In a more than ironic move, a firm called the Hacking Team has been hacked – but what’s really getting them airtime is the fact that they seem to have been selling hacking tools to governments and other not-great third parties, which have then been used to hack journos, activists and citizens. Here’s what’s known so far…
The shoe is on the other foot for surveillance company Hacking Team after it was hacked yesterday and had its Twitter taken over too. The company’s name was replaced with ‘Hacked Team’ and it had 400GB of private internal info, including emails and source code, dumped into the world. Not ideal.
Whilst the tools that the company sell are ‘lawful’, it seems that they might have been a bit shady and sold them to companies with dodgy human rights records, like Sudan – even though the company has explicitly denied that they do this. Especially with the UN arms embargo on the nation, if it’s proven that the company sold them cyberweapons, it could be in pretty big trouble. None of this has been confirmed at this time but there is precedent, as the reports have led Reporters Without Borders to stick the company in its Enemies of the Internet index.
The head of comms for the Hacking Team has previously defended it by saying: “The process under which Hacking Team sells its products is designed to make sure they are not abused and they are used in accordance with the applicable laws and international standards such as black lists that restrict where some products like this can be sold.”
Obviously, a storm of mockery immediately hit Twitter following the breach. One of the company’s staff responded with denials and threats, until he deleted his account completely (which was later also hacked). It looks like most attempts to contact the company have been unsuccessful at this point, but it’s expected that the fallout will become clear in the next day or so, so keep your peepers peeled; especially with all the Investigatory Powers Bill and privacy conversations happening recently, it’s never a bad thing to be educated on the current security situation.
If you’re interested in working with ethical hackers that will help protect your solution and your privacy, take a look at our security branch Secarma.