July 8, 2015
Information related to the attacks on HackingTeam on July 6, 2015
It is now apparent that a major threat exists because of the posting by cyber criminals of HackingTeam proprietary software on the Internet the night of July 6. HackingTeam’s investigation has determined that sufficient code was released to permit anyone to deploy the software against any target of their choice.
Before the attack, HackingTeam could control who had access to the technology which was sold exclusively to governments and government agencies. Now, because of the work of criminals, that ability to control who uses the technology has been lost. Terrorists, extortionists and others can deploy this technology at will if they have the technical ability to do so.
We believe this is an extremely dangerous situation.
HackingTeam is evaluating if it is possibile to mitigate the danger. We expect too that anti-virus companies are upgrading their programs to detect the compromised RCS.
# # #
HackingTeam engineers are working around the clock to provide an update to the Remote Control System that will allow clients to resume criminal and intelligence investigations.
In response to HackingTeam’s request, virtually all clients have suspended use of the system that was compromised in the attack.
This is an important step to protect on-going police and intelligence investigations.
There have been reports that HackingTeam has ‘backdoors’ in its systems that would allow us to control the systems remotely. This is simply not true. Clients operate our technology on their own computer systems, and so it is clients who must take action to suspend operations.
# # #
For further information:
Eric Rabe, Chief Marketing and Communications Officer, +39 337 1143876
March 10, 2015
HackingTeam Response to Citizen Lab Report of March 9, 2015
Citizen Lab, at the University of Toronto has published a report attempting to link Hacking Team technology to what the report alleges have been efforts by the government of Ethiopia to target journalists. Citizen Lab released a similar report in February of 2014.
We cannot identify our clients since to do so could jeopardize ongoing law enforcement investigations. Obviously, clients require this confidentiality in order to conduct legitimate legal surveillance of suspects in cases of crime, terrorism or other illegal activity.
At any time that we become aware of allegations of abuse of our software, we investigate. Sometimes we find that our technology is not involved as alleged. Other times we may find that circumstances exist that cannot be disclosed or known to the person or agency making the allegations. In other cases we may find a use of our software that violates our agreement with clients.
We take appropriate action depending on what we can determine. In cases where we find that an agency is misusing our technology, we can take a variety of actions up to and including suspending support for the system.
Of course, we take precautions with every client to assure that none abuses our system.
We have described the obligations we expect customers to abide by in our Customer Policy. We do our own evaluation before we agree to accept a client, and we consider the pubic record of a client at that time. In the past, we have declined to do business when we thought there was likely to be misuse our technology. Should questions arise after we contract with a client, we then reevaluate the situation. We take action when we believe it is warranted.
Our contracts include provisions consistent with our Customer Policy. Furthermore, the laws of the countries of our clients govern the use of our technology, and the Italian Economics Ministry under the Wassenaar protocols governs our sale of this technology.
We do not report the results of our investigation to the press or other groups, because we consider this to be an internal business matter. Of course, we rely on the International community to enforce its standards for human rights protection.
We believe HackingTeam has gone further than any other company to address the concerns of human rights organizations and Citizen Lab not only through our own policies but also by complying with international standards including the Wassenaar Arrangement protocols. No other company has agreed to this level of oversight for surveillance technologies.
For further information:
Chief Marketing and Communications Officer
For further information on this and related news, go to their website at http://www.hackingteam.it/index.php/about-us