You may have heard the name “Hacking Team” mentioned in the media recently. Hacking Team is an Italy-based surveillance company that provides spyware – software designed to collect data from unsuspecting targets – to organizations around the world. Hacking Team was hacked in early July, and whoever was responsible released approximately 400GB of documents revealing the company’s activities to the world.
Hacking Team has been providing spyware to governments around the globe, with some of those governments boasting human rights records that one would generally considered “subpar”, or even downright humiliating. The list (which you can see here) includes “winners” like Sudan, Saudi Arabia, Morocco, and Russia.
The fact that a company called Hacking Team was hacked, combined with the disclosure of their shady clientele, has severely diminished the credibility of previous denials the company has made about their engaging in this kind of profiteering. It also validates criticisms that groups like the EFF and Reporters Without Borders have thrown at Hacking Team – basically, that they provide agents around the globe with cyberweapons used for the suppression of democracy and the violation of human rights.
Hacking Team offers their clients a “Remote Control System” (RCS) that combines a variety of spyware technologies into one comprehensive surveillance suite. According to The Citizen Lab, this RCS product essentially allows users to do things like turn the microphones and cameras of their targets’ mobile phones on/off, monitor and record communications, and copy files and passwords.
While Hacking Team sells exclusively to governments, companies are designing products and services to give them similar capabilities.
This doesn’t even include the massive numbers of third party cookies that monitor web browsing to help companies profile people while they’re online.
Hacking Team is an organization that sees opportunity where others see repression, which is why they provide such compelling/repulsive evidence of the dangers posed by commercialized surveillance technologies (plus, a vulnerability they were using went public and caused an outbreak of Flash exploits). But they’re hardly alone in their attempt to use technology as a way of spying on people. Criminals, and even companies, have an interest in learning about you to exploit that knowledge for their own benefit.
That’s why the media is comparing the Hacking Team debacle to the Snowden revelations – it’s becoming harder and harder to ignore that companies like Hacking Team are a threat to your digital privacy. After all, governments all over the world are buying weapons from Hacking Team, and based on the claims of the company, there’s no way for you to know if or when your own politicians will decide to use these weapons against you.
[Image by Todd Huffman | via Flickr]
F-Secure invites our fellows to share their expertise and insights. For more posts by Fennel, click…
April 18, 2018