September Hacking News Roundup
In this hacking roundup for September, read about two companies that are both specializing in hacking software, albeit from two different angles. One company is focusing on selling hacking tools to law enforcement agencies worldwide; the other company is trying to build a software platform that prevents attacks.
Small Security Company Sells Hacking Tools to Law Enforcement Agencies
If you think the National Security Agency has all the best hacking tools at its disposal, wait until you hear about Hacking Team—a security company, based in Milan, Italy, responsible for selling powerful hacking software to law enforcement agencies worldwide.
The Verge profiles this small security company and describes how the company founders got a phone call from law enforcement in Milan who were interested in using the company’s software to spy on citizens. The company’s open source Ettercap software program “quickly became the weapon of choice for analysts testing the security of their networks as well as hackers who wanted to spy on people.”
While The Verge reports that so far no law enforcement agency in the United States is using the software, the current leading product for Hacking Team is capable of gathering more data than the NSA’s powerful tools.
From The Verge:
Hackers have written rootkits and backdoors for decades. But the development of commercial hacking software — complete with custom features, regular updates, and tech support — is fairly new.
"You’re actually getting a commercially developed product," says Morgan Marquis-Boire, a security researcher who has authored reports on Hacking Team and the market for state-sponsored hacking tools for University of Toronto’s Citizen Lab. "That’s actually what makes it different from the sort of backdoors that hackers were using sort of for the lulz, like 18 years ago when I was opening my flatmate’s CD-ROM drive to freak him out."
Here’s a moody commercial for Hacking Team’s Da Vinci program—enjoy the “Law & Order” vibe.
Cyber Security Firm Gets $30 Million for Its Anti-Hacking Platform
Let’s now turn our attention to the other side of the commercial hacking software spectrum: the software that is made to prevent attacks, not cause them.
The Wall Street Journal reports that Accel Partners and founding investor Warburg Pincus are giving $30 million to fund Crowdstrike, a cyber security firm that targets foreign hackers. The money will be used to further expand the company’s anti-hacking software platform.
According to the company’s press release, Crowdstrike “tracks 40+ actors around the world, including state-sponsored adversaries originating from China, Russia, Iran, North Korea, Pakistan, and India; and infuses this intelligence in its technology solutions.”
Of course, this just goes to show how much money is being thrown into the hacking business, as The Wall Street Journal details how other security companies are also receiving investments and researching how to create software programs that use “large data streams to map the behavior of hackers to out them before they take over a network.”
From the Wall Street Journal:
Mandiant, the Washington-area cybersecurity firm known for fingering a Chinese hacking group this winter, is attempting to make a similar transition. Technology investors have said privately that building out a software platform is more profitable than investigative services.
“A company that is building a software business has an opportunity to be one of those kinds of leaders in the future just like the big security companies of the past,” [Sameer Gandhi, a partner at Accel] said.
