How Aaron Barr Infiltrated Anonymous, and Why He Decided to Do It
Based on e-mails he sent before beginning his mission, it's clear that Barr's motives, from the very beginning, were profit-driven. A social media fanatic, Barr firmly believed that he could use data from sites like Facebook and LinkedIn to identify any hacker in the world, including members of Anonymous. "Hackers may not list the data, but hackers are people too so they associate with friends and family," Barr wrote in an e-mail to a colleague at HBGary Federal. "Those friends and family can provide key indicators on the hacker without them releasing it...." He even wanted to give a talk at this year's Bside security conference, titled "Who Needs NSA when we have Social Media?" But, long-term security implications aside, Barr knew exactly what he would do once he obtained data on Anonymous' members. "I will sell it," he wrote.
Using several aliases, Barr began regularly dropping in on Anonymous' instant relay chat (IRC) forums, and, after setting up fake Facebook and Twitter accounts, attempted to unearth the members' true identities via social media. Putting real names to screennames, however, wasn't easy. Barr's techniques included matching timecodes; when someone shared something in the Anonymous IRC, he would check a suspected Twitter handle for any follow-up activity in the next few seconds. More matches lessened the likelihood of coincidence. By the time he concluded his research, he believed he had successfully identified 80 to 90-percent of Anonymous' leaders -- all thanks to information that was publicly available.
Some of his colleagues at HBGary, however, soon became uneasy with the direction that Barr was taking his investigation. In exchanges with his coder, he insisted that he was not aiming to get anyone arrested, but simply wanted to prove the efficacy of his statistical analysis. In an e-mail to another colleague, though, the coder complained that Barr made many of his claims based not on statistics, but on his "best gut feeling." Others, meanwhile, feared retribution from Anonymous, and with good reason.
Though Barr insisted that he wouldn't reveal the names of Anonymous' leaders at a meeting with the FBI, the group didn't take any chances, and launched a devastating counter-offensive against both Barr and his company. Barr's e-mails were leaked, his Twitter account hijacked, and his iPad, apparently, wiped clean. HBGary, meanwhile, suffered a DDoS attack that crippled its site.
The attack on the company was so bad that at one point, HBGary President Penny Leavy dove into Anonymous' IRC, in an attempt to reason with them. The members asked her why Barr was meeting with the FBI. She insisted he just wanted their business, and had no interest in toppling Anonymous. She, in turn, asked what they demanded. "Simple: fire Aaron, have him admit defeat in a public statement," a member responded. "We won't bother you further after this, but what we've done can't be taken back. Realize that, and for the company's sake, dispose of Aaron." The group later hacked an e-mail account belonging to Leavy's husband, and is threatening to post it online.
Anderson concludes his piece by examining what the saga says about Anonymous, whose members he describes as "young, technically sophisticated, brash, and crassly juvenile." After what happened to HBGary and Barr, he writes, it's become difficult to write off Anonymous' attacks "as the harmless result of a few mask-wearing buffoons."
But perhaps the most intriguing character in this drama is Barr, himself. His e-mails shed some light on the inner workings of a company man who seems philosophically divided. Like Anonymous, he once supported WikiLeaks, until the organization began leaking diplomatic cables, last fall. The document dump led Barr to conclude that "they [WikiLeaks] are a menace," and fueled his antipathy toward Anonymous, which he saw as a group driven not by principle, but by power.
In another message, he declared that corporations "suck the lifeblood out of humanity," but acknowledged that they serve a purpose, and affirmed his belief that some secrets are better left unexposed. "Its [sic] all about power," Barr wrote. "The Wikileaks and Anonymous guys think they are doing the people justice by without much investigation or education exposing information or targeting organizations? BS. Its about trying to take power from others and give it to themeselves [sic]. I follow one law. Mine."