Motley Moose – Archive

Since 2008 – Progress Through Politics

Hunton & Williams, HBGary, and Stuxnet, Too!

Photo: http://en.wikipedia.org/wiki/F…



The internet group Anonymous has hacked into computer systems operated by a security firm called HBGary, has obtained several tens of thousands of HBGary e-mail messages, and has released them.

http://preview.tinyurl.com/5t3…

Some of the purloined email messages indicate that HBGary was scheming with lawyers at the D.C. firm, Hunton and Williams, to mount PR campaigns to attack the enemies of H&W clients.

The release of these email messages raises legal and ethical questions for the parties involved.

The New York Times has an article about this matter this morning: http://www.nytimes.com/2011/02…

See also this diary at Daily Kos:

http://preview.tinyurl.com/4ak…

There is also a Stuxnet angle to this story.

The clients include the Bank of America, which is concerned about BoA materials reportedly in the possession of Wikileaks, and the U.S. Chamber of Commerce.

The proposed targets included Glenn Greenwald, a lawyer who writes for Salon.com, http://preview.tinyurl.com/yho… the Service Employees International Union (SEIU), and Wikileaks.

Planned activities included leaking inaccurate information, and then, after the person or entity to whom the false information had been leaked had gone public with it, attacking the messenger based on the inaccuracy of the information revealed.  Planned activities also included compiling publicly available information, e.g., from social-networking sites, and drawing conclusions about connections between various groups or individuals or both.

http://preview.tinyurl.com/4jb…

At least part of the planned campaign would have involved hacking into computer systems to find information about the targets of the campaign that might be used against them.

http://preview.tinyurl.com/66r…

It appears that none of these activities had yet taken place and that Hunton and Williams had not paid for any such activities to be undertaken.  The cyber firms that would participate in the effort would contribute to proposals on a speculative basis. Apparently, there were to be meetings with H&W clients where the proposals would be placed before the clients for approval, and then the paid work would begin.

Some of the planned activities might be considered tortious… not criminal, but creating civil liability to at least some of the targets of the planned attacks.  Some of the planned activities — hacking into computers — sound like they would be criminal.

If the facts are as reported, several questions arise,including:

— Is there potential criminal liability here, e.g., conspiracy, importuning?

— Are there potential ethical problems here for the lawyers involved, e.g., trying to get a client to authorize tortious, if not criminal, activity?

— In any legal or ethical proceeding, are the purloined emails candidates for suppression, due to their stolen nature?  It’s pretty clear that if government agents obtain evidence illegally, the evidence is generally tainted, but offhand, I do not know if the material would be tainted if a third party obtains the material illegally, and then passes it on to the government, unsolicited.

For those interested in Stuxnet, the topic arose in some of the purloined emails.  From one of the emails, it appears that HBGary has samples of Stuxnet.  Yet in a reply, Greg Hoglund, the CEO of HBGary, takes a very Sergeant-Schultz-like posture: We know nothing!

From: Greg Hoglund

To: Aaron Barr

Date: Fri, 6 Aug 2010 11:56:56 -0700

Subject: Re: Stuxnet

delivered-to: greg@hbgary.com

subject: Re: Stuxnet

from: Greg Hoglund

to: Aaron Barr

On Fri, Aug 6, 2010 at 7:19 AM, Aaron Barr wrote:

> Greg,

>

> Can I get the Stuxnet samples you and Phil have? There are some interesting things happening and I have been asked if I could provide samples to a certain government organization (not one of the ones you might think – an oversight group).

>

> Aaron

=============

From: Greg Hoglund

To: all@hbgary.com

Date: Sun, 26 Sep 2010 20:26:02 -0700

Subject: stuxnet

received: by 10.229.91.83 with HTTP; Sun, 26 Sep 2010 20:26:02 -0700 (PDT)

date: Sun, 26 Sep 2010 20:26:02 -0700

delivered-to: greg@hbgary.com

subject: stuxnet

from: Greg Hoglund

to: all@hbgary.com

All,

HBGary has no official position on Stuxnet. Please do not comment to the press on Stuxnet. We know nothing about Stuxnet.

Greg Hoglund

CEO, HBGary, Inc.

Emails quoted in http://www.dailykos.com/commen…

At least two of the security firms whose names pop up in connection with this matter have repudiated the concepts, and the Bank of America has denied any knowledge.  Hunton and Williams has not made any statements.


Categories: Uncategorized.

/ 45 Comments

45 comments

  2. HappyinVT

    HBGary has no official position on Stuxnet. Please do not comment to the press on Stuxnet. We know nothing about Stuxnet.

    Sounds like, “We know nothing.”  **wink, wink** “But if we did we couldn’t say anything, so shut up.”

  3. HappyinVT

    since, correct me if I’m wrong, hacking is illegal and they exposed the possible plans for illegal activity which hadn’t happened yet.

  10. Rashaverak

    I get the feeling that it is not coming back on-line.

    http://www.hbgaryfederal.com/

    http://www.hbgaryfederal.com is offline

    http://www.hbgaryfederal.com is currently offline. Please try again later.

    I get the feeling that it is not coming back on-line.  And in other news, …

    http://www.hbgary.com/statemen

    HBGary Statement regarding RSA Conference 2011

    A group of aggressive hackers known as “Anonymous” illegally broke into computer systems and stole proprietary and confidential information from HBGary, Inc. This breach was in violation of federal and state laws, and stolen information was publicly released without our consent.

    In addition to the data theft, HBGary individuals have received numerous threats of violence including threats at our tradeshow booth.

    In an effort to protect our employees, customers and the RSA Conference community, HBGary has decided to remove our booth and cancel all talks.

    HBGary is continuing to work intensely with law enforcement on this matter and hopes to bring those responsible to justice.

    Thank you to all of our employees, our customers and the security community for your continued support.

    HBGary, Inc.

  11. Rashaverak

    “They still don’t get it. They think all I know is their irc names!!!!! I know their real fing names.” he brags to a colleague. “My plan is to post on the HBGary Fed and HBGary website, Daily Kos, tweet, and post on the anonymous FB page.” He goes on to reiterate “No they are not freaked out. They don’t get it…Greg will tell you. They think I have nothing but a heirarchy based on IRC aliases!”

    http://crowdleaks.org/anonymou

    Note that there was no mention of the Moose.

    Perhaps Mr. Barr will set up a group or two over at DK4 dealing with Anonymous, Wikileaks, Hacking, the role of Social Media in Social Progress, etc.

Comments are closed.