Welcome Guest. | Log In | Register | Membership Benefits
  • |   Email this page E-mail
  • |  Print Print
  • |   Bookmark and Share

Anonymous Member Says Palantir Not Off The Hook

Meanwhile, Congressional lawmakers call for probe of HBGary, Berico, Palantir, and law firm Hunton & Williams

Mar 01, 2011 | 07:04 PM | 

By Kelly Jackson Higgins
Dark Reading
Fallout from the Anonymous group's cyberattack on security firm HBGary Federal just keeps on coming: Anonymous is cranking up the pressure on another security vendor whose name came up in the leaked emails from HBGary Federal -- Palantir Technologies.

Meanwhile, the case has grabbed the attention of Capitol Hill. Rep. Hank Johnson, D-Ga., and a dozen other members of Congress have called for a Congressional investigation into alleged activities of law firm Hunton & Williams and HBGary, Berico, and Palantir, citing the contents of leaked emails from HBGary Federal that went public after the security firm was attacked by Anonymous. Johnson and his colleagues say the emails indicate a conspiracy to attack critics of the Chamber of Commerce using "subversive techniques" and "possible illegal actions against citizens engaged in free speech," according to a report in The Washington Post.

It all started last month when Anonymous broke into HBGary Federal's servers, as well as that of CEO Aaron Barr's Twitter account, in apparent retaliation for Barr's investigative research into the group and its leaders. Barr had told The Financial Times that he was able to get the names of some of the leaders of Anonymous, as well as some information on their locations -- in California, the U.K., Germany, The Netherlands, Italy, and Australia, he said. That didn't go over well with Anonymous, which then hacked and dumped the contents of the firm's email messages and other sensitive information online, and commandeered Barr's Twitter account and posted his Social Security number and address.

The HBGary Federal emails posted online by Anonymous indicated plans to attack WikiLeaks and writer Glenn Greenwald, a WikiLeaks supporter, using some apparently questionable methods. The emails suggested that the project was for a proposal that was aimed at Bank of America, via its law firm, Hunton & Williams. Bank of America has denied any knowledge of the proposal.

In the wake of the HBGary email spool being exposed, Palantir, which had not responded to press inquiries as of this posting, severed all ties to HBGary, punctuated by a public statement issued by its co-founder and CEO Alex Karp. "Palantir Technologies provides a software analytic platform for the analysis of data. We do not provide -- nor do we have any plans to develop -- offensive cyber capabilities. Palantir Technologies does not build software that is designed to allow private sector entities to obtain non-public information, engage in so-called "cyber attacks" or take other offensive measures," Karp said.

But that statement didn't satisfy Anonymous. Barrett Brown, a member of Anonymous who has written for Vanity Fair, Skeptic, The Guardian, The Huffington Post, and The Onion, is urging people to keep the pressure on Palantir, which he says must change its ways. Brown published a series of emails between Palantir and others on his blog post for the Daily Kos that he says shows Palantir's involvement in the now infamous "WikiLeaks Threat" proposal presentation.

"I want help to get this information out on Palantir ... and for that congressional hearing," Brown says.

There are no plans for Anonymous to DDoS or hack Palantir, he says. But he didn't rule out the possibility, either, given the loose affiliation and scope of the Anonymous community. "No one controls Anononymous ... people can influence it. Anonymous is going to do what Anonymous is going to do ... we are on the warpath," Brown says.

Brown says he prefers "shock and awe" techniques like cold-calling a CEO and recording the conversation. "That's more effective than DDoSing," says Brown, who recorded a phone conversation with HBGary Federal's former CEO, Aaron Barr. "[But] I'm a big fan of hacking .. [the hackers] did a damn good job on HBGary."

HBGary had not responded to press inquiries as of this posting.

And in case you were wondering, Bank of America's website outage today was not at the hand of Anonymous, Brown says, although he's not sure what caused it exactly: "We have admirers we don't have control of that are part of this movement," he notes. "There were people talking about DDoSing them [Bank of America], but I don't know if it they were Anons or not."

Security researchers, meanwhile, say Anonymous has changed the game. "The bar has been raised" with the targeted attack and breach of HBGary, says Marc Maiffret, founder and CTO at eEye Digital Security, who did some black-hat hacking as a teenager. "They may start to do more of that versus just DDoSing."

