What you need to know about the “Hacking Team” which was hacked (and I was quoted)

My good friend Richard Adhikari has written yesterday a very good article about this incident. Read it here: Hacking Team’s Dingy Laundry Hung Out Online

Here is where I get quoted as founder of Sorin Mustaca IT Security Consulting:

A Black Bag Job?

“It could be that some government agency who’s a customer of Hacking Team decided to discredit them and force them to close their doors,” said Sorin Mustaca, founder of Sorin Mustaca IT Security Consulting.

“These special customers don’t like to leave traces of their acquisitions,” he told the E-Commerce Times.

 

Here are additional comments

Apparently, on Sunday night many people managed to download the content from bittorrent (before it was taken down).
The reports speak of confirmations of selling intrusion tools to various regimes and contract documents with some of their customers.

Here is the list of countries:

Surprised to see Germany among the list of customers?

Eduard Snowden already warned of this, so this can be seen as a cross verification with other sources and not as a brand new piece of news. The consequences will show up in the European countries , especially Germany, where governments get severely scrutinized by various NGOs, privacy associations and the press. Also Italy should not like to see its name in the list since the company is Italian.

According to The Verge who is quoting others, they were indeed intercepting non encrypted HTTP traffic and were rewriting the URLs to redirect the targeted users to malicious links. Once clicked, the user would install a software that would spy on that particular user. Bad stuff… Very hard to detect.

 

What does the security services industry do about it?

This clearly shows that the security industry was, is at least a step behind the hackers.
And maybe it is time to start to think differently about IT security and how to apply it in corporations.
Let’s not forget that most corporations still think in compartmentalized security: network, workstation, server, mobile devices.
Tools like those created by Hacking Team are way beyond this reduced (and laughable) view on security.
It is not even a month since Kaspersky announced that they were infiltrated (Duqu 2) and this for a long time.
Leaving the marketing layer aside, this shows that pretty much anyone can become a victim of such tools.

Strangely, I haven’t read anything about this company [Hacking Team] creating tools to be used to perform corporate espionage. However, nothing would prevent someone (person or organization) to spy on various persons on high ranking positions in corporations.

As a conclusion, I think that everyone expects now to see governments on such disclosure lists.  So, this is no longer big news since Snowden.
The situation would change radically if we would see a company like Google, Microsoft, or some retail giant on a disclosure list like this one. This would require another shift in how we think about Internet and computing.

 

Here are multiple links that talk about this incident (thanks to Richard for summing them up):

Hacking Team hit by breach; leak suggests it sold spyware to oppressive regimes – ZdNet.com 20150706

http://www.zdnet.com/article/hacking-team-hit-by-breach-files-suggest-it-sold-spyware-to-oppressive-regimes/

Hacking Team Breach Shows a Global Spying Firm Run Amok – Wired 20150706

http://www.wired.com/2015/07/hacking-team-breach-shows-global-spying-firm-run-amok/

Hacking Team spyware company hacked, embarrassing emails revealed – theverge.com 20150706

http://www.theverge.com/2015/7/6/8899861/hacking-team-hacked-security-leak

Hacking Team is spreading government malware through YouTube and Microsoft Live – theverge.com 20140815

http://www.theverge.com/2014/8/15/6007031/hacking-team-is-spreading-government-malware-through-youtube-and

Major Government Spying Service Supplier Hacked, 400GB of Data Stolen – Gizmodo 20150706

http://gizmodo.com/major-government-spying-service-supplier-hacked-400gb-1715930602

Tweet by EFF’s Eva Galperin listing Hacking Team’s customers

 

https://twitter.com/evacide/status/617889113216147456

 


© Copyright 2015 Sorin Mustaca, All rights Reserved. Written For: Sorin Mustaca on Cybersecurity

Check www.mustaca.com for the IT Consulting services I offer.
Visit www.itsecuritynews.info for latest security news in English
Besuchen Sie http://de.itsecuritynews.info für IT Sicherheits News auf Deutsch

About the Author

Sorin Mustaca

Sorin Mustaca, (ISC)2 CSSLP, CompTIA Security+ and Project+, is working since year 2000 in the IT Security industry and worked between 2003-2014 for Avira as Product Manager for the known products used by over 100 million users world-wide. Today he is an independent IT Security Consultant focusing on Cybersecurity, secure software development and security for IoT and Automotive. He is also running his personal blog Sorin Mustaca on Cybersecurity and is the author of the free eBook Improve your security .

Comments are closed.

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close