New HBGary Statement Seeks To Clarify Company's Actions

HBGary, the security firm that was attacked by the hacker group Anonymous earlier this year, last week issued a new statement that attempts to clarify some of the reports and comments made about it by Anonymous and the press.

The statement says in part:

"First, HBGary, Inc. and HBGary Federal are two distinct companies with completely different management, employees and missions. As is evident from the released emails, while members of HBGary Inc. served on the Board of Directors for HBGary Federal, the Board was not involved in the day to day activities of the Company but rather only in the overarching financial direction of the business, especially since much of the work of HBGary Federal is classified.

"Second, it is our understanding that Anonymous launched its attack against both HBGary Federal and HBGary, Inc. as retaliation for research conducted solely by HBGary Federal and specifically, Aaron Barr, its former CEO. HBGary, Inc., the COTS software company, was not involved in Mr. Barr's research or his proposals for social networking surveillance. Rather, HBGary Inc. was a victim of circumstance, caught within the storm of a vengeful retribution attack against Mr. Barr for his claim that he had infiltrated the hacking group.

"Third, HBGary Inc. did not develop Stuxnet. We did, however, perform some analysis of Stuxnet as part of efficacy testing to ensure that HBGary Inc.'s Digital DNA product could detect it as malware. Unfortunately, the press has misconstrued a quote taken from Greg Hoglund's email, 'do not discuss Stuxnet' to mean that HBGary Inc had greater involvement in Stuxnet... this email was merely intended to prevent HBGary team members from participating in the [media]discussion."

"Fourth, it is true that HBGary Inc. has and will continue providing COTS software and services to the U.S. Government. We have never sought to hide our relationship with governmental agencies, and we are in fact proud that we have been able to serve the U.S. government.

"Fifth, HBGary does extensive work in exploitation analysis, rootkit analysis and development in order to improve our products. We do this to understand the offensive nature of our foes and to help develop a better security product. It is not to 'attack' foreign countries and we do not know of any instance where our investigation or development of these tools has resulted in deployment."

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.