Hacking Team

On 5 July, a hacker published approximately 400 GB of data that he claimed to have stolen from Hacking Team, a company that produces software such as spyware and keyloggers and supplies it to governments and state agencies.

  • The stolen data include in particular contracts, invoices, client lists and e-mails, as well as passwords for the company’s accounts on social media.
  • The hackers released the data through BitTorrent and Pastebin. Technical data were also published. In particular, zero-day vulnerabilities used by spywares were divulged, concerning Adobe Flash and Windows. These have now been patched by the two companies.
  • The cyber-attacker known as Phineas Fisher, a hacktivist opposed to surveillance of the Internet, claimed to be the author of the attack. He is also thought to have carried out a cyber-attack in August 2014 against Gamma International, a company based in Great Britain that offers similar products.
  • This leakage of data could have two main harmful consequences for Hacking Team. The relationships between Hacking Team and several of its clients were disclosed. The company had previously denied having any link with governments or governmental agencies blacklisted by States or by organisations such as the United States, the European Union or the United Nations. However, some of the stolen documents reveal the supposed existence of commercial relationships with some of these, including a Russian company linked to the FSB, which could damage the reputation of Hacking Team. Secondly, the partial publication of the source code of certain software products, together with particularly simplistic passwords supposedly used by the CEO of the company, could have an impact on the credibility of the company’s expertise.

The fact that the data were not apparently used to attempt blackmail or extortion against the corporate target shows that the aim of some hackers may be to damage the reputation of a company. Furthermore, this incident highlights the need to diversify passwords and make them more complex, and to avoid recording them in a single document. Because of its implications concerning offensive cyber-security and cyber-espionage by national intelligence agencies, the affair has caused a sensation.