Hacking Team Loses Its Global License To Sell Spyware

Hacking Team is in the news again - never a good thing for a company that’s supposed to be all about stealth and discretion.

The Italy-based Hacking Team, which sells surveillance and hacking tools to governments, suffered an embarrassing hack of its own in July 2015, when 500-GB of internal files, emails and its product source code were dumped online for all the world to see.

In recent months Hacking Team stayed mostly below the radar as it worked to rebuild its business. But the company was just dealt a major setback by the Italian Ministry of Economic Development (MISE), which regulates “dual-use” technologies, so-called because they can be used for both civilian and military purposes.

As first reported recently by the Italian newspaper Il Fatto Quotidiano, the ministry has revoked “with immediate effect” Hacking Team’s “global authorization” to sell its Remote Control System (RCS) spyware suite to a list of 46 countries, mostly outside of the European Union.

The Italian government’s ruling means Hacking Team will need an “individual license” to sell to any of those countries (only some of which are past or current Hacking Team customers), according to a report from Motherboard.

Eric Rabe, Hacking Team’s spokesperson, confirmed in a statement to Motherboard that the company’s global license had been revoked, but that Hacking Team still has a license to sell within the EU and “expects to be given approvals for sales to countries outside the EU.”

MISE told Motherboard that it was aware that in 2015 Hacking Team had exported its products to Malaysia, Egypt, Thailand, Kazakhstan, Vietnam, Lebanon and Brazil.

The ministry explained that “in light of changed political situations” in “one of” those countries, MISE and the Italian Foreign Affairs, Interior and Defense ministries decided Hacking Team would require “specific individual authorization.”

Hacking Team maintains that it does not sell its spyware to governments or government agencies where there is “objective evidence or credible concerns” of human rights violations.

The company also says it is fully compliant with export restrictions under the Wassenaar Arrangement – an international agreement regarding dual-use technologies – and it “reserves the right” to “suspend support” if customers violate the terms of their contracts.

In a report issued after last year’s Hacking Team breach, Privacy International said Hacking Team’s self-regulation is “not enough to ensure that their products are not used for human rights violations,” and recommended stronger export control regulations.

The Italian government revoking Hacking Team’s global license to sell spyware anywhere in the world, and requiring special authorization to deal with certain countries, appears to be a big step in that direction.

Naked Security: http://bit.ly/1VfSPSK

« The First Ghost Ship In The US Robotic Navy
German Police Catch Suspect in Global Cyber Crime Operation »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

IOActive

IOActive

IOActive serves as a trusted security advisor to the Global 500 and other progressive enterprises, helping to safeguard their most important assets and improve their overall security posture.

Magnet Forensics

Magnet Forensics

Magnet Forensics' family of digital forensics products are used globally by thousands of law enforcement, military, government and corporate customers.

Infrascale

Infrascale

Infrascale specialise in providing cloud backup and disaster recovery services.

IS Decisions

IS Decisions

IS Decisions builds affordable and easy-to-use Access Management software solutions, allowing IT teams to effectively secure access to Active Directory infrastructures, SaaS apps and data within.

Secmentis

Secmentis

Secmentis is a cyber security consultancy specializing in penetration testing, threat intelligence, and proactive defense for your IT infrastructure.

Graphus

Graphus

Graphus provides a simple, powerful, automated solution that eliminates 99% of social engineering and spear phishing attacks against G Suite business Gmail users.

Chainalysis

Chainalysis

Chainalysis provides blockchain analysis software to prevent, detect and investigate cryptocurrency money laundering, fraud and compliance violations.

Red Sift

Red Sift

Red Sift is the only integrated cloud email and brand protection platform, supporting organizations to secure their communications.

SafeHouse Technologies

SafeHouse Technologies

SafeHouse is a cloud-based, high-end cybersecurity platform that can secure and insure any device that is connected to it.

Blockchain Firm

Blockchain Firm

Blockchain Firm is a leading Blockchain based software solutions and service provider with our roots of expertise running deep into the technology.

Quantum Generation

Quantum Generation

Quantum Cyber Security for a new age of communications. We are developing the largest decentralized orbital, and ground quantum mesh network based on blockchain technology.

Informatics International

Informatics International

Informatics is a leading ICT provider in Sri Lanka, providing cutting-edge software & infrastructure solutions and services including cyber security.

Tuta

Tuta

Tuta (formerly Tutanota) is an all-in-one email, calendar and contacts app which protects your data with full end-to-end encryption and it requires zero personal information.

IriusRisk

IriusRisk

IriusRisk is an open Threat Modeling platform that automates and supports creating threat models at design time.

Radius Technologies

Radius Technologies

Radius Technologies is trusted by progressive SMEs to deliver world-class cloud, IT solutions, IT and data security, and telecoms systems.

Quantum Squint

Quantum Squint

Quantum Squint is a cutting-edge cybersecurity company specializing in the use of advanced regression management techniques to detect, analyze, and prevent vulnerabilities in digital systems.