Cyber security at risk after 'Hacking Team' hack, expert says

'Black hat' hackers' powerful malware may be up for the taking

MIAMI – Cyber security specialists were on alert  Wednesday, as law enforcement moved to identify hackers.

This was after The Hacking Team -- a technology company that supplies spying tools to governments worldwide -- confirmed that it had been the target of an exploit.

Recommended Videos



The company released a statement Wednesday warning that "cyber criminals" had released sufficient code Monday to deploy the Hacking Team's spying software. 

"Before the attack, Hacking Team could control who had access to the technology which was sold exclusively to governments and government agencies," the statement said. "Now, because of the work of criminals, that ability to control who uses the technology has been lost.

"Terrorists, extortionists and others can deploy this technology at will if they have the technical ability to do so. We believe this is an extremely dangerous situation."

Also on Wednesday, Adobe released a security bulletin reporting they had moved to release security updates for Macintosh, Windows and Linux on July 14.

"These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system," the bulletin said.

Reporters Without Borders listed The  Hacker Team in the list of "The Enemies of the Internet" and referred to it as a "digital mercenary" in 2013. And in the world of "white hat" vigilantes, this made the "black hat" Hacking Team a target.

34056110

34056114

34056122

34056800

34057120

34057518

Hackers targeting The Hacking Team leaked data identifying several alleged clients and some of the code for the spying tools. They are available through file-sharing torrent sites. Some feared the files being shared were the ones containing the malware.

MARKETING: Read about The Hacking Team's Remote Control System

On Tuesday, a Hacking Team account user re-tweeted hacker Phineas Fisher, a hacker who took responsibility for a similar attack to Gamma, a seller of surveillance tools.

"Gamma and HT down," the tweet said. "A few more to go." He also tweeted: "I'll write up how hacking team got hacked once they've had some time to fail at figuring out what happened and go out of business."

A Local 10 News source who works in security and claims to be a hacker said Tuesday the Hacking Team data included some very dangerous intrusive tools that could be misused.

"There were files leaked and they were expected to be used this week," he said. "The vulnerabilities exposed could allow hackers to run code from anywhere in the world on a computer affected. They can take control of it and crash it."

There is plenty of code out there that may work to attack Androids, he said. There was also a Flash Player exploit delivered through pages with a corrupt Flash players, he said.

While United Airlines, the NYSE and the Wall Street Journal reported having technical difficulties unrelated to a security breach, Department of Homeland Security Secretary Jeh Johnson was set to talk about cyber security.

"There is no silver bullet for cyber security," said Johnson during a discussion that was live on UStream. "The key is to develop multiple levels of protection."

Johnson said during a  Center for Strategic and International Studies event that the U.S. needs a federal data breach "Notification System" and a coordinated effort. He added that companies need to invest on cyber security.

SOCIAL MEDIA: Follow Homeland Security #CSISLive

Aside from The United States, the alleged stolen data showed clients in the Americas also included Mexico, Honduras, Panama, Colombia, Ecuador and Chile. In the U.S., the FBI, the DEA and the DOD were also linked to the contractor.

Follow Local10.com reporter Andrea Torres on Twitter @MiamiCrime