CAP is headquarter ...
and its blog,
ThinkProgress ''ThinkProgress'' was an American Progressivism in the United States, progressive news website that was active from 2005 to 2019. It was a project of the Center for American Progress#Center for American Progress Action Fund, Center for America ...
, for "the illusion of a connection between HBGary, its CEO Aaron Barr and the Chamber." The Chamber denied the truth of accusations previously leveled by ThinkProgress, stating "No money, for any purpose, was paid to any of those three private security firms by the Chamber, or by anyone on behalf of the Chamber, including Hunton and Williams." * 11 February 2011: Palantir's CEO apologized to
Glenn Greenwald Glenn Edward Greenwald (born March 6, 1967) is an American journalist, author, and former lawyer. In 1996, Greenwald founded a law firm concentrating on First Amendment to the United States Constitution, First Amendment litigation. He began blo ...
and severed "any and all contacts" with HBGary. * The CEO and COO of Berico similarly stated that they had "discontinued all ties" with HBGary Federal. * 28 February 2011: Aaron Barr announced his resignation from HBGary Federal to "focus on taking care of my family and rebuilding my reputation." * 1 March 2011: 17 members of the
United States Congress The United States Congress is the legislature, legislative branch of the federal government of the United States. It is a Bicameralism, bicameral legislature, including a Lower house, lower body, the United States House of Representatives, ...
called for a congressional investigation for possible violation of federal law by Hunton & Williams and "Team Themis" (the partnership between Palantir Technologies, Berico Technologies, and HBGary Federal). * 16 March 2011: The House Armed Services Subcommittee on Emerging Threats and Capabilities asked the Defense Department and the National Security Agency to provide any contracts with HBGary Federal, Palantir Technologies and Berico Technologies for investigation.


Astroturfing

It has been reported that HBGary Federal was contracted by the US government to develop
astroturfing Astroturfing is the deceptive practice of hiding the Sponsor (commercial), sponsors of an orchestrated message or organization (e.g., political, economic, advertising, religious, or public relations) to make it appear as though it originates from ...
software which could create an "army" of multiple fake social media profiles.


Malware development

HBGary had made numerous threats of cyber-attacks against WikiLeaks. The hacked emails revealed HBGary Inc. was working on the development of a new type of
Windows Windows is a Product lining, product line of Proprietary software, proprietary graphical user interface, graphical operating systems developed and marketed by Microsoft. It is grouped into families and subfamilies that cater to particular sec ...
rootkit A rootkit is a collection of computer software, typically malicious, designed to enable access to a computer or an area of its software that is not otherwise allowed (for example, to an unauthorized user) and often masks its existence or the exist ...
, code-named ''Magenta'', that would be "undetectable" and "almost impossible to remove." In October 2010, Greg Hoglund proposed to Barr creating "a large set of unlicensed
Windows 7 Windows 7 is a major release of the Windows NT operating system developed by Microsoft. It was Software release life cycle#Release to manufacturing (RTM), released to manufacturing on July 22, 2009, and became generally available on October 22, ...
themes for video games and movies appropriate for the Middle East & Asia" which "would contain back doors" as part of an ongoing campaign to attack support for WikiLeaks.


Acquisition by ManTech International

On 29 February 2012, ManTech International announced its purchase of HBGary, Inc. Financial terms of the acquisition were not disclosed other than to say it was an "asset purchase", which excludes legal and financial liabilities.


References


External links


video of using HBGary's Flypaper product

Prime Award Spending Data for HBGary
www.usaspending.gov
Black ops: how HBGary wrote backdoors for the government
(by Nate Anderson, ars technica)

{{Hacking in the 2010s Companies based in Sacramento, California Computer security companies Security consulting firms