The CEO of Italian internet surveillance firm Hacking Team believes the attack was perpetrated by a foreign government because the actors used a high level of sophistication (hint: it wasn’t all that special) (emphasis added):
“Given its complexity, I think that the attack must have been carried out at a government level, or by someone who has huge funds at their disposal,” David Vincenzetti, the CEO of Hacking Team, told Sunday’s La Stampa newspaper.
He did not speculate on who it might have been.
The company has advised clients to halt their use of its programs until they can upgrade the compromised software, but warned that all computer systems might now be vulnerable.
“Hacking Team’s investigation has determined that sufficient code was released to permit anyone to deploy the software against any target of their choice,” the company said in a statement on its Internet site.
“Terrorists, extortionists and others can deploy this technology at will if they have the technical ability to do so.”
The same site still prominently promotes its now exposed products: “Total control over your targets. Log everything you need. Always. Anywhere they are,” it says.
The leaked emails show that the Hacking Team worked with numerous state institutions in an array of countries, including Italy, the United States and Australia.
It also had dealings with countries criticized for their human rights records, such as Libya, Egypt, Ethiopia, Kazakhstan, Morocco, Nigeria, Saudi Arabia and Sudan.
I would not discount a foreign government being behind the attack but I would likely place my bets on hacktivists who are unhappy with Hacking Team’s politics, business, and clientele.