Ja zelfs NRC-Handelsblad had opeens een hele pagina met het verhaal:
De hackers gehackt, de lekken gelekt
Galileo is een remote control system (RCS) dat volledig toegang heeft tot telefoons en computers. Om in te breken gebruikt Hacking Team nieuwe softwarefouten, die nog niet door de fabrikant zijn gerepareerd. Het is een omstreden methode; als zulke lekken zelf uitlekken, bedreigt dat alle internetters. Dat verklaart Adobes ijver om „the most beautiful Flash bug in the last four years” deze week onmiddellijk te dichten – die omschrijving komt van medewerkers van Hacking Team.
Hacking Team is ook controversieel omdat de software gebruikt wordt door regeringen die daarmee politieke tegenstanders afluisteren. De inbrekers, vermoedelijk hacktivisten, wilden Hacking Team daarvoor aan de schandpaal nagelen.
Daarin zijn ze geslaagd. Het Italiaanse bedrijf bleek slecht beveiligd – terwijl de medewerkers zich ervan bewust waren dat ze onder vuur lagen van de hacktivisten. Hacking Team werd gerekend tot de „vijanden van het internet”, net als andere producenten van spionagesoftware.
Desondanks gebruikten ze zwakke wachtwoorden en bleken de computers die ‘los’ van internet hoorden te staan toch met de buitenwereld verbonden – een doodzonde in de beveiligingsindustrie.
„Hacking Team krijgt een koekje van eigen deeg”, zegt Bart Jacobs. De Nijmeegse hoogleraar digitale beveiliging is adviseur voor de Nederlandse Cyber Security Raad. Volgens hem zou de Nederlandse politie zich niet moeten inlaten met een bedrijf dat handelt in „softwarelekken met een laagje vernis eromheen”.
Volgens Jacobs heeft de overheid als taak om de veiligheid te verbeteren: „Onze infrastructuur is al rot genoeg. Softwarefouten moet je niet exploiteren, maar zo snel mogelijk publiek maken zodat ze gerepareerd kunnen worden.” De handel in zero day exploits, nieuwe softwarelekken, voltrekt zich in het zwarte circuit, waar zowel cybercriminelen als opsporingsdiensten hun slag slaan.
NRC Handelsblad - In het nieuws - Cybercriminaliteit - 10 juli 2015
Wat ze bedoelen met ‘los’ van internet:
Want to Evade NSA Spying? Don't Connect to the Internet
Since I started working with Snowden’s documents, I have been using a number of tools to try to stay secure from the NSA. The advice I shared included using Tor, preferring certain cryptography over others, and using public-domain encryption wherever possible.
I also recommended using an air gap, which physically isolates a computer or local network of computers from the internet. (The name comes from the literal gap of air between the computer and the internet; the word predates wireless networks.)
Since we know that computers connected to the internet are vulnerable to outside hacking, an air gap should protect against those attacks. There are a lot of systems that use — or should use — air gaps: classified military networks, nuclear power plant controls, medical equipment, avionics, and so on.
Osama Bin Laden used one. I hope human rights organizations in repressive countries are doing the same.
Air gaps might be conceptually simple, but they’re hard to maintain in practice. The truth is that nobody wants a computer that never receives files from the internet and never sends files out into the internet. What they want is a computer that’s not directly connected to the internet, albeit with some secure way of moving files on and off.
But every time a file moves back or forth, there’s the potential for attack.
[quote=“alkema_jm, post:82, topic:354”]Ik denk dat ze minder makkelijk gehacked hadden kunnen als ze de data met (prompt) password hadden beveiligd:
He did, however, say that “all” Hacking Team’s files are encrypted, but since the attackers got access to the administration system, they got access “to encrypted documents.”[/quote]
Dat moet jou toch aan het denken zetten? Je kan het gaan dichttimmeren met Tor en alles maar iemand die slordig te werk gaat is evengoed nog de klos, achter z’n rug om waren ze al door het keukenraam naar binnen geklommen. Beetje sullig wel, niks ‘Tor-capability’, maar binnen is binnen in die wereld:
How Hacking Team Created Spyware that Allowed the FBI To Monitor Tor Browser
Hacking Team described how it solved the problem in a PowerPoint presentation, bragging that, “Our solution is the only way to intercept TOR traffic at the moment.”
