British Police Nab Men Believed Linked to HBGary Breach

The capture of two young men is part of an ongoing investigation into Anonymous and LulzSec.

HBGary Federal was just one of many low-profile security contractors peddling its wares to clients with secrets to protect -- until earlier this year when the U.S. firm drew the attention of hackers.

And now, British police have made some arrests.

Thursday’s capture of two young men believed to have been involved in the theft and online publication of some 60,000 confidential emails from HBGary Federal is part of an ongoing investigation into computer break-ins and distributed denial of service attacks by hacker collectives Anonymous and LulzSec.

The HBGary data breach exposed dirty deeds and the CEO of the company subsidiary that chased government contracts resigned his post in disgrace.

That CEO, Aaron Barr, stirred up Anonymous by bragging how his company had infiltrated the group by using, among other things, fake Facebook profiles. Feeling slighted, Anonymous hacked into his personal accounts and his company's servers, from which they "liberated" thousands of emails.

Some of those emails exposed some embarrassing activity in which the company was involved. For example, an effort to launch a "dirty tricks" campaign to discredit opponents of the U.S. Chamber of Commerce was revealed. That prompted one member of Congress to call for an investigation into the matter.

"We are deeply concerned by evidence that intelligence contractors may have engaged in a criminal conspiracy to target American citizens on behalf of powerful corporate interests," Rep. Hank Johnson (D-Ga.) said in his plea for a probe.

Probably one of the wackiest plans disclosed in the purloined emails was a proposal for the military to infiltrate social networks, like Facebook, with phony cyber personalities with the intent to gather information for arresting dissidents and activists who operate anonymously online.

The men arrested by British authorities are being held. Seized computer equipment is being examined.

HBGary Federal, in Washington, is owned by HBGary, of Sacramento, Calif.

Follow freelance technology writer John P. Mello Jr. and Today@PCWorld on Twitter.

Join the CSO newsletter!

Error: Please check your email address.

Tags online securityhackersapplicationsonline privacysecurityemail bugssoftwaredata protectionFacebook

More about Facebook

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by John P. Mello Jr.

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place