A screenshot from the leaked document detailing some of Hacking Team's finance customers. (The July 6, 2015 date in the lower left corner is due to PowerPoint automatically updating the date when the document was opened.)

Big Banks Worked with Hacking Team, Which Also Sells Spy Tools to Dictators

After a colossal hack, details of Hacking Team's business deals with big banks have emerged.

|
Jul 6 2015, 2:30pm

A screenshot from the leaked document detailing some of Hacking Team's finance customers. (The July 6, 2015 date in the lower left corner is due to PowerPoint automatically updating the date when the document was opened.)

Hacking Team, a controversial Italian company that specialises in selling powerful surveillance software, has been colossally hacked. Included in a 400GB cache of files released publicly are alleged hotel bills, invoices from government agencies for computer exploits, passwords, and possibly even the source code for a number of the company's products.

The company is famous for selling spying tech to everyone from the US Drug Enforcement Administration to authoritarian regimes in countries including Ethiopia. Now, details have emerged of Hacking Team's relationship with the corporate sector, and in particular the finance industry.

In a PowerPoint presentation named "Finance Customers", the logos of just under two dozen banks and insurance companies are presented. They include Deutsche Bank, one of Germany's largest banks; Barclays, which operates in 50 different countries; and ING Direct, a subsidiary of the dutch ING Group. Elsewhere in the hacked archive are details of products sold to these as well as other, smaller private companies.

It appears that the items or services sold are defensive in nature. Barclays received an internal review of its systems in 2011 for over 74,000 euros according to an invoice, and one document is a security audit carried out on behalf of Deutsche Bank, dating back to 2004. This took the form of an "Ethical Hacking" report, which is the product of a security company being hired to purposely try to break into a client's systems, in order to gauge the strength of their defenses.

A screenshot from the leaked document detailing some of Hacking Team's finance customers. (The July 6, 2015 date in the lower left corner is due to PowerPoint automatically updating the date when the document was opened.)

Hacking Team "analyzed all the weaknesses identified and, where possible, we recommend the most appropriate solutions to solve the problem at hand," according to a Google translation of the Italian document.

Perhaps the most popular service offered to the financial sector by Hacking Team is security consultation. ING Direct paid Hacking Team 6,500 euros for consultancy sessions in 2012, as did a number of banks.

Hacking Team has also provided products such as VPNs and a "CryptoCard" solution, according to invoices. The latter, which is presumably a form of two factor authentication, was sold to Editoriale Domus, an Italian publishing house. Hacking Team also sold larger hardware to RSA, an Italian insurance company, for the purpose of "intrusion prevention", according to a Google translation of an invoice in Italian.

The cover for a Deutsche Bank security test report.

Hacking Team isn't just selling its own services, but also those of other companies in the surveillance industry. According to an invoice, Hacking Team also sold RSA a number of products from the company Blue Coat, including its "Web Filter" product, along with an anti-virus suite.

Blue Coat has reportedly sold censorship and surveillance technologies to the Syrian regime. The Web Filter sold to RSA is advertised as a tool to stop people accessing certain webpages, according to the Blue Coat website.

Finally, Hacking Team has also been providing some really banal items too. One invoice details a now-redundant type of power adapter.

The documents offer a look into a side of Hacking Team's business that has been overshadowed by other endeavours. Hacking Team is particularly famous for selling its "Remote Control System," otherwise known as "Galileo," an easy to use hacking suite which, according to a promotional video, is capable of intercepting Skype and voice calls, social media messages, and a variety of other things, across a wide range of operating systems once a target's computer has been infected. The company has gained so much notoriety that it was labelled as an Enemy of the Internet by Reports Without Borders.

Although these newly-revealed items may not be as scandalous as the export of computer exploits, they still show that Hacking Team has fruitful relationships with the financial sector stretching back over a decade. How the company's business with the industry will change after this hack remains to be seen.

Eric Rabe, Hacking Team's media contact, did not reply to multiple requests for comment. At the time of writing, the company's website is offline.

Correction 7/7/15: This article originally referred to as ING Direct as an Australian bank. The Australian division of ING Direct is a subsidiary of the Dutch ING Group, which invoices show conducted business with Hacking Team.