When a user opens Tor Browser, their computer starts the Tor program in the background, and in the foreground it opens up a modified version of Firefox that’s configured to force all its traffic to go through the Tor program. The solution was to modify Tor Browser on a hacked computer to force all of its traffic to go through an outside server that the attacker controls, rather than the one provided by the Tor program. When the hacked user loads a website in Tor Browser, the malware is then able to spy on the traffic before it gets handed off to the Tor network to be anonymized. Last week the Tor Project published their own brief analysis of this capability.
But Hacking Team had no capability against the Tor network itself; it could only spy on people if their computer was already infected by Hacking Team spyware.
Die zegsman van Hacking Team die jij aanhaalde, dat is ene Eric Rabe, die komt heel even aan het woord in een aflevering van VPRO Tegenlicht in oktober vorig jaar:
Zero Days: veiligheidslekken te koop
Er is nieuw goud aan te boren via het internet en mogelijk in uw computer. Geheime achterdeurtjes, waar nog geen digitale sleutel voor is, worden verhandeld voor astronomische bedragen. In de cyber-wereldhandel waar geen regels gelden, heeft u geluk met ‘white-hat’-hackers die waken over uw online veiligheid. Maar hun tegenhangers, de zogenaamde ‘black-hat’-hackers, hebben belang bij een onveilig internet en verkopen veiligheidslekken aan de hoogste bieder. Zij zijn de hofleveranciers van veiligheidsdiensten en cyberdefensie. Wie zijn deze witte en zwarte tovenaars, die strijden om de heilige graal voor hackers: zero-days?
Bij WikiLeaks is na te lezen hoe dat stukje interview van net 60 seconden tot stand kwam. Voor een bedrijf dat 40 miljoen ophaalt met spyware lijken ze toch wat onzeker van hun zaak:
2014-05-21 11:12:12 From: h.busstra@vpro.nl To: info@hackingteam.com
Subject: Interview for Dutch documentary VPRO Backlight
Dear Hackingteam staff,
For VPRO Backlight, a Dutch national television documentary series, we work on a documentary on the future of cyber security. In this fast developing domain where new threats rise every day we want to portrait some key players that assist governments and national security agencies in keeping track. In the Netherlands we will be filming Ronald Prins, CEO of FOX-IT who educates the Dutch cyber military.
Kind regards,
Hans Busstra
Dit verzoek gaat vervolgens de organisatie in:
2014-05-21 11:25:55 From: d.vincenzetti@hackingteam.com To media@hackingteam.com
Good morning Eric,
Whats is your authoritative opinion on this, please?
David
En weer terug:
2014-05-22 02:26:54 From: d.vincenzetti@hackingteam.com To: eric, media
Thank you Eric. I am copying your meaningful reply to the MEDIA@ alias.
David
On May 21, 2014, at 7:43 PM, Eric Rabe eric.rabe@verizon.net wrote:
I think the risks here are much the same as with the requested interview from German TV that we have not granted. The “future of cyber security” could easily wind up in the finished project as “deteriorating privacy online” or even “how some companies are responsible for human rights abuse.” Of course, the documentary can take this direction with or without our interview.
That said, my general feeling is that its always worth engaging with folks like these rather than sidestepping them. By stonewalling, we suggest that somehow we are ashamed of what we do or that we operate in secret and don’t accept any accountability. Since in HT’s case, that is not true, it seems to me that engaging presents an acceptable risk, even if in the end the report is not everything we’d like.
