August 1, 2015 by Joe Bellott, CISO & Forensic Expert
One of the technology world’s most notorious providers of surveillance and intrusion software has found itself on the wrong end of an embarrassing hack.
A range of sensitive documents belonging to clients of an Italy-based Hacking Team known for working with governments worldwide, appears to have had a monstrous break of sensitive information, including email communications and client lists. The hackers, who remain unidentified at this time, also took over the group’s Twitter account, using it to post screenshots of emails and other details, as reported.
The Italian hacking team is a mysterious organization which has long been thought to sell tracking and hacking software to any governments who could afford their licensing fee’s. Some of of the services offered to law enforcement and government organizations gave them the ability to access SMS, emails, web browsing historical data, much more shrewd abilities were available such as how to locate specific targets for monetary gain.
Last year, the organization denied selling technology to “any repressive regime” but leaks of over 400GB of files which mostly came from an insider threat show government contracts with Kazikstan, Sudan, Russia, Saudi Arabiaand several other regimes which have been accused or proven to have committed repressive actions. Additionally acquired email correspondence from inside the group indicate the hacker for hire team acknowledge that it supplied technology to Ethiopian authorities which was subsequently used to spy on journalists and activists. The hackers for hire have contradicted themselves in the past stating that they did not sell software or services to private companies. Invoices and other additional evidence leaked has indicated that these are false distortion and a misrepresentation of the facts.
In an apparent leaked note posted to Twitter, Hacking Team COO Giancarlo Russo acknowledged the potential that the client had abused its software, but appeared to bury any concerns around ethics by explaining that a flag had been raised by “two of the newest guys… who may be frightened by this kind of press.”
An internet leaked list lists some of the organization clients, which includes government agencies from Australia, Egypt, Malaysia, Mexico, Singapore, Spain, Thailand, Turkey and UAE. The Verge reported in 2013 that Hacking Team made a major push to lure U.S.-based clients, and according to this list, the FBI and Drug Enforcement Agency had engaged Hacking Team’s services at one point.
Many of the security community may enjoy the irony that Hacking Team, which is listed on Reporter’s Without Borders’ ‘Enemies Of The Internet’ list, is being exposed so publicly, but there’s a genuine concern that if the organization’s source codes are indeed part of the leaked documentation — which experts are still looking over — then that could grant widespread access to some very powerful tools.
Hacking Team founder Christian Pozzi claimed on Twitter that the hackers falsified information about the company’s services and clients, adding that the company is working with police on the issue.
A further tweet appeared to suggest that the company is shutting down, but it isn’t clearly whether that is genuine or just a reaction to the outpouring of company information into the public domain.
The InCyber PAS Pro-Active and Predicting System has been proven 100% effective against Insider Threats. For additional information write to: firstname.lastname@example.org We are now offering a Free Insider Penetration Test for up to 500 Employees using your own historical data.