Hacking Team

htHacking Team describes its lawful interception products as "offensive technology" and has been called into question over deliveries to Morocco and the United Arab Emirates. The company’s "Remote Control System," called DaVinci, is able, it says, to break encryption on emails, files and Internet telephony protocols.

The Company

Hacking Team is a Milan-based business offering "offensive" capabilities for law enforcement agencies on six continents. The company employs around 40 people in Milan. It has offices in Annapolis, USA, and Singapore. The company defines itself in these terms : "Here in Hacking Team we believe that fighting crime should be easy: we provide effective, easy-to-use offensive technology to the worldwide law enforcement and intelligence communities. Technology must empower, not hinder."[1]

Portfolio

Remote Control System is an IT stealth investigative tool for LEAs. (It is offensive security technology. It is spyware. It is a trojan horse. It is a bug. It is a monitoring tool. It is an attack tool. It is a tool for taking control of the endpoints, that is, the PCs).[2]

Hacking Team’s "DaVinci" Remote Control System is able, the company says, to break encryption and allow law enforcement agencies to monitor encrypted files and emails (even ones encrypted with PGP), Skype and other Voice over IP or chat communication. It allows identification of the target’s location and relationships. It can also remotely activate microphones and cameras on a computer and works worldwide. Hacking Team claims that its software is able to monitor hundreds of thousands of computers at once, all over the country. Trojans are available for Windows, Mac, Linux, iOS, Android, Symbian and Blackberry.[3]

In modern digital communications, encryption is widely employed to protect users from eavesdropping. Unfortunately, encryption also prevents law enforcement and intelligenceagencies from being able to monitor and prevent crimes and threats to the country security.

Remote Control System (RCS) is a solution designed to evade encryption by means of an agent directly installed on the device to monitor. Evidence collection on monitored devices is stealth and transmission of collected data from the device to the RCS server is encrypted and untraceable. For Governmental LEAs and Agencies ONLY. [Highlights by Reporters Without Borders][4]

The companies spokesperson, Eric Rabe, said, without going into details, that the company is able to monitor how their software is being used by customers.[5]

 Involvement in critical countries

The company says it does not sell its software to countries that abuse human rights and that the product is used in around 30 countries worldwide on five continents.

Software developed by Hacking Team is sold exclusively to government agencies, and it is never sold to countries that international organizations including the European Union, NATO and the US have blacklisted.  An external committee of legal experts reviews each proposed sale to assure compliance with our policies. Contracts with the government purchasers limit the permissible uses of our software. We monitor news media and other public communications such as blogs and Internet comment for reports of abuses and investigate when appropriate.

However, several media reports and research by IT security experts have found traces of Hacking Team software in countries that do not have a good record on democracy and human rights.

Involvement in Morocco

Hacking Team software was identified on the office computers of the Moroccan news website Mamfakinch just days after it received the 2012 Breaking Borders Award from Global Voices and Google. The malware was transmitted via an infected Word document that purportedly contained important confidential information.

Asked by Reporters Without Borders to comment on media reports that Hacking Team’s software has been used in Morocco, the company’s spokesperson did not deny that it had been deployed there:

We take precautions to assure our software is not misused and we investigate cases suggesting it may have been.  However, we do not disclose client names or the location of our clients. (answer sent via email to Reporters Without Borders)

United Arab Emirates

Morgan Marquis-Boire, a security expert, examined corrupted attachments in an email that was sent to Ahmed Mansoor, a blogger who is from the United Arab Emirates. He found strong indications that a Trojan it contained came from Hacking Team. His findings have been published by the Citizen Lab, a University of Toronto institute specialising in digital issues.[6]