Frontline Lulzsec hacking member Topiary's identity and whereabouts were known to British police, chief technology officer of Prolexic Paul Sop has said.
While debate raged over whether British Police had arrested Topiary.
Scotland Yard released the name of a teenager, Jake Davis, it arrested in the Shetland Islands last week on suspicion of involvement with the LulzSec hacking group.
It has yet to emerge if the arrest man was the LulzSec identity Topiary, a concept contested by some online groups dedicated to uncovering the groups' participants.
Paul Sop, chief technology officer at Prolexic could not say if Topiary was in police hands, or talk specifically about the international police operation to locate and identify suspected online criminals within Anonymous and LulzSec because of non-disclosure agreements.
But he confirmed that police knew who and where Topiary was.
“Yes, I’ve read about the speculation. But you know I can’t say anything, right?” Sop said.
His company used its global IP network and technical specialists to defend businesses against Distributed Denial of Service (DDoS) attacks.
In doing so, it had harvested countless IP addresses and other data from DDoS attacks launched against customers and supplied them to law enforcement.
“With that many eyes watching the long and protracted attacks [by LulzSec and Anonymous] it’s not really possible to stay anonymous," Sop said.
"Police efforts are slow and protracted – they have to be because evidence must be transferred and it cannot be compromised".
Sop predicted the hacking groups' continued attacks against government intelligence and police agencies and scores of businesses would be “just more damning for them”.
Prolexic was not the only private sector company to assist the police investigations into Lulzsec and Anonymous.
A sworn affidavit by an FBI agent had revealed PayPal supplied the IP addresses of 1000 participants in DDoS attacks launched against its network in December.
Many of the DDoS participants had used the LOIC (Low Orbit Ion Cannon) software which made it easy for non-technical users to participate in coordinated attacks against nominated targets.
But in doing so, their IP addresses were recorded on the logs of victims, or with specialists like Prolexic.
A report (pdf) last year by researchers from the University of Twente in the Netherlands compared the use of LOIC for DDoS attacks to "overwhelming someone with letters, but putting your address at the back of the envelope".
The IP addresses were all there, in logs,” Sop said. “It’s rather daft – like throwing a brick through a window with your address taped to it," he said.
The philosophical ideology that united much of the Anonymous and Anti Security movement had helped investigators build profiles, Sop said.
Yet for all the attacks against Prolexic customers, Sop was warm to the movements’ broad ambitions to fight censorship and corruption.
“I don’t disagree with the messages, but the methods affect hundreds of thousands of innocent people. Look at the attacks on Sony – that affected thousands of people who just wanted to play PlayStation. When it was down, I couldn’t enjoy gaming with my son.”