Controversial exploit manufacturer "HackingTeam" hacked

a thoughtful web.

Good ideas and conversation. No ads, no tracking. Login or Take a Tour!

Controversial exploit manufacturer "HackingTeam" hacked · 3

mailor · 3432 days ago

HackingTeam is a firm in Italy, based in Milan. They produce vulnerability exploits, surveillance tools, and malware that they sell to "private" clients. Those "private" clients are typically governments, allegedly often oppressive ones (e.g. Sudan).

Yesterday HackingTeam has been hacked. 400GB of its data exfiltrated, and the infosec community is, I'd say, pretty happy about it. As you can imagine, HT did not have a very good reputation within the community.

It's interesting to compare te community reaction with the Kaspersky case. Kaspersky is a security firm that sells the notorious antivirus and does plenty of work on malware rev engineering and publishing. They discovered they have had an APT variant on their system for several month. Infosec community reacted with much sympathy, as it usually does in these cases.

Importantly, this hack may represent end of affairs for HT: depending on what will emerge from the data, many governments may become unhappy about the revelations. In particular, many "old clients" (and potential new ones) may decide to cut their commercial relationship with HT entirely.

tweet · print · htmlmarkup tips · 0

fnord42 · 3432 days ago · link ·

Wow, that's amazing. Amazing that they didn't have better security. You'd think they would have taken measures to prevent something like this from happening.

+discuss+discuss

–

mailor · 3432 days ago · link ·

This comment has been deleted.

mailor · 3432 days ago · link ·

It's not like they haven't. They are subject to the same security management costs as anybody else, including password complexity, vulnerability patching and file encryption.

Of course being a security firm puts them in the position of having a lot of know-how on how to manage and configure secure systems. But so does any CISO, including Target's, Kaspersky's, and many others.

They may have done a better job at defending their systems? Sure.

Should we have expected that from them? Not so sure.

+discuss+discuss

–

Dearon · 3432 days ago · link ·

I think we should expect high security from anyone who is dealing with sensitive information, no one wants to see their data leaked after all.

But in practice it's not realistic to expect that companies have perfect protection, if you face an APT like a nationstate for example you're generally pretty screwed (e.g. Kaspersky). But when you do have a company which is in the business of security, like HackingTeam, it's much more reasonable to expect them to at least have the basics in order (like strong passwords). Their company as a whole knows how important those basics are after all given that they are demonstrated time and time again (like the recent successful phishing attacks on a number of US-based healthcare companies).