A cache of documents that has recently surfaced has provided a captivating look into the world of commercially available cyberwar software. The documents reveal many details of the products and clients of Italian company Hacking Team, an organization labeled ‘an enemy of the Internet’ by Reporters Without Borders. While the firm publicly advertises, “effective, easy-to-use offensive technology to the worldwide law enforcement and intelligence communities.” The leaked documents also include a revealing price list of many of their offerings, including ‘Agents’ for Windows, OS X and Linux, in addition to the most common mobile platforms, with features including file capture and keylogging, microphone recording and webcam snapshot capability.
Also offered are ‘Infection Vectors’, which provide the means to install agents on remote systems. The costs for these products start at €40,000 ($56,000 CAD).
Perhaps even more intriguing is the revelation of nation-state clients who have purchased these tools, including Poland, Saudi Arabia, South Korea and Russia. One invoice reveals that contrary to Hacking Group’s statements made to the United Nations, sales have been made to The National Intelligence and Security Service, or commonly known to the public as the intelligence service of the federal government of Sudan.
While accusations have been made against Hacking Team and other similar companies of providing cyberwar tools to repressive regimes, the documents are a concrete example of these business practices, which may skirt the boundary of national and international law. If anything, these documents should enliven discussion about the international trade in cyber-surveillance tools to sovereign state entities, and the grey area between cyberwar technologies and conventional arms.