Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

HBGary's Hoglund sheds light on Anonymous

Robert Lemos, CSO | March 22, 2011
On Super Bowl weekend, HBGary CTO Greg Hoglund found himself locked out of his own email account. The fallout of the leaked messages from his account and that of HBGary Federal's CEO Aaron Barr has been widely reported. Yet, not from the point of view of the victims. In Part 1 of this interview with CSO correspondent Robert Lemos, Hoglund talked about how the hack happened and the lessons for chief security officers. In Part 2, he describes his research on Anonymous and why the group is making the insider threat problem more dire.

They are singling out individuals within the defense establishment. We are talking about stuff where they are targeting people who are part of the Department of Defense or the intelligence community. Literally, they are putting all their personal information into planning documents -- they are targeting these people. They are going after people's family and children. They actually have all the family members listed. And they call them up on the phone. They harass them. There have been cases where death threats have been left. It's just ridiculous, and it's completely unacceptable. I had no idea about any of this before I was attacked.

For companies, you see the danger of Anonymous not in hactivism but in corporate espionage? As an insider threat?The biggest threat to your intellectual property is your front door. Anonymous is one platform for leaking information. Anonymous is one group. There is Anonleaks. There is Wikileaks. There is CrowdLeaks.

There is a trend to recruit insider threats. And that is something that CISOs need to be aware of. There is a platform by which someone can be an insider threat, and supply information supposedly in an anonymous fashion. Even though insider threats are always there as a potential problem, they are actually exacerbating the problem. There may be more insider threats now because of this.

While Wikileaks isn't journalism, it does do a function of journalism well -- keeping sources anonymous. Is that not valuable?There is a difference between someone willing giving information to Wikileaks, and a cyber thuggery group criminally hacking into computers and stealing that data. That's two totally separate things.

Let's be clear here, Anonymous is not protecting Wikileaks. Anonymous is a group that hacks criminally into systems, and we are talking about probably over five corporations that I know of right now in the United States that are being actively targeted by them. When they get access, they are going to steal the data off those system, e-mail, files off the file system, they are going to do everything they can, and then they are going to leak it and manipulate it and create stories about it. Basically, that is their platform.

That is something every single CISO should be scared of. They should definitely be aware of it and mitigating it.



Previous Page  1  2 

Sign up for Computerworld eNewsletters.