Over the weekend, Hacking Team, an Italian company that sells spyware to what appears to be a collection of military, intelligence and law enforcement agencies around the world, was itself hacked. News of the breach lifts the cloak that thinly conceals the wild, wild west nature of Internet security. Hacking Team sells a product that reportedly can be remotely installed on a computer to intercept phone calls, texts and social media messages, and can also turn on a user’s webcam and collect passwords.
The company’s website says it “provide(s) effective, easy-to-use offensive technology to the worldwide law enforcement and intelligence communities.” However, critics of Hacking Team have long alleged that the company is selling its products to customers that have questionable commitments to democracy and histories of abusing human rights.
Whoever hacked Hacking Team released a huge file of internal documents. Those documents suggest that U.S.- based clients of Hacking Team include the DEA, the FBI and the Department of Defense. From a business perspective that list probably is not overly alarming. However, the larger list of clients reveals that Hacking Team also appears to have been doing business with customers in Russia, Egypt, Ethiopia, Thailand, Saudi Arabia, Oman, Nigeria, UAE and a host of other countries (see list). Companies doing business in or likely to be of interest to some of these countries should pay very close attention to this unfolding story.
The larger issue presented in the attack on Hacking Team lies in what it says about the international cyber arms trade. State sponsored cyber attacks are growing ever more sophisticated. Tools readily available from companies like Hacking Team can serve both legitimate and nefarious purposes. Assume both are in play and prepare accordingly.
By Tom Davis, SDI Cyber Risk Practice
SDI #CyberTuesday offers insights and commentary on cyber risk management by SDI’s trusted cybersecurity, privacy and data security experts, skilled practitioners whose decades of experience working for governments and corporations around the world distinguish them as strategists and crisis managers.
You can view previous blog posts on cyber risk management here.