Fluffi Bunni hacker suspect had been on Siemens' staff for a year

IT security suppliers Siemens Communications and Insight Consulting have begun investigations after it emerged that a man...

IT security suppliers Siemens Communications and Insight Consulting have begun investigations after it emerged that a man arrested last week by detectives hunting a notorious international hacking group had been representing the firms on an exhibitor's stand at a major IT security show.

Senior detectives at Scotland Yard's Computer Crime Unit spotted 27-year-old Lynn Htun, believed to be the brains behind the infamous Fluffi Bunni hacking group, on the stand run by Insight Consulting and its business partner Siemens at the Infosecurity Europe 2003 show at Olympia, London.

Htun, from North London, had worked for Siemens for almost a year. He has been remanded in custody on charges of forgery and theft of a computer at Guildford Crown Court. He is expected to be questioned about a spate of hacking incidents that have blighted business websites over the past two years.

The incident will come as an embarrassment to Siemens, which runs major secure IT projects for the government, and its business partner Insight Consulting, which is partly owned by Siemens and has close links to the security service MI5.

It is also likely to prompt anxious questions from the companies' customers about the adequacy of Siemens' employment vetting procedures.

"It does take some form of carelessness to employ someone who is facing charges and for which there is an arrest warrant out. Obviously, any purchaser of security services has high implicit expectations of the supplier. I think Siemens has a great deal to answer," said Peter Sommer, security expert at the London School of Economics.

According to eye witnesses, senior detectives from Scotland Yard's Computer Crime Unit spotted Htun on a stand run by Insight Consulting and Siemens only yards from an exhibit by the National High-Tech Crime Unit at lunchtime on Tuesday 29 April.

The team, led by detective sergeant Steve Santorelli, who was responsible for the arrest of virus writer Simon Vallor earlier this year, was attending the show to give presentations on cybercrime at a Computer Weekly InfoSecurity Group forum

"It was a very low-key, normal arrest, a fairly civilised affair. It was all over in a couple of minutes," said one security supplier who was on a nearby stand.

Onlookers said Htun, described as short, oriental-looking and smartly dressed in a pinstripe suit, puffed on a cigarette and smiled as he was led out of the exhibition, prompting speculation that he may have wanted to be caught.

Siemens confirmed last night that Htun had been an employee for one year. He had been hired following security vetting and a personal recommendation from another firm. Siemens declined to say what his role in the company was or whether he would have had access to customers' systems.

"It has all come as a bit of a shock to us," a spokeswoman for Siemens said. "We are liaising closely with the police to try to get some further information on this situation."

The arrest comes amid warnings from security professionals that a growing number of hackers are well-paid IT professionals with day jobs in legitimate firms.

Law enforcement agencies in the UK and the US have been investigating Fluffi Bunni since the 11 September terrorist atrocities, when the group attacked thousands of business websites, defacing them with its trade mark picture of a pink fluffy rabbit.

Htun, thought to be the group's ringleader, has been evading capture since Surrey Police issued an arrest warrant for him in 1999 on charges unrelated to hacking.

Read more on IT risk management