On July 2015, the Italian surveillance company Hacking Team suffered one of the worst data breaches in the history. Unknown attackers have exfiltrated some 400Gbs of data, including internal emails, exploit source code and invoices.
A few months later, the company has resumed its operations and started working with a new set of tools for its arsenal.
In October, Motherboard obtained a copy of a non-public email sent by the CEO David Vincenzetti to a mailing list made of potential and current customers on October 19.
Vincenzetti announced a totally new cyber arsenal, he defined its new tools as game changers,
[Hacking Team is] “finalizing brand new and totally unprecedented cyber investigation solutions, game changers, to say the least.”
Now the company has received another blow, the Italian Government authority who oversees the export of “dual use” technologies, named “Autorità per l’esportazione beni a duplice uso,” has revoked the “global authorization” to export its surveillance software at the end of March.
The authority is controlled by the Italian Ministry of Economic Development (MISE) that revoked “with immediate effect” the global authorization granted to the company the year before.
According to the Italian newspaper Il Fatto Quotidiano that first reported on the news, the MISE revoked the authorization two years before the deadline of April 30, 2018.
What will happen?
The Hacking Team will have to ask permission for every sale of its spyware to clients outside the European Union. The Hacking Team can still sell its surveillance software to organizations within the European Union without express authorization.
According to the Il Fatto Quotidiano one of the reasons for the revocation is the diplomatic situation with the Egyptian Government that is accused of covering the truth on the murder of Italian student Giulio Regeni.
According to an anonymous email received by the Italian Government, Regeni was abducted, tortured and killed by the Egyptian secret services.
A source close to Hacking Team referred Vincenzetti went on to reassure its employees that the situation is under control and is not new for the company, a similar restriction was imposed to the organization between October 2014 and April 2015.
The Italian newspaper Il Corriere Della Sera a couple of weeks ago has revealed that the Italian authorities have launched an investigation on the Hacking Team in order to examine it conduct when exporting the surveillance software, an activity referred to past sales.
The company always explained that all the sales were conducted in accordance with current laws and regulations.
Let’s sit and wait to see the response of the lawyers of the company.
(Security Affairs – Hacking team, surveillance)