(테크놀로지) Hacking Team(영문자료)

출처: https://en.wikipedia.org/wiki/Hacking_Team

Hacking Team의 웹사이트: http://www.hackingteam.it

WikeLeaks의 웹사이트: https://wikileaks.org

Hacking Team

Hacking Team is a Milan-based information technology company that sells offensive intrusion 공격적 무단침입 and surveillance capabilities 감시할 수 있는 제품들 to governments 정부 and law enforcement agencies 사법당국. Its remote control systems 원격조종으로 enable governments 정부가 to monitor the communications of internet users 인터넷 사용자의 통신을 모니터링할 수 있고, decipher their encrypted files and emails 그들의 암호화된 문서들이나 이메일을 암호해제하여 열어볼 수 있고 , record Skype 스카이프상 대화나and other Voice over IP communications 그 밖의 IP상 통신을 이용한 보이스톡을 기록할 수 있으며, and remotely activate microphones and camera on target computers 원격조종으로 타켓 컴퓨터의 마이크나 카메라를 작동시킬 수 있다.^[1] The company has been criticized for providing these capabilities to governments with poor human rights records.^[2] Hacking Team states that they have the ability to disable their software if it is used unethically.^[3] 

In June 2014, a report from the University of Toronto detailed the functionality and architecture of Hacking Team’s Remote Control System (RCS) software and operator tradecraft.^[4]

Hacking Team employs around 40 people in its Italian office 해킹팀의 이태리 본사에는 40명의 직원들을 두고 있으며, and has subsidiary branches in Annapolis and Singapore 안나폴리스와 싱가포르에 지사를 두고 있다. Its products are in use in dozens of countries across six continents 현재 6대륙 수십개 나라에서 이 회사의 제품을 사용하고 있다.^[5] 

Contents

  [hide] 

• 1 Company history
  • 1.1 2015 data breach
  • 1.2 Customer List
  • 1.3 Criticisms
  • 1.4 Italian Export Ban
• 2 Capabilities
• 3 See also
• 4 References
• 5 External links

Company history[edit]

Hacking Team was started by two Italian programmers: Alberto Ornaghi and Marco Valleri. Prior to the company's formal establishment, Ornaghi and Valleri created a set of tools that could be used to monitor and remotely manipulate target computers. The program, called Ettercap, was embraced both by hackers looking to spy on people, and by companies that hoped to test the security of their own networks.

The Milan police department learned of the tools. Hoping to use Ettercap to spy on Italian citizens and listen to their Skype calls, the police contacted Ornaghi and Valleri and asked them to help modify the program. Hacking Team was born, and became "the first sellers of commercial hacking software to the police."^[5]

2015 data breach[edit]

On July 5, 2015, the Twitter account of the company was compromised by an unknown individual who published an announcement of a data breach against Hacking Team's computer systems. The initial message read, "Since we have nothing to hide, we're publishing all our e-mails, files, and source code …" and provided links to over 400gigabytes of data, including alleged internal e-mails, invoices, and source code; which were leaked via BitTorrent and Mega.^[6] An announcement of the data breach, including a link to the bittorrent seed, was retweeted by WikiLeaks and by many others through social media.^[7][8]

The material was voluminous and early analysis appeared to reveal that Hacking Team had invoiced the Lebanese Army^{[9][dead link]} and Sudan and that spy tools were also sold to Bahrain and Kazakhstan.^[8] Hacking Team had previously claimed they had never done business with Sudan.^[10]

The leaked data revealed a zero-day cross-platform Flash exploit (CVE number CVE-2015-5119).^[11] The dump included a demo of this exploit by opening Calculator from a test webpage.^[12][13] Adobe patched the hole on July 8, 2015.^[14] Another vulnerability involving Adobe was revealed in the dumps, which took advantage of a buffer overflowattack on an Adobe Open Type Manager DLL included with Microsoft Windows. The DLL is run in kernel mode, so the attack could perform privilege escalation to bypass thesandbox.^[15]

Also revealed in leaked data was Hacking Team employees use of weak passwords, including 'P4ssword', 'wolverine', and 'universo'.^[16]

After a few hours without response from Hacking Team, member Christian Pozzi tweeted the company was working closely with police and "what the attackers are claiming regarding our company is not true."^[17][18] He also claimed the leaked archive "contains a virus" and that it constituted "false info".^[19] Shortly after these tweets, Pozzi's Twitter account itself was apparently compromised.^[20]

Responsibility for this attack was claimed by the hacker known as Phineas Fisher on Twitter.^[21] Phineas has previously attacked spyware firm Gamma International, who produce malware, such as FinFisher, for governments and corporations.^[22]

Customer List 고객 명단[edit]

A full list of Hacking Team's customers were leaked in the 2015 breach. Disclosed documents show Hacking Team had 70 current customers, mostly military, police, federal and provincial governments. The total company revenues disclosed exceeded 40 million Euros.^[23] (Note: The following table is from an unofficial leak. It is not necessarily accurate.)

Customer	Country	Area	Agency	Year First Sale	Annual Maintenance Fees	Total Client Revenues
Polizia Postale	Italy	Europe	LEA	2004	€ 100,000	€ 808,833
CNI	Spain	Europe	Intelligence	2006	€ 52,000	€ 538,000
IDA SGP	Singapore	APAC	Intelligence	2008	€ 89,000	€ 1,209,967
Information Office	Hungary	Europe	Intelligence	2008	€ 41,000	€ 885,000
CSDN	Morocco	MEA	Intelligence	2009	€ 140,000	€ 1,936,050
Italy - DA - Rental	Italy	Europe	Other	2009	€ 50,000	€ 628,250
MACC	Malaysia	APAC	Intelligence	2009	€ 77,000	€ 789,123
PCM	Italy	Europe	Intelligence	2009	€ 90,000	€ 764,297
SSNS - Ungheria	Hungary	Europe	Intelligence	2009	€ 64,000	€ 1,011,000
CC - Italy	Italy	Europe	LEA	2010	€ 50,000	€ 497,349
GIP Saudi	Saudi	MEA	Intelligence	2010	€ 45,000	€ 600,000
IR Authorities (Condor)	Luxembourg	Europe	Other	2010	€ 45,000	€ 446,000
La Dependencia y/o Cisen	Mexico	LATAM	Intelligence	2010	€ 130,000	€ 1,390,000
UZC	Czech Rep.	Europe	LEA	2010	€ 55,000	€ 689,779
Egypt - MOD	Egypt	MEA	Other	2011	€ 70,000	€ 598,000
FBI	USA	North America	LEA	2011	€ 100,000	€ 697,710
Oman - Intelligence	Oman	MEA	Intelligence	2011	€ 30,000	€ 500,000
President Security	Panama	LATAM	Intelligence	2011	€ 110,000	€ 750,000
Turkish National Police	Turkey	Europe	LEA	2011	€ 45,000	€ 440,000
UAE - MOI	UAE	MEA	LEA	2011	€ 90,000	€ 634,500
NSS	Uzbekistan	Europe	Intelligence	2011	€ 50,000	€ 917,038
DOD	USA	North America	LEA	2011		€ 190,000
Bayelsa State Government	Nigeria	MEA	Intelligence	2012	€ 75,000	€ 450,000
Estado del Mexico	Mexico	LATAM	LEA	2012	€ 120,000	€ 783,000
Information Network Security Agency	Ethiopia	MEA	Intelligence	2012	€ 80,000	€ 750,000
State security (Falcon)	Luxemburg	Europe	Other	2012	€ 38,000	€ 316,000
Italy - DA - Rental	Italy	Europe	Other	2012	€ 60,000	€ 496,000
MAL - MI	Malaysia	APAC	Intelligence	2012	€ 77,000	€ 552,000
Morocco - DST	Morocco	MEA	Intelligence	2012	€ 160,000	€ 1,237,500
NISS - National Intelligence and Security Services	Sudan	MEA	Intelligence	2012	€ 76,000	€ 960,000
Russia - KVANT	Russia	Europe	Intelligence	2012	€ 72,000	€ 451,017
Saudi - GID	Saudi	MEA	LEA	2012	€ 114,000	€ 1,201,000
SIS of NSC	Kazakistan	Europe	Intelligence	2012	€ 140,000	€ 1,012,500
The 5163 Army Division (Alias of South Korean National Intelligence Service)	S. Korea	APAC	Other	2012	€ 67,000	€ 686,400
UAE - Intelligence	UAE	MEA	Other	2012	€ 150,000	€ 1,200,000
DEA	USA	North America	Other	2012	€ 70,000	€ 567,984
CBA Poland	Poland	Europe	LEA	2012	€ 35,000	€ 249,200
MOD Saudi	Saudi	MEA	Other	2013	€ 220,000	€ 1,108,687
PMO	Malaysia	APAC	Intelligence	2013	€ 64,500	€ 520,000
Estado de Qeretaro	Mexico	LATAM	LEA	2013	€ 48,000	€ 234,500
Azerbajan NS	Azerbaijan	Europe	Intelligence	2013	€ 32,000	€ 349,000
Governo de Puebla	Mexico	LATAM	Other	2013	€ 64,000	€ 428,835
Governo de Campeche	Mexico	LATAM	Other	2013	€ 78,000	€ 386,296
AC Mongolia	Mongolia	APAC	Intelligence	2013	€ 100,000	€ 799,000
Dept. of Correction Thai Police	Thailand	APAC	LEA	2013	€ 52,000	€ 286,482
SENAIN	Ecuador	LATAM	LEA	2013	€ 75,000	€ 535,000
DIPOL	Colombia	LATAM	LEA	2013	€ 35,000	€ 335,000
Guardia di Finanza	Italy	Europe	LEA	2013	€ 80,000	€ 400,000
Intelligence	Cyprus	Europe	LEA	2013	€ 40,000	€ 375,625
Midworld Barhein	Bahrain	MEA	Intelligence	2013		€ 210,000
Mexico - pemx	Mexico	LATAM	LEA	2013		€ 321,120
Malysia K	Malaysia	APAC	LEA	2013		€ 0
Honduras	Honduras	LATAM	LEA	2014		€ 355,000
Mex Taumalipas	Mexico	LATAM		2014		€ 322,900
Sec. De Planeacion y Finanzas	Mexico	LATAM	LEA	2014	€ 91,000	€ 371,035
AREA	Italia	Europe		2014		€ 430,000
Mexico Yucatan	Mexico	LATAM	LEA	2014		€ 401,788
Mexico Durango	Mexico	LATAM	LEA	2014		€ 421,397
DIE Chile	Chile	LATAM	LEA	2014		€ 2,289,155
Jalisco Mexico	Mexico	LATAM	LEA	2014		€ 748,003
Royal Thai Army	Thailand	APAC	LEA	2014		€ 360,000
Vietnam GD5	Vietnam	APAC		2014		€ 281,170
Kantonspolizei Zurich	Switzerland	Europe	LEA	2014		€ 486,500
Vietnam GD1	Vietnam	APAC	LEA	2015		€ 543,810
Egypt TRD GNSE	Egypt	MEA	LEA	2015		€ 137,500
Lebanon Army Forces	Lebanon	MEA	LEA	2015
Brasil PF	Brazil	LATAM	LEA	2015

Criticisms[edit]

Hacking Team has been criticized for selling its products and services to certain governments such as Sudan, Bahrain, and Saudi Arabia.^[24]

In June 2014, a United Nations panel monitoring the implementation of sanctions on Sudan requested information from Hacking Team about their alleged sales of software to the country in contravention of United Nations weapons export bans to Sudan. Internal records at Hacking Team revealed through the 2015 hacking of their systems disclose that Hacking team had in 2012 sold to Sudan’s National Intelligence and Security Service in Kartoum it's snooping software titled "Remote Control System" for 960,000 euros.^[25][24]

In response to the United Nations panel, the company responded in January 2015 that they were not currently selling to Sudan. In a follow-up exchange, Hacking Team asserted that their product was not controlled as a weapon, and so the request was out of the scope of the panel. There was no need for them to disclose previous sales, which they considered confidential business information.^[26][24]

The U.N. disagreed. “The view of the panel is that as such software is ideally suited to support military electronic intelligence (ELINT) operations it may potentially fall under the category of ‘military … equipment’ or ‘assistance’ related to prohibited items,” the secretary wrote in March. “Thus its potential use in targeting any of the belligerents in the Darfur conflict is of interest to the Panel.”^[27][24]

Italian Export Ban[edit]

In fall of 2014, the Italian government abruptly froze all of Hacking Team’s exports, citing human rights concerns. After lobbying Italian officials, the company eventually won back the right to sell its products abroad.^[24]

Capabilities[edit] 자사가 고객에게 제공하는 서비스들

Hacking Team enables clients to perform remote monitoring functions against citizens via their Remote Control Systems (RCS) including Da Vinci: 해킹팀(회사명)은 고객으로 하여금 다 빈치를 포함한 자사의 원격통제시스템을 통해 고객이 일반인에 대해 이하에 나와 있는 것과 같이 모니터링을 기능을 수행할 수 있도록 해준다.

• Covert collection of emails, text message, phone call history and address books (자사의 원격조종 시스템을 이용해 고객이) 상대방의 이메일, 문자, 전화통화기록, 연락처의 은밀한 수집을 하도록 함
• Keystroke logging (자사의 원격조종 시스템을 이용해 고객이) 키로깅하게 함
• Uncover search history data and take screenshots (자사의 원격조종 시스템을 이용해 고객이) 상대방의 (삭제한) 검색기록 데이타를 드러내고 스크린샷을 찍을 수 있게 함
• record audio from phone calls (자사의 원격조종 시스템을 이용해 고객이) 상대방의 전화통화를 음성녹음하게 함
• Use phones to collect ambient noise and conversations (자사의 원격조종 시스템을 이용해 고객이) 상대방의 전화를 이용해 주변 소음과 대화를 수집함
• Activate phone or computer cameras  (자사의 원격조종 시스템을 이용해 고객이) 상대방의 전화나 컴퓨터 카메라를 활성화 시킴
• Hijack telephone GPS systems to monitor target's location (자사의 원격조종 시스템을 이용해 고객이) 상대방의 위치를 모니터링 하기 위해 전화기의 GPS 시스템을 탈취함

Hacking team uses advanced techniques to avoid draining cell phone batteries, which could potentially raise suspicions, and other methods to avoid detection.^[28][29]

See also[edit]

• FinFisher

References[edit]

1. Jump up^ "Enemies of the Internet: Hacking Team". Reporters Without Borders. Retrieved 24 April 2014.
2. Jump up^ Marczak, Bill; Gaurnieri, Claudio; Marquis-Boire, Morgan; Scott-Railton, John (February 17, 2014). "Mapping Hacking Team's "Untraceable" Spyware".
3. Jump up^ Kopstein, Joshua (10 March 2014). "Hackers Without Borders". The New Yorker. Retrieved 24 April 2014.
4. Jump up^ Marquis-Boire, Morgan; Gaurnieri, Claudio; Scott-Railton, John; Kleemola, Katie (June 24, 2014). "Police Story: Hacking Team’s Government Surveillance Malware". Citizen Lab. University of Toronto. Retrieved August 3, 2014.
5. ^ Jump up to:^a b Jeffries, Adrianne (13 September 2013). "Meet Hacking Team, the company that helps the police hack you". The Verge. Retrieved 21 April 2014.
6. Jump up^ Hacked Team (@hackingteam) at the Wayback Machine (archived July 6, 2015)
7. Jump up^ Inside malware makers "Hacking Team": hundreds of gigabytes of e-mails, files, and source code WikiLeaks on Twitter. July 6, 2015. Retrieved July 6, 2015.
8. ^ Jump up to:^a b "Hacking Team hacked: Spy tools sold to oppressive regimes Sudan, Bahrain and Kazakhstan". Retrieved 2015-07-06.
9. Jump up^ Hacking Team on Twitter
10. Jump up^ Ragan, Steve. "Hacking Team hacked, attackers claim 400GB in dumped data". Retrieved 2015-07-06.
11. Jump up^ "https://helpx.adobe.com/security/products/flash-player/apsa15-03.html".
12. Jump up^ Khandelwal, Swati. "Zero-Day Flash Player Exploit Disclosed In 'Hacking Team' Data Dump". Retrieved 2015-07-06.
13. Jump up^ Pi, Peter. "Unpatched Flash Player Flaw, More POCs Found in Hacking Team Leak". Retrieved 2015-07-08.
14. Jump up^ Adobe Systems (corporate author). "Adobe Security Bulletin". Retrieved 2015-07-11.
15. Jump up^ Tang, Jack. "A Look at the Open Type Font Manager Vulnerability from the Hacking Team Leak". Retrieved 2015-07-08.
16. Jump up^ Whittaker, Zack. "Hacking Team used shockingly bad passwords". Retrieved 2015-07-06.
17. Jump up^ "Christian Pozzi on Twitter". Retrieved 2015-07-06.
18. Jump up^ "Christian Pozzi on Twitter". Retrieved 2015-07-06.
19. Jump up^ "Christian Pozzi on Twitter". Retrieved 2015-07-06.
20. Jump up^ "Christian Pozzi on Twitter: "Uh Oh - my twitter account was also hacked."". 2015-07-06. Retrieved 2015-07-06.
21. Jump up^ Phineas Fisher [gammagrouppr] (6 July 2015). "gamma and HT down, a few more to go :)" (Tweet).
22. Jump up^ Osbourne, Charlie. "Hacking Team: We won't 'shrivel up and go away' after cyberattack". Retrieved 2015-07-06.
23. Jump up^ https://ht.transparencytoolkit.org/Amministrazione/01%20-%20CLIENTI/5%20-%20Analisi%20Fatturato/2015/02%20-%20Client%20Overview%202015/Client%20Overview_list_20150603.xlsx
24. ^ Jump up to:^{a b c d e} Currier, Cora; Marquis-Boire, Morgan. "A Detailed Look at Hacking Team’s Emails About Its Repressive Clients". Retrieved 7 July 2015.
25. Jump up^ Hay Newman, Lily. "A Company That Sells Surveillance Software to Authoritarian Regimes Got Hacked Itself". Retrieved 2015-07-06.
26. Jump up^ Myers West, Sarah. "Hacking Team Leaks Reveal Spyware Industry's Growth, Negligence of Human Rights". Retrieved 8 July 2015.
27. Jump up^ Knibbs, Kate. "Hacking Team's Lame Excuse for Selling Digital Weapons to Sudan". Retrieved 2015-07-08.
28. Jump up^ Schneier, Bruce. "More on Hacking Team's Government Spying Software".
29. Jump up^ "Hacking Team Tools Allow Governments To Take Full Control of Your Smartphone". Retrieved 2015-07-06.

External links[edit]

• Official website
• Hacking Team Archives - investigative reports published by The Citizen Lab.