Attack that revealed data exposing deals with dictatorships was on a ‘governmental level’ and ‘planned for months’, says David Vincenzetti in first statement
The founder of cybersecurity firm Hacking Team has finally spoken out over the attack that saw 400GB of its data dumped on the internet, insisting: “We’re the good guys”.
David Vincenzetti, 47, founder of the Milan-based company, told Italian newspaper La Stampa that the cyber attack – which saw the code for companies hacking tools and its email archive published online – was not enabled by poor security or weak passwords and that it could have only been an organisation “at the governmental level”.
Vincenzetti said: “This is not an impromptu initiative: the attack was planned for months, with significant resources, the extraction of data took a long time.” But he did not explain how Hacking Team apparently failed to notice the attack while it was taking place.
In response to concerns that Hacking Team supplied tools to repressive states which could be used to hack into and spy on almost anyone, Vincenzetti said: “We did [sell tools to Libya] when suddenly it seemed that the Libyans had become our best friends.” He also admitted providing tools to Egypt, Ethiopia, Morocco and Sudan, as exposed by the company’s email archive, though denied dealing with Syria.
But Vincenzetti said: “The geopolitical changes rapidly, and sometimes situations evolve. But we do not trade in weapons, we do not sell guns that can be used for years.” He said that without regular updates its tools are rapidly blocked by cyber security countermeasures.
In the case of the Ethiopian government, which used Hacking Team tools to spy on journalists and activists, Vincenzetti said: “We’re the good guys … when we heard that Galileo had been used to spy on a journalist in opposition of the government, we asked about this, and finally decided to stop supplying them in 2014.”
Meanwhile, the impact of the Hacking Team data dump continues to affect wider cubersecurity. A further two vulnerabilities within Adobe’s Flash plugin have been exposed and are actively being exploited as a result of the attack, Adobe has confirmed.