Maiffret says Anonymous has a large, global identity that includes political activists and hackers. "Rather than different people, they are gravitating to a central identity," he says.

Have a comment on this story? Please click "Add Your Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message.



Currently we allow the following HTML tags in comments:

Single tags

These tags can be used alone and don't need an ending tag.

<br> Defines a single line break

<hr> Defines a horizontal line

Matching tags

These require an ending tag - e.g. <i>italic text</i>

<a> Defines an anchor

<b> Defines bold text

<big> Defines big text

<blockquote> Defines a long quotation

<caption> Defines a table caption

<cite> Defines a citation

<code> Defines computer code text

<em> Defines emphasized text

<fieldset> Defines a border around elements in a form

<h1> This is heading 1

<h2> This is heading 2

<h3> This is heading 3

<h4> This is heading 4

<h5> This is heading 5

<h6> This is heading 6

<i> Defines italic text

<p> Defines a paragraph

<pre> Defines preformatted text

<q> Defines a short quotation

<samp> Defines sample computer code text

<small> Defines small text

<span> Defines a section in a document

<s> Defines strikethrough text

<strike> Defines strikethrough text

<strong> Defines strong text

<sub> Defines subscripted text

<sup> Defines superscripted text

<u> Defines underlined text

Dark Reading encourages readers to engage in spirited, healthy debate, including taking us to task. However, Dark Reading moderates all comments posted to our site, and reserves the right to modify or remove any content that it determines to be derogatory, offensive, inflammatory, vulgar, irrelevant/off-topic, racist or obvious marketing/SPAM. Dark Reading further reserves the right to disable the profile of any commenter participating in said activities.

Disqus Tips To upload an avatar photo, first complete your Disqus profile. | View the list of supported HTML tags you can use to style comments. | Please read our commenting policy.
Subscribe to RSS



Database Security Reports

report Defend Your Data From Malicious Insiders
The biggest threat to your company?s most sensitive data may be the employee who has legitimate access to corporate databases but less-than-legitimate intentions. And while the incidence of insider data breaches has decreased, external attacks often imitate them--and do serious damage. Follow our advice to mitigate the risk.

report Ensuring Secure Database Access
Role-based access control based on least user privilege is one of the most effective ways to prevent the compromise of corporate data. But proper provisioning is a growing challenging, due to the proliferation of "big data," NoSQLdatabases, and cloud-based data storage.

report Stop SQL Injection: Don't Let Thieves in Through Your Web Apps
Think your corporate website isn't vulnerable to a SQL injection attack? Start rethinking. SQL injection is among the most prevalent -- and most dangerous -- techniques for exploiting Web applications and attacking back-end databases that house critical business information at companies of every size. And it persists despite relatively simple and effective countermeasures. Here, we explain how SQL injection works, and how to secure your Web apps and databases against it.

Other reports from the Database Security Tech Center:

Related Content

Data security and privacy: A holistic approach
This paper examines the complex data security and privacy threat landscape; compliance and regulatory requirements; and, the IBM InfoSphere portfolio of integrated solutions designed to help you stay focused on meeting your organization's business goals, achieving compliance and reducing risk. IBM InfoSphere solutions for data security and privacy support a holistic approach ensuring the protection and integrity of your data.

Ten Database Activities Enterprises Need to Monitor
Enterprises are paying too little attention to security risks associated with their databases. Auditors, security/risk professionals and data owners need to watch for behaviors that may indicate database security problems. Learn the 10 critical database activities & behaviors enterprises should audit now.

The Forrester Wave: Database Auditing And Real-Time Protection
Database auditing has become critical as enterprises deal with regulatory compliance and security requirements. Learn why Forrester Research named IBM InfoSphere Guardium a Leader with #1 scores in all 3 top-level categories: Current Offering, Strategy and Market Presence.

Look Beyond Native Database Auditing to Improve Database Security
This Forrester Consulting study provides real-world findings from in-depth interviews with enterprises that have implemented database auditing and real-time protection solutions to ensure comprehensive auditing, real-time monitoring and protection of critical database and enterprise applications from internal and external attacks.

HOWTO Safeguard Against the Latest Cyber-Threats
2010 saw 27% rise in new vulnerabilities with the largest category being Web Application vulnerabilities. Tom Cross discusses these security events from the "IBM X-Force 10 Trend and Risk Report." Learn more about APTs, virtualization and cloud security threats.