Hacking Team CEO insists tools were not compromised

The CEO told reporters in Rome there are 'no problems for security' if customers follow instructions

Hacking Team CEO David Vincenzetti

Hacking Team CEO David Vincenzetti

The founder of the Italian surveillance software company that suffered a disastrous data breach last week sought to reassure clients on Tuesday about the gravity of the intrusion, insisting that Hacking Team's anti-terrorism work has not been jeopardized.

"If the client has followed our instructions there are no problems for security. Only a part of the source code has been stolen," Hacking Team CEO David Vincenzetti told reporters at Milan's Palace of Justice after a five-hour interrogation by Prosecutor Alessandro Gobbis.

"We have provided clients with instructions which will enable them to restore complete security with the next update," Vincenzetti said. The CEO said the hack, which resulted in the theft of 400GB of data and the publication of around 1 million company emails on the WikiLeaks website, had not compromised its most innovative products, which were "capable of combatting the phenomenon of terrorism and appreciated by all Western governments."

The reassurances stand in contrast to the more alarmist account published by Hacking Team in the immediate aftermath of the breach. The company said then it had lost control of its controversial surveillance software, which human rights groups say has been sold to undemocratic regimes for use against journalists and dissidents. "Terrorists, extortionists and others can use it as they like, if they have the technical ability to do so," Hacking Team said in its earlier statement.

Italian law enforcement institutions were Hacking Team's second largest client after those in Mexico, a country ravaged by narcotics-related violence. The data breach has been a source of embarrassment for the Italian government, which appears to have helped to promote the company's services, and for AISE, the Italian foreign intelligence agency, which used its products.

Secret information including the identity of AISE sources and foreign secret service agents has leaked as a result of the hack, Italian newspaper Corriere della Sera reported Tuesday.

"There are references to members of AISE whose identity is covered by official secrecy in the stolen files," said Giacomo Stucchi, the senator who heads the parliamentary committee responsible for secret service oversight. "That's a problem. It's illegal to publish those names."

The intelligence garnered using Hacking Team's spyware was not known to the Milan company and therefore should not have been compromised, Stucchi said in a telephone interview. "When you entrust a private company with such a delicate role you have to be sure they can be trusted. Unfortunately in this case Hacking Team suffered a failure, which is unacceptable. Clearly we will have to be more careful in the future."

Hacking Team even appears to have offered its Remote Control System, codenamed Galileo, to the Vatican Gendarmerie, a police force tasked with protecting the pope and maintaining order, alongside the Swiss Guard, in Vatican City.

In one of the leaked emails, a Hacking Team account manager outlines the advantages of the spyware to Colonel Costanzo Alessandrini of the Vatican police. "Galileo is designed to attack, infect and monitor target PCs and smartphones, in a stealth way," the email says. "It allows you to covertly collect data from the most common desktop operating systems, such as: Windows, OS X, Linux."

The product would also work against Android, iOS, Blackberry and Windows Phone, the salesman claimed. "Once a target is infected, you can access all the information, including: Skype calls, Facebook, WhatsApp, Line, Viber and many more," he said.

Another internal email appears to confirm the existence of a contact with the Vatican: "For Zeron's visit we are thinking of a morning train ride to Milan, with a return that afternoon so he can make his meeting at Vatican on Saturday."

Asked by L'Espresso magazine about the approach from Hacking Team, Alessandrini declined to comment. Given the original Galileo's poor relations with the Vatican, the colonel may have been inclined to reject an offer of spyware named after a man imprisoned for challenging the Catholic Church's view of the cosmos.

Vincenzetti, the Hacking Team CEO, who signs some of his emails with the fascist-era slogan "Boia chi molla" (Never surrender), emerges as a contradictory figure who spent his youth working to protect online privacy and ended up helping oppressive regimes -- in Sudan, Ethiopia and Saudi Arabia -- to violate the privacy of their own citizens.

He oscillates between patriotic fervor -- offering to help protect the nation against a growing cyberthreat from Russia -- and entrepreneurial ambition, reportedly selling his software to Kvant, a research institute said to work closely with Russia's Federal Security Service (FSB).

