The Hacking Team Hack (2015): Difference between revisions

|Unknown. However, the hacker asserts to be a lone wolf under the nickname of Phineas Fisher. Further investigations did not clarify whether the attack has been conducted by a single hacker or an organization.

|The hacker managed to exploit a vulnerability on one of the embedded devices of the company´s network.<ref>J M Porup, [https://arstechnica.com/information-technology/2016/04/how-hacking-team-got-hacked-phineas-phisher/ “How Hacking Team got hacked”], (19 April 2016), Ars Technica. </ref> Once obtained a remote root exploit, the malicious actor has been able to gain administrative privileges inside the company’s main Windows network. From there, the hacker has been able to navigate within the network and steal a considerable amount of data.<ref>L Franceschi-Bicchierai, [https://motherboard.vice.com/en_us/article/3dad3n/the-vigilante-who-hacked-hacking-team-explains-how-he-did-it “The Vigilante Who Hacked Hacking Team Explains How He Did It”], (16 April 2016), Motherboard. </ref>

|The hacker claimed that the attack was conducted to punish the Hacking Team company for selling digital surveillance products considered as human rights enabler . The attack also highlighted that many of the company’s customers have been authoritarian regimes.<ref>E Auchard, J Menn, [https://www.reuters.com/article/us-cybersecurity-hacking-team/surveillance-software-maker-hacking-team-gets-taste-of-its-own-medicine-idUSKCN0PG16720150706 “Surveillance software maker Hacking Team gets taste of its own medicine”], (6 July 2015), Reuters. </ref>

|Theft and leak of more than 400 Gigabytes including internal emails, files and their Remote Control System (RCS) source code.<ref>A Hern, [https://www.theguardian.com/technology/2015/jul/11/hacking-team-hack-state-surveillance-human-rights “Hacking Team hack casts spotlight on murky world of state surveillance”], (11 July 2015), The Guardian.</ref> The malicious actor hacked the Twitter account of the company and posted a message containing a link to the torrent file containing the files. Around 80% of the company’s spyware source code has been put visible online.<ref>D Kushner, [https://foreignpolicy.com/2016/04/26/fear-this-man-cyber-warfare-hacking-team-david-vincenzetti/ “Fear This Man”], (26 April 2016), Foreign Policy.</ref>

|The attack has been followed by the release of a “do it yourself guide” that explains how the attack has been conducted.<ref>Phineas Fisher, [http://pastebin.com/raw/0SNSvyjJ “Hack Back! A DIY Guide”], () [http://pastebin.com/raw/0SNSvyjJ http://pastebin.com/raw/0SNSvyjJ] </ref> This has to be considered as the Phineas’ Manifesto, including both its political motivations and technical details of the hack.<ref>Pierluigi Paganini, [https://securityaffairs.co/wordpress/46416/data-breach/how-phineasfisher-hacking-team.html “The hacker PhineasFisher published a detailed explanation of how he has hacked the Italian surveillance firm Hacking Team”], (18 April 2016), Security Affairs. </ref> The leaked material showed that the Hacking Team sold surveillance tools to repressive regimes such as Ethiopia, Sudan, Russia, or Saudi Arabia which have been used to spy on journalists and activists.<ref>A Hern, [https://www.theguardian.com/technology/2015/jul/06/hacking-team-hacked-firm-sold-spying-tools-to-repressive-regimes-documents-claim “Hacking Team hacked: firm sold spying tools to repressive regimes, documents claim”], (6 July 2015), The Guardian.</ref> The attack to the company and the leaking of documents rendered the surveillance tools public and available for everybody. In the DIY guide, Phineas defined the attack as ethical hacking. <ref>CSO Press, [https://www.csoonline.com/article/3057200/security/hacker-who-hacked-hacking-team-published-diy-how-to-guide.html “Hacker who hacked Hacking Team published DIY how-to guide”], (17 April 2016), CSO.</ref>