The Hacking Team Breach: 2-sec’s Reaction to the Attack
The Italian based company Hacking Team (that sells surveillance software tools to government agencies and private companies), experienced a data breach last weekend which led to the alleged theft of 400GB of corporate data. The data contained financial information, customer contact details and apparently the source code of all their supplied surveillance tools.
It’s also been confirmed that the company created custom “backdoors” to every one of its own products, and now the details of these have been published, Hacking Team have had to ask their customers to stop using their products immediately.
The very latest news is that due to the breach, Adobe is now forced to fix a security hole in its Flash software that was made public only after the data was stolen. Apparently Hacking Team knew about the vulnerability in Flash, but hadn’t yet told Adobe. Maybe they were hoping to use the information in some way to benefit themselves.
TIM HOLMAN – CEO, 2-sec
Hacking Team is one of the smallest companies in the industry. I expect that other players within the mass surveillance market are exceedingly nervous, especially as, according to John McAfee, the Dark Web has been rife with rumours for more than a year that one of the bigger companies in the mass surveillance market has suffered an as-yet-undisclosed hack that is far, FAR larger.
Some consultants are suggesting that insecure passwords and poorly chosen login controls were to blame (apparently passwords that included “kittens” and “password” were used by their staff). And the first indication of the attack was a tweet from the company account – had they no effective security monitoring in place?
Whatever the reason and method used for the hack, Hacking Team are now exposed publicly as company with some very shady practices – Reporters without Borders described it as “a corporate enemy of the internet” in 2012. I wonder how many other companies will find themselves compromised by this breach, especially as some UK banks and other organisations were counted among its clients.
ROBIN WOOD – 2-sec Senior Penetration Tester
The Hacking Team hack revealed 400Gb of internal data which has spread around the web like wildfire with researchers all over the globe picking through it trying to find juicy artefacts to publish. The same happened when Gamma International was hacked last August and 40Gb of data was published. While it may be interesting to grab a copy of this data and go digging through it, before you do imagine what would happen if it were your data that had been dumped. Along with the company information was some very personal information belonging to company staff, for example I’ve been told there are pictures of employees’ children in the dump.
I’d urge you to take some time to look at your network and what it contains and consider what would happen if the whole lot was dumped on the internet for the world to go through. Despite what some people will tell you, it is virtually impossible to defend yourself against a targeted attack of this level, it may not have been highly sophisticated or advanced but however it was done, they still got in.
Assume they could also get into yours and prepare yourself for it.