Vincenzetti appears to have been successful in persuading powerful government officials to lobby on his company's behalf. AISE General Antonello Vitale, who worked for the prime minister's office, was one of his supporters, congratulating him last November on overcoming bureaucratic hurdles. "David, I am pleased that everything seems to be heading toward a solution. Aside from our different roles, I think we are all working to protect a technological niche that is as important to the country as bread," the general wrote in an email last November.

Five months earlier, Hacking Team had billed the prime minister's office 33,625 euros (US$37,000) for its "offensive security" product.

It is still unclear who was behind Hacking Team's disastrous hack, with Vincenzetti himself suggesting it could be the work of a well-financed and patient intelligence service or of disgruntled former employees.

An unnamed former colleague told the publication Lettera43.it that the operation must have been a skilled and painstaking one. "I worked in that team and they really are the best," he said. Presenting the hack as though it had been easy was "another slap to damage the reputation of the company even more".

Stucchi, of the parliamentary committee, said it would be up to the Milan prosecutor to determine the source of the cyberattack. "I was briefed a quarter of an hour ago and there is still no indication as to the source of the hack," he said. "We are relying on the prosecutor, although a global environment like the Web doesn't make it easy."

Join the PC World newsletter!

Error: Please check your email address.

Tags securityHacking Team

Our Back to Business guide highlights the best products for you to boost your productivity at home, on the road, at the office, or in the classroom.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Philip Willan

IDG News Service
Show Comments

Essentials

Microsoft L5V-00027 Sculpt Ergonomic Keyboard Desktop

Learn more >

Lexar® JumpDrive® S57 USB 3.0 flash drive

Learn more >

Mobile

Lexar® JumpDrive® S45 USB 3.0 flash drive 

Learn more >

Exec

Audio-Technica ATH-ANC70 Noise Cancelling Headphones

Learn more >

Lexar® JumpDrive® C20c USB Type-C flash drive 

Learn more >

Lexar® Professional 1800x microSDHC™/microSDXC™ UHS-II cards 

Learn more >

HD Pan/Tilt Wi-Fi Camera with Night Vision NC450

Learn more >

Budget

Back To Business Guide

Click for more ›

Most Popular Reviews

Latest News Articles

Resources

PCW Evaluation Team

Azadeh Williams

HP OfficeJet Pro 8730

A smarter way to print for busy small business owners, combining speedy printing with scanning and copying, making it easier to produce high quality documents and images at a touch of a button.

Andrew Grant

HP OfficeJet Pro 8730

I've had a multifunction printer in the office going on 10 years now. It was a neat bit of kit back in the day -- print, copy, scan, fax -- when printing over WiFi felt a bit like magic. It’s seen better days though and an upgrade’s well overdue. This HP OfficeJet Pro 8730 looks like it ticks all the same boxes: print, copy, scan, and fax. (Really? Does anyone fax anything any more? I guess it's good to know the facility’s there, just in case.) Printing over WiFi is more-or- less standard these days.

Ed Dawson

HP OfficeJet Pro 8730

As a freelance writer who is always on the go, I like my technology to be both efficient and effective so I can do my job well. The HP OfficeJet Pro 8730 Inkjet Printer ticks all the boxes in terms of form factor, performance and user interface.

Michael Hargreaves

Windows 10 for Business / Dell XPS 13

I’d happily recommend this touchscreen laptop and Windows 10 as a great way to get serious work done at a desk or on the road.

Aysha Strobbe

Windows 10 / HP Spectre x360

Ultimately, I think the Windows 10 environment is excellent for me as it caters for so many different uses. The inclusion of the Xbox app is also great for when you need some downtime too!

Mark Escubio

Windows 10 / Lenovo Yoga 910

For me, the Xbox Play Anywhere is a great new feature as it allows you to play your current Xbox games with higher resolutions and better graphics without forking out extra cash for another copy. Although available titles are still scarce, but I’m sure it will grow in time.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?