Hacking Team Developed Wi-Fi Hijacking Hardware For Drones

Hacking Team, the controversial Italian IT firm that develops security and surveillance software for governments and law enforcement agencies, created hardware that is capable of attacking computers via Wi-Fi.

The hardware was designed to be “transportable by drone”, and attracted the attention of a major global defence contractor, which is also a subsidiary of Boeing.

Leaked emails

This is according to leaked emails that surfaced following Hacking Team’s July data breach, which saw 400 gigabytes of emails, invoices and source code from Hacking Team leaked online via BitTorrent and Mega.

The hardware, outlined via email by Hacking Team’s co-founder Marco Velleri, was called a Tactical Network Injector (TNI) and was exhibited to defense firms at February’s International Defense Exposition and Conference in Abu Dhabi.

The emails detailed how the TNI platform could insert malicious code into Wi-Fi network communications, acting as a base to launch man-in-the-middle attacks from.

The TNI was dubbed ‘Galileo’, and caught the attention of Boeing subsidiary Insitu, a firm that manufactures UASs (unmanned aircraft systems) and drones such as the ScanEagle (pictured) and Blackjack, used by the US Navy and Marine Corps.

“We see potential in integrating your Wi-Fi hacking capability into an airborne system and would be interested in starting a conversation with one of your engineers to go over, in more depth, the payload capabilities including the detailed size, weight, and power specs of your Galileo System,” an Insitu employee emailed to Hacking Team, revealed on Wikileaks.

However, Hacking Team said this month that ‘Galileo’ is now obsolete, with the company preparing an update for its flagship product that will secure the system following the public release of Galileo’s source code by hackers.

Non-disclosure agreement

After an inital set of emails between Insitu and Hacking Team, it appears both companies could not agree on who’s non-disclosure agreement (NDA) should be used to keep the potential project top secret.

Hacking Team wanted Insitu to sign the firm’s standard NDA, but Insitu wanted to go with Boeing’s Proprietary Infomration Agreement (PIA).

Giuseppe Venneri, an intern at Insitu who had been holding the email correspondence with Hacking Team, wrote in an email: “Signing our PIA (attached) will dramatically shorten the authorisation process at our end.”

Hacking Team’s COO Giancarlo Russo then stepped in to the email correspondence, telling Insitu that Hacking Team would require further legal verification regarding US Law before it would go ahead with the PIA. Russo said: “In my opinion, for a preliminary discussion our non-disclosure agreement should be sufficient to protect both companies and as you will see it is including mutual provision for both parties and it will make things easier and faster for us.”

The conversation didn’t move forward from here, and Hacking Team received an email in May from Venneri, requesting further consideration from Hacking Team to use Boeing’s PIA.

“We corresponded with you about a month ago and were unsure about the progress going forward with preliminary discussions regarding any future collaborations.

“If you could please reconsider our mutual PIA, know that the questionnaire at the beginning of the document is just for gathering information and has no impact on the PIA itself. We have lots of Non-US companies under our PIA. If you or your legal team have any requested changes to our PIA please don’t hesitate to add them in the attached document,” read the email.

Take our hacking quiz here!