HB Gary CEO Aaron Barr Resigns

He’ll probably just get picked up by TASC, which was about to buy out HB Gary Federal anyway. But I do take some pleasure at his recognition that his reputation is for shit.

Embattled CEO Aaron Barr says he is stepping down from his post at HBGary Federal to allow the company to move on after an embarassing data breach.


In an interview with Threatpost, Barr said that he is stepping down to allow himself and the company he ran to move on in the wake of the high profile hack.

“I need to focus on taking care of my family and rebuilding my reputation,” Barr said in a phone interview. “It’s been a challenge to do that and run a company. And, given that I’ve been the focus of much of bad press, I hope that, by leaving, HBGary and HBGary Federal can get away from some of that. I’m confident they’ll be able to weather this storm.”

Good riddance, I say!

  1. WilliamOckham says:

    I don’t think it is ever right to pick a fight, but picking a fight with anonymous is just stupid. In the world of computer security, the advantage is always with the attacker. Barr seriously underestimated his opponent and overestimated his own skill.

    • earlofhuntingdon says:

      I wonder what that says for his industry and the gazillions of DoD and other dollars being spent on it.

      • WilliamOckham says:

        It’s not completely wasted, but it is wildly misspent. I’d be surprised if 1% of it is being put to good use. I’d bet that roughly 15% is spent on complete charlatans who would make Aaron Barr look like Dwight Eisenhower.

      • emptywheel says:

        Actually, I think he’d agree w/that take. He writes a lot about how he doesn’t want to tell the govt that there is really not stopping hackers–what you need to do is become resiliant–but that’s not a very profitable viewpoint.

        • emptywheel says:

          Speaking of which, I think WO and Bruce Schneier are the same person:

          In cyberspace, the balance of power is on the side of the attacker. Attacking a network is much easier than defending a network. That may change eventually — there might someday be the cyberspace equivalent of trench warfare, where the defender has the natural advantage — but not anytime soon.

          Or maybe that is just common sense if you know about tech?

  2. earlofhuntingdon says:

    Yep, I’m afraid his resignation may be risk-free in that he will have arranged a soft landing elsewhere. Resignation used to be out of principle, or as a face-saving device for those who’ve been fired. Now it’s just PR so that actors and their employers can move on without consequence.

  3. JTMinIA says:

    Man, I’ll bet his buddies at HBGary and sooooo happy that he said that leaving might help them. They spent a lot of energy trying to convince everyone that HBGary and HBGary Federal had little in common besides the hubby and wife team running HBGary own 15% of HBGary Federal. And now Barr, in one last act of total incompetence mentions them in a presser. Pinhead. I want to be the 16 year old girl who cracked his system when I grow up.

    • spanishinquisition says:

      Yeah, it was a lie. His wife personally owns about 50% in addition to the 15% owned by HB Gary corporate.

  4. MadDog says:

    Via Public Intelligence – HBGary pushes French-owned Narus-like surveillance system to Feds:

    HBGary Qosmos Deep Packet Inspection White Paper


    Criminals, predators and hackers now use chats, blogs, webmail and Internet applications such as online gaming and file-sharing sites to hide their communications.


    Qosmos provides law enforcement agencies with a powerful solution to identify a target using multiple virtual IDs and intercept all related IP-based communications. Any trigger, such as a “user login = target” initiates intercept of all IP traffic related to the “target.”

    Example of recognized applications and protocols VoIP Email (POP, SMTP) Webmail (Gmail, Hotmail, Live Mail, SquirrelMail, Yahoo mail, etc.) Instant Messaging (Aim, SNM, Skype, Yahoo, Google Talk, QQ, Maktoob, Paltalk, etc.) Online games (World of Warcraft) Online classified ads Audio/Video (H.323, SIP, MGCP, RTP, RTCP, MMSE, RTSP, SHOUTcast, Yahoo Video, MSN Video, SCCP, etc.) Web applications (Dailymotion, Google, eBay, Google Earth, HTTP, MySpace, Wikipedia, YouTube, etc…)

    • emptywheel says:

      I was joking w/Barry Eisler that the whole Anon hack seemed like something we’d see in his novels.

