Anonymous Member Says Palantir Not Off The Hook

Meanwhile, Congressional lawmakers call for probe of HBGary, Berico, Palantir, and law firm Hunton & Williams

Fallout from the Anonymous group's cyberattack on security firm HBGary Federal just keeps on coming: Anonymous is cranking up the pressure on another security vendor whose name came up in the leaked emails from HBGary Federal -- Palantir Technologies.

Meanwhile, the case has grabbed the attention of Capitol Hill. Rep. Hank Johnson, D-Ga., and a dozen other members of Congress have called for a Congressional investigation into alleged activities of law firm Hunton & Williams and HBGary, Berico, and Palantir, citing the contents of leaked emails from HBGary Federal that went public after the security firm was attacked by Anonymous. Johnson and his colleagues say the emails indicate a conspiracy to attack critics of the Chamber of Commerce using "subversive techniques" and "possible illegal actions against citizens engaged in free speech," according to a report in The Washington Post.

It all started last month when Anonymous broke into HBGary Federal's servers, as well as that of CEO Aaron Barr's Twitter account, in apparent retaliation for Barr's investigative research into the group and its leaders. Barr had told The Financial Times that he was able to get the names of some of the leaders of Anonymous, as well as some information on their locations -- in California, the U.K., Germany, The Netherlands, Italy, and Australia, he said. That didn't go over well with Anonymous, which then hacked and dumped the contents of the firm's email messages and other sensitive information online, and commandeered Barr's Twitter account and posted his Social Security number and address.

The HBGary Federal emails posted online by Anonymous indicated plans to attack WikiLeaks and writer Glenn Greenwald, a WikiLeaks supporter, using some apparently questionable methods. The emails suggested that the project was for a proposal that was aimed at Bank of America, via its law firm, Hunton & Williams. Bank of America has denied any knowledge of the proposal.

In the wake of the HBGary email spool being exposed, Palantir, which had not responded to press inquiries as of this posting, severed all ties to HBGary, punctuated by a public statement issued by its co-founder and CEO Alex Karp. "Palantir Technologies provides a software analytic platform for the analysis of data. We do not provide -- nor do we have any plans to develop -- offensive cyber capabilities. Palantir Technologies does not build software that is designed to allow private sector entities to obtain non-public information, engage in so-called "cyber attacks" or take other offensive measures," Karp said.

But that statement didn't satisfy Anonymous. Barrett Brown, a member of Anonymous who has written for Vanity Fair, Skeptic, The Guardian, The Huffington Post, and The Onion, is urging people to keep the pressure on Palantir, which he says must change its ways. Brown published a series of emails between Palantir and others on his blog post for the Daily Kos that he says shows Palantir's involvement in the now infamous "WikiLeaks Threat" proposal presentation.

"I want help to get this information out on Palantir ... and for that congressional hearing," Brown says.

There are no plans for Anonymous to DDoS or hack Palantir, he says. But he didn't rule out the possibility, either, given the loose affiliation and scope of the Anonymous community. "No one controls Anononymous ... people can influence it. Anonymous is going to do what Anonymous is going to do ... we are on the warpath," Brown says.

Brown says he prefers "shock and awe" techniques like cold-calling a CEO and recording the conversation. "That's more effective than DDoSing," says Brown, who recorded a phone conversation with HBGary Federal's former CEO, Aaron Barr. "[But] I'm a big fan of hacking .. [the hackers] did a damn good job on HBGary."

HBGary had not responded to press inquiries as of this posting.

And in case you were wondering, Bank of America's website outage today was not at the hand of Anonymous, Brown says, although he's not sure what caused it exactly: "We have admirers we don't have control of that are part of this movement," he notes. "There were people talking about DDoSing them [Bank of America], but I don't know if it they were Anons or not."

Security researchers, meanwhile, say Anonymous has changed the game. "The bar has been raised" with the targeted attack and breach of HBGary, says Marc Maiffret, founder and CTO at eEye Digital Security, who did some black-hat hacking as a teenager. "They may start to do more of that versus just DDoSing."

Maiffret says Anonymous has a large, global identity that includes political activists and hackers. "Rather than different people, they are gravitating to a central identity," he says.

Have a comment on this story? Please click "Add Your Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message.

About the Author(s)

Kelly Jackson Higgins, Editor-in-Chief, Dark Reading

Kelly Jackson Higgins is the Editor-in-Chief of Dark Reading. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise Magazine, Virginia Business magazine, and other major media properties. Jackson Higgins was recently selected as one of the Top 10 Cybersecurity Journalists in the US, and named as one of Folio's 2019 Top Women in Media. She began her career as a sports writer in the Washington, DC metropolitan area, and earned her BA at William & Mary. Follow her on Twitter @kjhiggins.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights