If you have ever been the victim of a hack then you know the feelings involved: dread, helplessness and loss. Hacking incidents almost always happen when things are going very well for a website or network, always when you least expect it. Under these circumstances, Anonymous’ recent move against security firm HBGary should have been quite predictable.

The CEO of HBGary, Aaron Barr, had been telling media outlets that he had successfully penetrated Anonymous as a group, outing several high level folks in the organization from Europe and elsewhere.

There’s a problem with talking like that. You’re going to end up getting compromised one way or another.

This kind of activity by Barr is borderline dumb. If you have this information, why are you telling the press? Instead of going directly to the authorities, who would have told you to keep your trap shut, you’re out there running your mouth. Not smart.

There are always going to be nefarious people who are going to hack into networks. The most puzzling thing is that many of these people who do these things are not swayed by money or political agendas. It’s the thrill of it, the fact that the Internet is still a Wild West where digital cowboys still have control. Those of us working in IT are just trying to mitigate any sort of damage. Take Anonymous’ hack of HBGary. This is what they wrote on the defaced site:

Your recent claims of ‘infiltrating’ Anonymous amuse us, and so do your attempts at using Anonymous as a means to garner press attention for yourself. How’s this for attention?

Now, imagine if groups like Anonymous do this based on making people afraid to talk imagine what they may do one day for money.

I’m convinced that we’re heading towards a future with too much offense and not enough defense in terms of information security. It’s going to take big security breaches that leak serious information for IT managers to realize how important things like business intelligence really are to their organizations. Already in critical infrastructure industries such as utilities and medical first response the government has created important guidelines.

Funny, since HBGary started their own governmental consulting business in 2009.

Much of this infrastructure debate became very public with a 60 Minutes report about the power grid in Brazil being subject to a cyber attack that caused a power outage in that country. Such issues will become more prevalent as everything is increasingly controlled via networks. Many energy and other basic needs providers are often municipal organizations that have very little capability to thwart such attacks.

So whoever Anonymous is, at least they are attacking those that are trying to infiltrate their hierarchy for now. Someday cyber attacks could be much more pronounced than just being relegated to a hacked website. It could be something much more pervasive in our lives such as energy, transportation or medical treatment services. Should it ever come to a head, rouge bands of hackers will hold more sway than conventional terrorists in this regard.