Daily Management Review

Hacking Team Hacked


07/10/2015


An Italian security firm Hacking Team, which specializes in developing offensive security tools and selling them to oppressive governments, got hacked.



While the world was blissfully watching the exciting Women’s World Cup, one of the most notorious security firms, Hacking Team, got a taste of its own medicine.
 
Hacking team is an Italian company based out of Milan Italy, which specializes in surveillance technology and sell their offensive surveillance tools to law enforcement agencies as well as governments. Tools developed by it, have invariably been linked to several high profile cases concerning invasion and breach of privacy. With their notoriety knowing no bounds, Reporters Without Borders, have listed Hacking Team in its Enemies of the Internet Index. Their most famous surveillance tool is called Da Vinci.
 

It is not clear yet as to who has hacked the Hacking Team, but whoever or whichever team of hackers, have done so have published their internal documents in a torrent file. The 400GB torrent file contains a list of their internal documents, communications through e-mail as well as their source code. The torrent file is available to the public at large.
 
 
Not satisfied in checking breaking into their systems, the attackers have defaced the Twitter account and replaced it with a set of new biographies, logos, images of the compromised data and published messages.
 
 
Going by the listed files available in the torrent file, Hacking Team’s customers included oppressive governments such as Lebanon, Oman, Kazakhstan, Saudi Arabia, etc. Hacking Team however continues to maintain that it does do business with oppressive governments.
 
Researchers perusing the torrent file has posted several items which counters Hacking team’s claims of not doing business with oppressive governments. One such item released is Hacking Team’s invoice to Egypt for a cool Euro 58,000 for access to Hacking Team’s RCS Exploit Portal. Researchers have also released a commercial of Hacking Team’s top surveillance tool – Da Vinci.
 
 
Further, researchers have also released an e-mail from a person who has been linked to several domains which are supposedly tied to the Meles Zenawi Foundation (MZF), Ethiopia’s Prime Minister, who died in 2012. In the said mail, Biniam Tewolde thanks the Hacking Team for their help in catching a high value target. Around the time this e-mail, which was sent 8 months before Meles Zenawi exprired, 8 different MZF related domains were registered.
 
Given the context of the e-mail and the sudden appearance and disappearance of the said domains, it is possible that they were part of a phishing campaign to net a high value target. Further, researchers have released yet another Hacking Team’s invoice which show that Ethiopia had paid $1,000,000 Birr for their Remote Control System, communication equipment and professional services. Whoever was in Ethiopia government’s crosshairs is yet unknown and undisclosed.
 
As per the internal documents released by researchers so far, Hacking Team had customers in the following countries: Ethiopia, Nigeria, Egypt, Morocco, Sudan, Colombia, Mexico, Honduras, Ecuador, Panama, Chile, United States, Kazakhstan, Singapore, Azerbaijan, Thailand, Malaysia, South Korea, Mongolia, Hungary, Vietnam, Cyprus, Australia, Germany, Uzbekistan, Czech Republic, Oman, Luxemburg, Spain, Bahrain, Switzerland, Poland, Russia, Italy, UAE and Saudi Arabia.

This list again negates Hacking Team’s claim that they have never ever done business with Sudan. As per Human Rights Watch, Sudan’s security forces have violently and repeatedly suppressed demonstrations against the government. In 2013, more than 170 people payed with their lives for demonstrating against the government.
 
Khalil Sehnaoui, from Kryoton Security, encapsulated the news aptly saying, someone in Italy is going to have a very bad day.
 
 
References:
http://www.csoonline.com/article/2943968/data-breach/hacking-team-hacked-attackers-claim-400gb-in-dumped-data.html
http://surveillance.rsf.org/en/hacking-team/