      But then we both agreed that his characters have to be more competent than Barr, to be interesting and/or believable.

  5. MadDog says:

    OT – Via the Express-Tribune, partnered with The International Herald Tribune:

    After Davis’ arrest, US operatives leaving Pakistan

    At least 30 suspected covert American operatives have suspended their activities in Pakistan and 12 have already left the country, according to sources familiar with the matter.

    In the aftermath of the shootings in Lahore on January 27 by suspected CIA operative Raymond Davis, intelligence agencies in Pakistan began scrutinising records of the Americans living in Pakistan and discovered several discrepancies, causing many suspected American operatives to maintain a low profile and others to leave the country altogether.

    The foreign ministry states that there are 851 Americans with diplomatic immunity currently in Pakistan, of whom 297 are not working in a diplomatic capacity. However, sources at the interior ministry put the number of non-diplomats at 414…

    …Most of the ‘special Americans’ are suspected of being operatives of US intelligence agencies who are on covert missions in Pakistan, reporting to the US Joint Special Operations Command (JSOC), according to sources familiar with the situation…

    …Sources say that the intelligence agencies’ reports state that many of the Americans living in these residences are assumed to be US Special Forces – including members of the covert Delta Force of the United States Army – and therefore are considered armed and dangerous…

  6. eCAHNomics says:

    Coming to think of it, what ever happened to the CEO rule that the larger the fail, the larger the bonus.

  7. Petro says:

    Considering the speed with which this whole thing unfolded, the plot, the cast, and the crew…

    Well, goddam, this was cooler and had more instant gratification than a screening of “The Social Network.”

  8. gordonot says:

    This from their web site last week:

    HBGary Monday introduced an appliance that sits at the perimeter of the enterprise network to watch for possible incoming malware and outgoing traces of botnet infections.

    They call it “Razor.” Excuse me while I snorgel in my shaving cream.

  9. rusty houndog says:

    Anonymous skills are known worldwide to be absolute. Mr. Barr’s skills are now known worldwide to absolutely bullshit. Running your mouth does not get the code to work, and worse, he was talking like a man with a paper ass hole.

  10. orionATL says:

    [email protected]

    funny, but i do not remember ceo penny mentioning her 50% ownership in the chat logs of her plea to anonymous.

    i think she did tell the anonymous cooperative that hbgary owned (implied, only) 15% of hbgary federal.

    if ceo penny owned 50%, and she and hubby greg owned another 15%,

    then ceo penny may have had motive to be more involved in the hbgaryfed caper than has been apparent on the surface-

    all the more so if she wanted to unload hbgary federal, as ew writes may be about to happen.

    scenario: ceo penny says to colleague aaron, e.g.,” can we juice hbgaryfed”.

    ceo aaron thinks he can, and proceeds.

    wonder what hbgaryfed would have been worth before the aaron’s “anonymous” caper provoked the wrath of the nieberlungen?

  11. JTMinIA says:

    She definitely did not mention her own 50% stake and went to some lengths to imply that the 15% was the entire connection.

    She’s lucky that Anonymous doesn’t take slights such as being lied to as sufficient for a response. It’s the intertubes, for Petunia’s sake. You expect lies and respond only when told the truth.

  12. darms says:

    Man, wish I could be alive when this history is written. HBGary is by no means the only software company defrauding the US, here’s another: Dennis Montgomery

    “Hiding Details of Dubious Deal, U.S. Invokes National Security”

  13. kurish says:

    @spanishinquisition / JTMinIA / anyone:

    Can you please provide a source re: Penny Leavy owning 50% of HBGary Federal? Not finding this in my searches. Thanks.