What you need to know about the “Hacking Team” which was hacked (and I was quoted)

My good friend Richard Adhikari has written yesterday a very good article about this incident. Read it here: Hacking Team’s Dingy Laundry Hung Out Online

Here is where I get quoted as founder of Sorin Mustaca IT Security Consulting:

A Black Bag Job?

“It could be that some government agency who’s a customer of Hacking Team decided to discredit them and force them to close their doors,” said Sorin Mustaca, founder of Sorin Mustaca IT Security Consulting.

“These special customers don’t like to leave traces of their acquisitions,” he told the E-Commerce Times.


Here are additional comments

Apparently, on Sunday night many people managed to download the content from bittorrent (before it was taken down).
The reports speak of confirmations of selling intrusion tools to various regimes and contract documents with some of their customers.

Here is the list of countries:

Surprised to see Germany among the list of customers?

Eduard Snowden already warned of this, so this can be seen as a cross verification with other sources and not as a brand new piece of news. The consequences will show up in the European countries , especially Germany, where governments get severely scrutinized by various NGOs, privacy associations and the press. Also Italy should not like to see its name in the list since the company is Italian.

According to The Verge who is quoting others, they were indeed intercepting non encrypted HTTP traffic and were rewriting the URLs to redirect the targeted users to malicious links. Once clicked, the user would install a software that would spy on that particular user. Bad stuff… Very hard to detect.


What does the security services industry do about it?

This clearly shows that the security industry was, is at least a step behind the hackers.
And maybe it is time to start to think differently about IT security and how to apply it in corporations.
Let’s not forget that most corporations still think in compartmentalized security: network, workstation, server, mobile devices.
Tools like those created by Hacking Team are way beyond this reduced (and laughable) view on security.
It is not even a month since Kaspersky announced that they were infiltrated (Duqu 2) and this for a long time.
Leaving the marketing layer aside, this shows that pretty much anyone can become a victim of such tools.

Strangely, I haven’t read anything about this company [Hacking Team] creating tools to be used to perform corporate espionage. However, nothing would prevent someone (person or organization) to spy on various persons on high ranking positions in corporations.

As a conclusion, I think that everyone expects now to see governments on such disclosure lists.  So, this is no longer big news since Snowden.
The situation would change radically if we would see a company like Google, Microsoft, or some retail giant on a disclosure list like this one. This would require another shift in how we think about Internet and computing.


Here are multiple links that talk about this incident (thanks to Richard for summing them up):

Hacking Team hit by breach; leak suggests it sold spyware to oppressive regimes – ZdNet.com 20150706


Hacking Team Breach Shows a Global Spying Firm Run Amok – Wired 20150706


Hacking Team spyware company hacked, embarrassing emails revealed – theverge.com 20150706


Hacking Team is spreading government malware through YouTube and Microsoft Live – theverge.com 20140815


Major Government Spying Service Supplier Hacked, 400GB of Data Stolen – Gizmodo 20150706


Tweet by EFF’s Eva Galperin listing Hacking Team’s customers




© Copyright Sorin Mustaca, All rights Reserved. Written For: Sorin Mustaca on Cybersecurity

Check www.endpoint-cybersecurity.com for seeing the consulting services we offer.

Visit www.itsecuritynews.info for latest security news in English
Besuchen Sie de.itsecuritynews.info für IT Sicherheits News auf Deutsch

About the Author

Sorin Mustaca
Sorin Mustaca, (ISC)2 CSSLP, CompTIA Security+ and Project+, is working since over 20 years in the IT Security industry and worked between 2003-2014 for Avira as Product Manager for the known products used by over 100 million users world-wide. Today he is CEO and owner of Endpoint Cybersecurity GmbH focusing on Cybersecurity, secure software development and security for IoT and Automotive. He is also running his personal blog Sorin Mustaca on Cybersecurity and is the author of the free eBook Improve your security .

Comments are closed.

%d bloggers like this: