A massive cache of documents released online and claiming to be part of a hack against Italian cybersecurity group “Hacking Team” appears to show the Irish Defence Forces in talks with the group over three years.
Dubbed “Corporate Enemies of the Internet” and “digital era mercenaries” by Reporters Without Borders, Hacking Team offers its services to security organisations worldwide. The company’s Twitter feed appeared to be hijacked on Sunday, linking to a 400GB torrent file containing files, passwords and emails.
While the group is remaining tight-lipped and the perpetrators of the attack are yet to be identified, screengrabs of emails and files continue to be passed around social networks. Hacking Team has faced criticism from journalists and activists for a number of years, with claims that they have worked with oppressive regimes around the globe. The company denies this but the new documents paint a different picture. Lists of governments that allegedly are or have been clients of Hacking Team, from Azerbaijan to Russia to Saudi Arabia, undermine those previous statements.
But, if genuine, the leaked documents suggest that among Hacking Teams clients are the governments and security services of Azerbaijan, Kazakhstan, Uzbekistan, Russia, Bahrain, Saudi Arabia, and the UAE, many of whom have been criticised by international human rights organisations for their aggressive surveillance of citizens, activists and journalists both domestically and overseas.
Most notably, the documents include an invoice for €480,000 which purports to be from the Sudanese national intelligence service, dated June 2012. Three years later, in January 2015, the company told the UN’s Italian representative that it had no current business relations with the country, prompting the follow-up question “as to whether there have any previous business arrangements” with Sudan, the answer to which is not recorded.
A company employee claimed that attackers were spreading lies about Hacking Team and told Twitter users not to believe what they were reading and that the leak contained a virus. The account then appeared to be hacked and has since been deleted.
Vice News’ technology magazine Motherboard has since reported that Hacking Team has instructed all customers to cease use of their software.
The Irish Connection
Screenshots of an email client were uploaded to social networks today, claiming to show Irish officials engaging with Hacking Team from 2012 to May of 2015. Images purporting to be from account manager Massimiliano Luppi’s inbox feature messages stating Irish Defence Forces were interested in acquiring software and or services from the company.
Images via BeYourOwnReason – Medium.com
Krank.ie has contacted the Irish Defence Forces and their press office for comment and has yet to receive a reply. We will provide updates when possible.
As Hacking Team continues their efforts to control the damage, more news articles are being published by the hour. At the time of writing, IBT has published an article that shows similar documents have surfaced in the UK like those alleged to be from Irish officials.
According to leaked emails from Massimiliano Luppi, who manages multiple accounts for Hacking Team, the company was in contact with at least three potential clients in the UK.
According to another leaked document detailing Hacking Team’s 2014 revenue forecast, the contact with the London Metropolitan Police related to a tender for a contract worth $300,000. However if the company’s 2015 revenue forecast is anything to go by, the company did not win the contract.
The 2015 forecast did however include a prediction that its new business for the year could total more than $17m, bringing its total revenue to more than $25m. That figure will now be significantly smaller following this highly embarrassing leak.
The Met has failed to respond to a request for comment on the possibility it was in contact with Hacking Team.
A spokesperson from the Irish Defence Forces phoned Krank.ie tonight in relation to our inquiries earlier today.
While he said that he was unable to comment on the emails involving Philip Carey and Ciaran Motherway, their intent regarding contact with Hacking Team or anything regarding the subsequent leaks, the spokesman stressed that the Irish Defence Forces did not purchase services from the company.