It was the end of the road for the world’s most respected hackers the ‘Hacking Team.’ Hackers released a 400 GB of internal documents hacked or may be stolen from the Hacking Team an Italian company that sells surveillance tools to governments and intelligence agencies. I used to think North Korea leads in hacking but this information reveals that governments are fighting against themselves. The U.S Government hack should not be placed on individuals but rival nations.
The release has exposed and jeopardized the growing cyberweapons market. The documents suggest that Hacking Team marketed its products to a wide range of governments including a host of repressive regimes. This is evident that no one is innocent when it comes to hacking because even governments are leading in hacking. This comes after China published a draft of its Cybersecurity law.
Christopher Soghoian, principal technologist at the American Civil Liberties Union (ACLU), says he has downloaded a cache of company invoices in an effort to better understand which governments Hacking Team sold its products to.
“The invoices are fascinating,” he says. “Hacking Team has been selling their software to governments like Azerbaijan and Kazakhstan, Sudan, Vietnam, Ethiopia – a number of governments with documented histories of abusing human rights.”
Soghoian admits that it’s possible the leaked documents have been tampered with in some way, but says his gut feeling is that they are largely authentic. “Researchers have been studying Hacking Team for three or four years and the invoices match up with the countries we believe have been purchasing this stuff in the first place,” he says.
This might surprise you but hackers are extremely cheap. The Hacking Team’s services are low according to Soghoian, Government agencies appear to be able to subscribe for as little as $50,000 a year. That is also surprising, according to me that is a lot of cash in Kenya.
“This software is now basically affordable enough that any government can buy it,” says Soghoian. Government agencies can easily acquire and install surveillance programmes to targeted computers.
Unfortunately the Hacking Team is not the only firm working in this field . There’s Gamma International, the company behind Fin Fisher, which can be remotely installed on a phone, tablet or computer in order to monitor a target’s activity and communications. The firm also had documents leaked by hackers in August last year.
The booming market for surveillance tools is no surprise, says Sean Sullivan, a security expert at F-Secure. He says that intelligence agencies have helped to fuel the market for “exploits” – methods of hacking computer systems.
“One of the unintended consequences of folks like the NSA and GCHQ using the internet as a source for intelligence is that they hired people to find high-end exploits in software,” he says. “You can’t have that without then also fueling this ecosystem.”
In a statement, company spokesman Eric Rabe said: “Hacking Team has been the victim of an online attack, and we believe documents have been stolen from the company. We are investigating to determine the extent of this attack and specifically what has been taken. Obviously, we will work with appropriate law enforcement to determine who is responsible.”
“We cannot comment on the validity of documents purportedly from our company. However, some of the information that is in the press today – and is reportedly based on these documents – is inaccurate. We are continuing our investigation.” He added.
Edin Omanovic, a research officer at Privacy International, said the documents show that the trade in surveillance technology needs to be more tightly regulated.
“After the Arab Spring it was quite evident that a lot of European companies were involved in setting up the surveillance systems of most of the dictatorships in the region,” he says. “The EU is now trying to ascertain the practicality of imposing export restrictions on technology like the sort of tools that Hacking Team makes.”
“It underlines the essential need for regulatory action to be taken on these sort of companies. It’s not a problem that’s going to go away – it’s only going to get bigger.” Omanovic said.