Legal Threat Pushes Former HBGary Federal CEO Out Of DEFCON

Former HBGary Federal CEO Aaron Barr says he will withdraw from a planned appearance at the DEFCON conference in the face of threatened legal action over his plans to take part in a panel discussion there.

Former HBGary Federal CEO Aaron Barr says he will withdraw from a planned appearance at the DEFCON conference in the face of threatened legal action over his plans to take part in a panel discussion there.

Barr notified DEFCON organizers on Wednesday that he was withdrawing from the Aug. 6 panel discussion after attorneys representing HBGary Federal threatened to file an injunction against him if he did not withdraw from the panel immediately. The incident is just the latest in a series of conflicts between Barr and HBGary Federal following attacks by the anarchic hacking group Anonymous on February 5.

The annual Black Hat and DEFCON conferences are no strangers to legal controversy and the brouhaha over Barr’s appearance suggests that this year will be no exception. Barr had been scheduled to participate in a Panel titled ”Whoever Fights Monsters…’ Aaron Barr, Anonymous and Ourselves.” [Disclosure: Threatpost editor Paul Roberts will moderate the panel.]

Barr and his former employer were both targets of Anonymous, which hacked the company’s e-mail server and Barr’s private accounts and spilled tens of thousands of documents and confidential company correspondence online. The group was angered after reading an interview Barr gave with the Financial Times regarding his plans to give a presentation at the Security B-Sides conference in San Francisco earlier this year that promised to divulge the identities of Anonymous’s leadership.

HBGary Federal has since insisted that none of its proprietary source code or customer data was touched in the breach. However, the content of the e-mail messages leaked by Anonymous generated a whole new controversy, revealing proposed business dealings between HBGary Federal, data analytics firm Palantir and a law firm representing the U.S. Chamber of Commerce. The company and its executives subsequently withdrew from planned appearances at the RSA Conference. Barr resigned from his post as CEO weeks after the hack.

The planned DEFCON panel promised what was described as a “gritty and frank” discussion of issues raised by the recent attacks by groups such as Anonymous and LulzSec, as well as by the U.S. military’s increasing focus on cyber as a theater of operation. Barr and fellow panel members Joshua Corman and Jericho of Attrition.org were to discuss the significance and actions of groups such as Anonymous and LulzSec, as well as privacy and civil liberties issues arising from the increasing private sector use of tools such as data mining and data analytics and persona management.

On Wednesday, however, Barr received a legal written notice of intent to file an injunction to prevent him from appearing at DEFCON, citing his separation agreement with his former employer. Barr, who has done extensive research on Anonymous and its activities, was planning to talk about the significance of the group and about methods for combating Anonymous and other “chaotic actors.”

Tanya Forsheit, an attorney representing HBGary Federal for The Information Law Group declined to comment on the threatened injunction. Forsheit would not confirm or deny that HBGary Federal was trying to prevent Barr from speaking at the conference. E-mail messages and phone calls to HBGary President Penny Leavy and CEO Greg Hoglund seeking comment were not returned.

The annual Black Hat and DEFCON conferences regularly spark legal controversies if not all-out court battles. Famously, Internet Security Systems (ISS) researcher Michael Lynn prompted a controversy dubbed “Ciscogate” at the 2005 Black Hat after resigning his position in order to be able to take the stage at Black Hat to discuss a major security vulnerability affecting Cisco’s IOS operating system.

Lynn was subsequently sued by both Cisco and ISS for giving the presentation. In 2007, HID successfuly stifled a planned talk at Black Hat Federal by security researcher Chris Paget on vulnerabilities in HID-brand contactless door card readers. In 2008, the Massachusetts Bay Transportation Authority (MBTA) obtained a temporary restraining order to prevent a talk at DEFCON by three MIT students who had uncovered physical and logical security holes in MBTA infrastructure.

Conference organizers did not immediately respond to requests for comment.

Suggested articles

plugX malware loader TA416

TA416 APT Rebounds With New PlugX Malware Variant

The TA416 APT has returned in spear phishing attacks against a range of victims – from the Vatican to diplomats in Africa – with a new Golang version of its PlugX malware loader.

Discussion

  • Anonymous on

    Who threatened him, Alexander Hamilton?
  • originalgeek on

    I'm surprised DEFCON would invite a panelist who does not know how to practice textbook-level security principles.

  • Anonymous on

    @Anon2

    I think it would be more along the lines of parading the fallen 'leader' through the streets.  Why set fire to an effagy when you can watch a former CEO sheepishly admit to his ego in front of a crowd?

  • Anonymous on

    Interesting LULZ From king of the world to shunned pariah. Still haven't learned to stop looking for media attention I see Aaron or would you rather your Anon name CogAnon? Well perhaps one day you'll grow. Still chomping at the bit to attention whore yourself on Anonymous I see. How long do you plan on riding our coat tails Aaron? Really come now, it's been a year already. Perhaps you should move on to more prudent things.

  • Anonymous on

    So who does #2 work for now?

  • Bob on

    If you do not think there is a "Hacking epedemic" going on then just look at your firewall logs.  The amount of attacks is increasing almost as fast at the national debt.  EVERY company is a big "Target".

  • Anonymous on

    I think having him talk about mistakes he made and how to avoid them with the other panelists would have been enlightening and informative. Yes some of it would have been "duh" moments. But, discussing business/security methods is generally a good discussion. There would be lessons to be learned and laughs to be had as he re-lived the scenario. I don't think everyone else (including those in the hacker/infosec community) is so savvy that they could never potentially make the same mistakes as HB Gary, or they wouldn't have made them either. People can learn from their mistakes and hopefully not replicate them.

  • Anonymous on

    Aaron Barr is such a dispicable media whore. He 100% knew ahead of time he'd never be allowed to legally speak @ Defcon because of that agreement the article mentions. I doubt he ever had any real plans to attend. Another genius move on his part!

  • Anonymous on

    Anonymous surely knocked the crap out of HBGray lol.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.