Image: Hacking Team
The company that sold spy tech to the oppressive regime of Sudan—and is being investigated by the United Nations for it—would like your support.Two weeks ago, a hacker embarrassed the controversial Italian surveillance tech vendor Hacking Team by announcing that he had breached the company's network—an announcement made via Hacking Team's Twitter account. The hacker then uploaded 400GB of internal data to the internet, helping reveal that, for example, Hacking Team had sold products to Sudan in 2012, that it considered selling its spyware to Bangladesh's death squad, and that the company only stopped doing business with the Ethiopian government when it got caught—twice—for using Hacking Team's products against journalists.And even then, according to internal emails, Hacking Team's brass was more upset about the fact that Ethiopia got caught, exposing the company's software, rather than how the country used it.But forget about that, we're all focusing on the wrong stuff here, according to Hacking Team's latest statement."The single fact not generally covered by news media is this: there is only one violation of law in this entire episode, and that one is the criminal attack on Hacking Team," company spokesperson Eric Rabe wrote in a statement.
Advertisement
Rabe is correct that the hack on the company was most certainly a criminal act, and there is an ongoing investigation in Italy to determine who was behind it. But when it comes to its shady deals, Hacking Team has "operated within the law and all regulation at all times," Rabe added.Media reports are misrepresenting the story because commentators and journalists, who would be "outraged" if a media company had been hacked, "dislike the fact that strong tools are needed to fight crime and terrorism, and Hacking Team provides them."The company again denied reports that its software contained "backdoors" that allowed Hacking Team to have "insight" into its customers operations, and the ability to "disable" its spyware remotely. The reports referenced would appear to be mine, which revealed that Hacking Team indeed had the ability to disable and "kill" its customers surveillance infrastructure remotely as an emergency procedure, something that sources familiar with the software confirmed to me.And even though Hacking Team says that data from customers' investigations using the company's Remote Control System (RCS) spyware was not among the leaked files, some researchers have found IP addresses that seem to belong to actual targets.Marietje Schaake, a member of the European Parliament who recently asked the Italian government to investigate Hacking Team's sales, reacted to the statement by tweeting that if Hacking Team "acted legally, we must update laws.""But companies always have choice to act ethically and morally," she wrote.Hacking Team has "operated within the law and all regulation at all times."