Monday, February 14, 2011

More on the hacker war in the Internet

Here is some more background on the Internet war being battled around WikiLeaks. This is an Internet story with good guys, bad guys and no end of confusion regarding who is which.

Aaron burr of the security firm HBGary Federal has paid a high price for trying to expose the individuals behind Anonymous. so has HBGary Federal. I wrote last Friday about the The secret cyberwar being carried on by government and businesses to destroy Wikileaks. Aaron burr is the individual who named names behind Anonymous. This story shows what he was trying to do. The fact that he listed Glenn Greenwald as one of the Anonymous individuals certainly brings his methods and information into question.
Aaron Barr believed he had penetrated Anonymous. The loose hacker collective had been responsible for everything from anti-Scientology protests to pro-Wikileaks attacks on MasterCard and Visa, and the FBI was now after them. But matching their online identities to real-world names and locations proved daunting. Barr found a way to crack the code.


"At any given time there are probably no more than 20-40 people active, accept during hightened points of activity like Egypt and Tunisia where the numbers swell but mostly by trolls," he wrote in an internal e-mail. (All e-mails in this investigative report are provided verbatim, typos and all.) "Most of the people in the IRC channel are zombies to inflate the numbers."

The show was run by a couple of admins he identified as "Q," "Owen," and "CommanderX"—and Barr had used social media data and subterfuge to map those names to three real people, two in California and one in New York.

Near the end of January, Barr began publicizing his information, though without divulging the names of the Anonymous admins. When the Financial Times picked up the story and ran a piece on it on February 4, it wasn't long before Barr got what he wanted—contacts from the FBI, the Director of National Intelligence, and the US military. The FBI had been after Anonymous for some time, recently kicking in doors while executing 40 search warrants against group members.


When the liberal blog Daily Kos ran a story on Barr's work later that day, some Anonymous users commented on it. Barr sent out an e-mail to colleagues, and he was getting worked up: "They think all I know is their irc names!!!!! I know their real fing names. Karen [HBGary Federal's public relations head] I need u to help moderate me because I am getting angry. I am planning on releasing a few names of folks that were already arrested. This battle between us will help spur publicity anyway."


But within a day, Anonymous had managed to infiltrate HBGary Federal's website and take it down, replacing it with a pro-Anonymous message ("now the Anonymous hand is bitch-slapping you in the face.") Anonymous got into HBGary Federal's e-mail server, for which Barr was the admin, and compromised it, extracting over 40,000 e-mails and putting them up on The Pirate Bay, all after watching his communications for 30 hours, undetected. In an after-action IRC chat, Anonymous members bragged about how they had gone even further, deleting 1TB of HBGary backup data.

They even claimed to have wiped Barr's iPad remotely.


Were Barr's vaunted names even correct? Anonymous insisted repeatedly that they were not. As one admin put it in the IRC chat with Leavy, "Did you also know that aaron was peddling fake/wrong/false information leading to the potential arrest of innocent people?" The group then made that information public, claiming that it was all ridiculous.

Thanks to the leaked e-mails, we now have the full story of how Barr infiltrated Anonymous, used social media to compile his lists, and even resorted to attacks on the codebase of the Low Orbit Ion Cannon—and how others at his own company warned him about the pitfalls of his research.
This is a very modern story and it looks like it is not over yet.

No comments: