Hacking Team Loses Its Global License To Sell Spyware

Uploaded on 2016-04-20 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW

Hacking Team is in the news again - never a good thing for a company that’s supposed to be all about stealth and discretion.

The Italy-based Hacking Team, which sells surveillance and hacking tools to governments, suffered an embarrassing hack of its own in July 2015, when 500-GB of internal files, emails and its product source code were dumped online for all the world to see.

In recent months Hacking Team stayed mostly below the radar as it worked to rebuild its business. But the company was just dealt a major setback by the Italian Ministry of Economic Development (MISE), which regulates “dual-use” technologies, so-called because they can be used for both civilian and military purposes.

As first reported recently by the Italian newspaper Il Fatto Quotidiano, the ministry has revoked “with immediate effect” Hacking Team’s “global authorization” to sell its Remote Control System (RCS) spyware suite to a list of 46 countries, mostly outside of the European Union.

The Italian government’s ruling means Hacking Team will need an “individual license” to sell to any of those countries (only some of which are past or current Hacking Team customers), according to a report from Motherboard.

Eric Rabe, Hacking Team’s spokesperson, confirmed in a statement to Motherboard that the company’s global license had been revoked, but that Hacking Team still has a license to sell within the EU and “expects to be given approvals for sales to countries outside the EU.”

MISE told Motherboard that it was aware that in 2015 Hacking Team had exported its products to Malaysia, Egypt, Thailand, Kazakhstan, Vietnam, Lebanon and Brazil.

The ministry explained that “in light of changed political situations” in “one of” those countries, MISE and the Italian Foreign Affairs, Interior and Defense ministries decided Hacking Team would require “specific individual authorization.”

Hacking Team maintains that it does not sell its spyware to governments or government agencies where there is “objective evidence or credible concerns” of human rights violations.

The company also says it is fully compliant with export restrictions under the Wassenaar Arrangement – an international agreement regarding dual-use technologies – and it “reserves the right” to “suspend support” if customers violate the terms of their contracts.

In a report issued after last year’s Hacking Team breach, Privacy International said Hacking Team’s self-regulation is “not enough to ensure that their products are not used for human rights violations,” and recommended stronger export control regulations.

The Italian government revoking Hacking Team’s global license to sell spyware anywhere in the world, and requiring special authorization to deal with certain countries, appears to be a big step in that direction.

Naked Security: http://bit.ly/1VfSPSK

« The First Ghost Ship In The US Robotic Navy
German Police Catch Suspect in Global Cyber Crime Operation »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Assure Technical

Assure Technical

Assure Technical offers a holistic approach to Technical Security. Our expertise and services span across the Physical, Cyber and Counter Surveillance domains.

Zentek Digital Investigations

Zentek Digital Investigations

Zentek has been providing digital forensics services to the public and private sector for computers and mobile devices since 2004.

SecDev

SecDev

SecDev is a consulting firm working at the intersection of geopolitical, digital, urban, energy and cyber risk.

Oppida

Oppida

Oppida provides tailored IT security services to help you identify security gaps and assist in finding the most effective remediation.

Deceptive Bytes

Deceptive Bytes

Deceptive Bytes provides an Active Endpoint Deception platform that dynamically responds to attacks as they evolve and changes their outcome.

Flipside

Flipside

Information Security training provider specialized in personalized training and security awareness campaigns.

Joint Accreditation System of Australia and New Zealand (JASANZ)

Joint Accreditation System of Australia and New Zealand (JASANZ)

JASANZ is the joint national accreditation body for Australia and New Zealand. The directory of members provides details of organisations offering certification services for ISO 27001.

Conference Index

Conference Index

Conference Index provides an indexed listing of upcoming meetings, seminars, congresses, workshops, summits and symposiums across a wide range of subjects including Cybersecurity.

101 Blockchains

101 Blockchains

101 Blockchains is a professional and trusted provider of enterprise blockchain research and training.

24By7Security

24By7Security

24By7Security are Cybersecurity & Compliance Specialists with extensive hands on experience helping businesses build a defensive IT Infrastructure against all cyber security threats.

OISTE Foundation

OISTE Foundation

OISTE foundation allows users to control their digital identities using well-understood and secure algorithms that ensure the continued validity of an identity and its claims.

Viria

Viria

Viria is an information and security technology solution provider that promotes digitalization in a secure way.

META-Cyber

META-Cyber

META-cyber was founded by engineers with experience in process and control-protection to provide cyber security for industrial infrastructure.

Allurity

Allurity

Allurity is a group of tech-enabled cybersecurity service providers, comprised of best-in-class experts with a common mission to enable a safe digital world.

Bluefin Payment Systems

Bluefin Payment Systems

Bluefin is the recognized integrated payments leader in encryption and tokenization technologies that protect payments and sensitive data.

Sitehop

Sitehop

Sitehop is a cybersecurity technology company developing and supplying FPGA hardware-enforced cyber security solutions for networks.