Hacking Team: At the Wrong End of a Massive Data Breach
On Sunday, an unknown group managed to release a Torrent
file containing over 400GB worth of data from the Milan-based Hacking Team, a
leading provider of easy-to-use surveillance and intrusion technology.
Hacking Team is known for providing hacking software to
government and law enforcement agencies worldwide. They are responsible for the
‘Galileo’ (previously ‘DaVinci’) Remote Control System (RCS), a ‘hacking suite
for governmental interception’ which purportedly enables the user to capture
data by intercepting emails, SMS, Skype and voice communications. According
to their website, RCS allows the user to look through their target’s eyes and
is effective on many different platforms, including Windows, OS X, Android,
iOS, and Blackberry. What’s more, it can defeat encryption and remains untraceable to the target.
In 2013, the freedom of information advocacy group Reporters
Without Borders claimed that governments were purchasing surveillance
technology from corporate suppliers and using them to control dissidents, spy
on journalists, and violate human rights. The group listed Hacking Team as one
of five private-sector companies that it dubbed digital era mercenaries. In a
statement on CNET, a consultant for the company maintained that Hacking Team
technology is sold exclusively to government clients and never to those that
are blacklisted by the EU, NATO and the US, emphasising that it was designed
to target crime and cyber-terrorism. But Reporters Without Borders state that
media reports and IT security experts have found traces of Hacking Team
technology in countries that do not have a good record in human rights and
democracy.
A Citizen Lab report lists 21 countries suspected of using Hacking Team’s spyware, many of which have very low rankings in freedom of expression and commit ongoing human rights violations, including Saudi Arabia, Egypt, Ethiopia, Morocco, Nigeria, Russia, Azerbaijan, Kazakhstan and Sudan. In 2013, the company’s US spokesperson denied selling technology to any repressive regime and stated that they rely on international blacklists to ensure that their spyware is not used as part of human rights abuses. But last year RCS was reportedly used against a dissident journalist group in Morocco and against a pro-democracy activist in the United Arab Emirates. US and European journalists have purportedly been targeted as well, possibly by the Ethiopian government, per another Citizen Lab report.
citizenlab.org |
The data cache leaked on Sunday seems to link Hacking Team
to Egypt, Lebanon, Ethiopia and Sudan. An invoice to Sudan valued at 480,000
Euro and dated July 2, 2012 was released as part of the data breach, which has
a total value of over 4 million Euros. Hacking Team have stonewalled an
investigation by the UN into the sale of their technology to Sudan, stating
that RCS is not a weapon and therefore does not fall within the parameters of
the UN sanction.
Hacking Team never sold to Sudan? Here's the instructions for the 480,000 Euro wire transfer. cc @hackingteam pic.twitter.com/JqexHpvb3s
— Eva (@evacide) July 6, 2015
Hacking Team to UN: Our software isn't a weapon, so we weren't prohibited from selling it to Sudan. YOLO. pic.twitter.com/wjuWDULB20
— Christopher Soghoian (@csoghoian) July 6, 2015
A list of every government client includes Italian law
enforcement, Brazil, Chile, Colombia, Mexico, Oman, Singapore, Thailand and
Vietnam, as well as a handful of EU countries including Spain, Germany,
Hungary and the Czech Republic.csoonline.com |
Hacking Team did not react to the hack until Monday morning,
when Christian Pozzi took to Twitter to comment on the breach. Pozzi claimed
that the hackers had falsified the information: Most of what the attackers are
claiming is simply not true…The attackers are spreading a lot of lies about our
company that is simply not true. Pozzi's Twitter account was also hacked and has since been deleted.
While many are enjoying the irony that Hacking Team has
found itself on the wrong end of an embarrassing breach, there is a genuine
concern that the leak could release powerful spy technology into the wrong
hands.
Contact us on Twitter, on Facebook, or leave your comments below. To find out about social media training or management why not take a look at our website for more info http://socialmediacambridge.co.uk/.
Aaron Waterhouse
Aaron
is a recent English graduate from Durham University who is now working as a
content writer intern. An enthusiastic traveller, he hopes to become a
journalist and report from around the world. Follow him @AaronAtSMF
Hacking Team: At the Wrong End of a Massive Data Breach
Reviewed by Unknown
on
Tuesday, July 07, 2015
Rating: