• United States




Hacking Team hacked by whom?

Jul 21, 20153 mins
Data Breach

I tried. $deity I tried not to comment on the story about the morally questionable firm dubbed “Hacking Team”. But, then the spin came that they claimed they had been compromised by a foreign government. I can no longer sit on my hands and rock back and forth. When they made the claim that a foreign government had breached their network I slumped in my chair in amazement. After what has come to light with their use of laughable passwords and other things, I’m fairly certain that I will require someone with a mop and bucket to clean up now that my head has well and truly exploded.

When the emails from Hacking Team showed up on Wikileaks as a searchable archive, I know that many of us could not help but to have a peek. In that trove of data was laid bare the darker side of things. Selling to countries with horrid records of human rights abuses all the way through to airline loyalty card updates. It was horribly visceral. I had no sympathy for the company but, I felt the pain of having everything laid bare.

In what should be an extinction level event for the company, they seem to soldier on with announced appearances at ISS World South Africa in Johannesburg. Not sure that their clientele has the ability to read the news.

One of the things that came to light in the data breach was that they would use an Active Directory server to download torrents. This struck me as the smoking gun as to what happened. No, I don’t mean that was the where or how the attack took place. What I mean is that this struck me as where the fundamental breakdown occurred. They were not employing anything resembling a defensive program. Before anyone protests, let me refer to the Wikileaks dump.

There are some fundamental things that need to be tackled at the beginning. One of the things that you need to deal with in an organization is, oh I don’t know, PASSWORDS? One of the stunning aspects of the breach was the revelation that this “hacking team” apparently was password impaired. In most cases of a data breach there are lessons to be learned. I don’t believe that there is enough time to cover everything that was wrong with this outfit.

The passwords problem and the apparent lack of common sense regarding downloading torrents on to an Active Directory system leads me to have a better idea as to who compromised their network. Basically, anyone with a mastery of Google searching.

This is a company that operates at the legal fringes. They have a demonstrated inability to have a moral compass and were derelict in their duties to secure their own environment. When they made the assertion that they had been potentially breached by a foreign government I had to laugh. I’m not talking about a small giggle. I mean a full blown belly laugh of derision.


Dave Lewis has over two decades of industry experience. He has extensive experience in IT security operations and management. Currently, Dave is a Global Security Advocate for Akamai Technologies. He is the founder of the security site Liquidmatrix Security Digest and co-host of the Liquidmatrix podcast.

The opinions expressed in this blog are those of Dave Lewis and do not necessarily represent those of IDG Communications, Inc., its parent, subsidiary or affiliated companies.

More from this author