How Anonymous Cracked the HBGary Security Firm

When the security researcher Aaron Barr and his firm HBGary Federal crowed about having discovered the real identities of (some of) the people behind the loose online group Anonymous, he was probably asking for it. Anonymous is notorious for reprisal attacks on sites they view as hostile to them. But perhaps Barr thought, being a computer security specialist and all, he was safe from what many view as their childish attacks.

Man, was he wrong.

Peter Bright at Ars Technica has a remarkably thorough account of how someone(s) at Anonymous broke into HBGary's files and wreaked havoc. It was simpler than you might think, actually. Anonymous exploited well-known problems in conventional systems to get the information they needed and paired it with good, old social engineering. This is not exactly Hacking 101, but it is like the pick-and-roll of hacking. Everyone knows this is how shenanigans happen, and yet sometimes when it's done well, it's hard to stop.

The key first step was cracking the content management system used at HBGaryFederal.com, a spinoff of HBGary. Bright details the well-known attacks they used and steps you through the process of moving from one piece of information to the next. The piece itself is great as a fairly accessible basic hacking primer.

One takeaway: try not to use the same password for your most important accounts because you never know which of the zillion sites you've given your standard password to (ahem, Gawker) will eventually be compromised.

Alexis C. Madrigal

Alexis Madrigal is a senior editor at The Atlantic, where he oversees the Technology channel. He's the author of Powering the Dream: The History and Promise of Green Technology. More

The New York Observer calls Madrigal "for all intents and purposes, the perfect modern reporter." He co-founded Longshot magazine, a high-speed media experiment that garnered attention from The New York Times, The Wall Street Journal, and the BBC. While at Wired.com, he built Wired Science into one of the most popular blogs in the world. The site was nominated for best magazine blog by the MPA and best science Web site in the 2009 Webby Awards. He also co-founded Haiti ReWired, a groundbreaking community dedicated to the discussion of technology, infrastructure, and the future of Haiti.

He's spoken at Stanford, CalTech, Berkeley, SXSW, E3, and the National Renewable Energy Laboratory, and his writing was anthologized in Best Technology Writing 2010 (Yale University Press).

Madrigal is a visiting scholar at the University of California at Berkeley's Office for the History of Science and Technology. Born in Mexico City, he grew up in the exurbs north of Portland, Oregon, and now lives in Oakland.