In an ironic turn of events, one of the world’s largest providers of surveillance technology was hacked last night. The Hacking Team is an Italian-based company that sells surveillance tools and some level of intrusion services to governments and law enforcement agencies, much to the chagrin of many advocates in favor of privacy.
The Hacking Team experienced a bit of role reversal last night, however. Hackers last night seized around 400 GB of data, including internal documents and email correspondences within the company, and dumped all of it into a torrent file online. Hackers, presumably of the same team, also compromised the Hacking Team’s Twitter (News - Alert) page, changing the profile picture and biography and tweeting images of some of the stolen data.
Journalists have begun to sift through the 400 GB of data already, and some of the results are surprising. Chief among these are a series of invoices linking the Hacking Team to many countries like Lebanon and Sudan, which the company has previously denied having any involvement with. A commercial for the company’s main surveillance tool, called Da Vinci, was also released, featuring an ominous deep voice that promises to allow customers to “look through your target’s eyes” and “hack their target.”
Most damning of all of this information is likely the revelation of a Hacking Team contract with the government of Sudan, which, up until now, the company had denied any involvement with. According to the Human Rights Watch, a nonprofit organization that tracks human rights violations, the Sudanese government has violently cracked down and persecuted protestors and dissenters, even allegedly killing over 170 people in 2013. Now of course, it will come into question whether or not the Hacking Team had any involvement in that particular incident.
As of the time of this posting, no official statement has been made on the part of the Hacking Team. Needless to say, at some point sooner rather than later, they will have some explaining to do. It will be interesting to see how one of the world’s largest hacking agency will react to having its own security compromised, and the situation illustrates the dangers of dealing with sensitive information on the Internet.