Italian cyber-security vendor Hacking Team, a company whose platform is aimed at helping government agencies hack and perform surveillance on others, ironically has been hacked itself.
Hacking Team’s primary product is the Remote Control System (RCS), a software agent that resides on a target’s machine.
“Evidence collection on monitored devices is stealth and transmission of collected data from the device to the RCS server is encrypted and untraceable,” the Hacking Team Website claims.
Hacking Team’s Twitter feed was compromised on Sunday, July 5, and was the location the attacker first used to disclose the breach. The Hacking Team was able to regain control of its Twitter account on July 6. More damaging, however, is the public disclosure of 400GB of data on Hacking Team’s technology and operations.
Hacking Team has denied the authenticity of the leaked files. Christian Pozzi, senior system and security engineer at Hacking Team, responded on Twitter about the breach early on July 7, before his own account was also hacked.
Hacking Team is in the process of alerting its customers about the data breach, Pozzi said, adding that those who attacked Hacking Team are spreading falsehoods and malware.
“It’s up to you what you would like to do, but be warned that the torrent file the attackers claim is clean has a virus,” Pozzi tweeted.
While Pozzi is warning that the leaked files are not entirely legitimate, at least one technology organization is taking the risk seriously. Independent software developer Mike Conley tweeted out a request for anyone who was looking through the Hacking Team files to report any security bugs and vulnerabilities they may have been exploiting in Firefox.
Mozilla Security Lead Dan Veditz responded that the first person to file any Hacking Team bugs for Firefox would get a Mozilla bug bounty. Mozilla has paid out more than $1.6 million in bounties to researchers that have reported security vulnerabilities.
Security experts eWEEK spoke with were not surprised by the Hacking Team breach.
“I would have thought that a company such as this would have gone to extreme measures to protect itself knowing that their data contained very secret information,” Andy Hayter, security evangelist from G DATA, told eWEEK. “It goes to show that anyone can be a target, be it an individual or company anywhere in the world.”
Shawn Masters, vice president of solutions engineering at Novetta, said that vendors and experts in the cyber-world are all constantly under attack. Masters noted a few lessons that can be learned from the Hacking Team breach. “First, when you put yourself out there as a vendor, expert or actor in the cyber-world, you need to harden your defenses for the higher volume and quality of attacks,” Masters told eWEEK.” All employees need to understand the risks and make sure they are constantly looking for anything out of the ordinary.”
Secondly, when an organization has data that might be damaging, to anyone, it is imperative to keep it under extra protection, Masters said. Every enterprise can point at data that should never be publicly revealed, and much of that data has no reason to be easily accessible from the Internet, or a user’s machine.
“Organizations should look at data critically and judge when data needs to be handled differently,” Masters said. “An ounce of extra prevention can go a long way, but you can never fully apply it after the breach.”
Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.