If you agree, I can email Hans Busstra and see what more there is to learn. One thing, however, is that I would not agree to let them use a portion of the HT video. It could easily be misunderstood out of context.Best,
Eric
Alleen heeft de VPRO een maand later nog niets gehoord:
2014-06-17 12:59:44 From: h.busstra@vpro.nl To: info@hackingteam.com
Dear sir, madam,
A couple of weeks ago i sent you the attached e-mail. For our documentary about cybersecurity we would appreciate it very much if we could do an interview with your company. Also we would like to use a fragment of your Galileo promotional film in our episode. Could you let us know under what conditions we can use this footage?
We hope to hear from you!
Kind regards,
Hans Busstra
Hacking Team’s CEO, giechel-giechel:
2014-06-17 13:50:47 From: d.vincenzetti@hackingteam.com To: media@hackingteam.com
They are trying again
:-)I take that they have a guests (contents) shortage of some sort.David
Professionals die professionals inhuren:
2014-06-18 02:26:38 From: d.vincenzetti@hackingteam.com To: eric, david
All right
:-)David
David Vincenzetti
CEOOn Jun 17, 2014, at 7:10 PM, Eric Rabe ericrabe@me.com wrote:
I’ll get back and politely decline.
Eric
Niet duidelijk wat er intussen veranderd is maar na weer een maand laten ze toch iets van zich horen:
2014-07-03 20:44:01 From: ericrabe@me.com To: d.vincenzetti@hackingteam.com, g.russo@hackingteam.com, fredd0104@aol.com
David,
I have now spoke with Hans Busstra at VPRO TV and his researcher, Marijntje Denters. Their organization is similar to the BBC, a government/private TV service for Holland. The documentary they plan would be broadcast on Channel 2, The Netherlands, sometime in the fall, probably in October.
Our conversation was businesslike. I did not detect an agenda beyond their desire to report on the capacity governments are developing to operate in the cyber age.
…
I propose we go ahead, and work out the logistics. I have explained that we are not willing to permit them to visit our offices or labs, and the I would be the person doing the interview. I have offered to travel to meet them, however, they are coming to the USA for the DefCon trade show in August, and it is possible the interview could be done here.
Let me know what you think, or any questions you have.And Happy 4th of July!
Eric
Argwanend zijn ze nog wel:
2014-07-03 20:59:01 From: fredd0104@aol.com To: ericrabe@me.com, d.vincenzetti@hackingteam.com, g.russo@hackingteam.com
Eric
Are you able to find any other documentaries he has done. We want to make sure he is not the Michael Moore of Holland:-)
Fred
Sent from my iPad
Maar alles komt goed, uiteindelijk wordt er door de VPRO in de VS een interview met de woordvoerder opgenomen:
2014-08-12 15:04:37 From: ericrabe@me.com To: d.vincenzetti@hackingteam.com, g.russo@hackingteam.com, fredd0104@aol.com
Begin forwarded message:
From: Hans Busstra hansbusstra@gmail.com
Subject: Galileo Video
Date: August 12, 2014 at 10:03:52 AM EDT
To: Eric Rabe ericrabe@me.comHi Eric,
I’m looking back on a very good interview and really think our episode will give a balanced view. I’m really glad that HT was willing to do this and think you convincingly made an argument for HT’s products.
Like I said “Backlight” likes to turn things around, not playing the standard journalistic blame-game but making people think for themselves. I really hope our episode could do this.
Best wishes,
Hans
Blijkens de e-mailwisseling werd er voor 60 minuten opgenomen maar de woordvoerder van Hacking Team wordt in de aflevering van Tegenlicht uiteindelijk maar sprekend opgevoerd van 41:34 tot 42:44.
De afwikkeling:
2014-09-03 12:39:59 From: ericrabe@me.com To: l.rana@hackingteam.com
Attached is the invoice for consulting services during August, 2014. As you recall, during the month, I traveled to Las Vegas, NV, for an interview with the Dutch TV documentary unit, VPRO. I had minimal expenses for this trip, because I negotiated with VPRO to cover air travel, hotel and most meal expenses. So here is a second invoice for just a few miscellaneous expenses for my return to Philadelphia. Receipts for these expenses are attached.