Hacking Team: Galileo Surveillance Tool Now ‘Obsolete’

Hacking Team, the controversial Milan-based surveillance technology maker, said it is preparing an update for its flagship product, the Galileo version of Remote Control System (RCS), that will secure the system following the public release of Galileo’s source code by hackers last week.

“We expect to deliver this update immediately,” said Hacking Team chief executive David Vincenzetti.

Data leak

The hack resulted in about 400GB of data being published online, much of which has now been collected at Wikileaks.

No one has yet claimed responsibility, but Hacking Team is unpopular with some due to the nature of its work, and was listed as one of five “Corporate Enemies of the Internet” in a 2012 report by Reporters Without Borders.

Hacking Team had said previously that the publicly released source code was sufficient to allow anyone to deploy its surveillance tools, but Vincenzetti said on Monday that only “some” of the product’s code had been exposed, and he said that code is now effectively useless because countermeasures have been put in place.

“By now the exposed system elements are obsolete because of universal ability to detect these system elements,” he stated, adding it was “extremely unlikely” that the code could be used for surveillance.

Vincenzetti said “important elements” of the company’s source code were not compromised and “remain undisclosed and protected”, and he said Hacking Team is rebuilding its internal security infrastructure.

Legal export

In the meantime, the company is also planning a “complete revision” of RCS, which will replace Galileo.

“Remote Control System, version 10, will be released in the fall,” Vincenzetti stated. “This is a total replacement for the existing ‘Galileo’ system, not simply an update.” He said the new version would include elements taking into account last week’s breach.

Vincenzetti reiterated the company’s position that it has never broken arms export laws. “Our technology has always been sold lawfully, and, when circumstances have changed, we have ended relationships with clients such as Sudan, Ethiopia and Russia,” he stated.

In an interview published in La Stampa on Sunday, Vincenzetti claimed relations with Sudan predate the arms embargo against the country, and said that when Hacking Team heard its software had been used by the Ethiopian government to spy on dissenters, it asked for explanations and then terminated the contract.

Ethiopian incident

This is broadly confirmed by a March email exchange between Hacking Team software engineer Alberto Ornaghi and chief marketing officer Eric Rabe released as part of the document cache, and currently hosted on Wikileaks, in which the company considered its response to Citizen Lab’s report on the matter.

In the exchange, Ornaghi recommends the company “stop supporting the customer forever… so they cannot embarrass us in the future again”. He noted that the Ethiopian government had left clear traces of its activity behind due to its incorrect use of the software. “The customer is completely incompetent,” he wrote.

At the time, Hacking Team released an official statement saying it would look into the allegations. “At any time that we become aware of allegations of abuse of our software, we investigate,” Rabe stated.

Are you a security pro? Try our quiz!