+

Cookies on the Business Insider India website

Business Insider India has updated its Privacy and Cookie policy. We use cookies to ensure that we give you the better experience on our website. If you continue without changing your settings, we\'ll assume that you are happy to receive all cookies on the Business Insider India website. However, you can change your cookie setting at any time by clicking on our Cookie Policy at any time. You can also see our Privacy Policy.

Close
HomeQuizzoneWhatsappShare Flash Reads
 

Hackers plan to teach people how they stole 400GB of data from Hacking Team

Jul 7, 2015, 20:12 IST

Advertisement
Kid smiling at a camera in a classroomReuters Pictures

The hacker group behind a high profile cyber strike on Hacking Team has pledged to release details how it stole 400GB worth of data from the surveillance software maker.

The incident occurred when hackers infiltrated the Italy-based Hacking Team's network to steal and publish online over 400GB of the firm's data and temporarily hijack control of its Twitter account on Sunday and Monday.

The attack saw the attackers leak vast amounts of Hacking Team information, including customer details, the source code of many of its products and internal emails.

The leaks have also lead to concerns Hacking Team is selling its surveillance products to countries international organisations, including the United Nations, NATO, European Parliament, and the US have blacklisted.

It was originally unclear how Hacking Team was breached or who had mounted the attack.

Advertisement

However, the "Phineas Fisher" Twitter account used in 2014 to publicise attacks on Gamma International UK - a company that makes similar surveillance products to Hacking Team - has since claimed credit for the attacks and pledged to reveal how it breached the firm's systems.

The claim has led to speculation within the security community about what techniques the hackers used.

F-Secure security consultant Sean Sullivan told Business Insider initial evidence suggests the the attackers were able to get in as Hacking Team was using insecure, easy to guess, passwords to protect its systems.

"Based on what I've seen poor use of passwords could be the issue. These guys might have some decent skills as Forwards, but as Goalkeepers? Not so much it seems," he said.

The theory was shared by independent security expert Graham Cluley, who pointed out one of the leaked documents showed many of Hacking Team's internal and external systems had shared passwords, in a blog post.

Advertisement

"The hackers appear to have successfully compromised Pozzi's Firefox browser password store, revealing a slew of poorly chosen login credentials rather than the complex, hard-to-crack, unique passwords that most security professionals would recommend," he said.

AlienVault security evangelist Javvad Malik held a similar opinion, pointing out early reports indicate Hacking Team was even using variants of the same word as a password to secure its systems.

"It looks like Hacking Team were reusing some relatively weak passwords - variants of "password" seemed common," he told Business Insider.

NOW WATCH: These Surveillance Balloons Are The Hot New Way To Spy On People

Please enable Javascript to watch this video
You are subscribed to notifications!
Looks like you've blocked notifications!
Next Article