A week after saying a massive data breach had left its technology open to abuse by "terrorists, extortionists and others," Italy-based surveillance software maker Hacking Team sought to assure governments and other clients on Tuesday that the situation isn’t really that dire. In a statement posed Tuesday on the company’s website, Hacking Team CEO David Vincenzetti called the breach "a reckless and vicious crime" that is under investigation by Italian authorities.
"While it is true that the criminals exposed some of our source code to Internet users, it is also true that by now the exposed system elements are obsolete because of universal ability to detect these system elements. Today we believe it is extremely unlikely that this obsolete code can be used to surveil cell phones, mobile devices or computer communications," Vincenzetti said.
He added that "important elements of our source code were not compromised … and remain undisclosed and protected." He said Hacking Team would deliver a software update to clients "to quickly secure their current surveillance infrastructure."
The reassuring tone was a far cry from a news release the company issued on July 8, two days after Hacking Team's Twitter account was hijacked and used by hackers to release what is purported to be more than 400 gigabytes of internal documents and correspondence, employee passwords and the underlying source code of its surveillance products.
The July 8 press release called the intrusion "a major threat."
"Before the attack, HackingTeam could control who had access to the technology which was sold exclusively to governments and government agencies," the statement said. "Now, because of the work of criminals, that ability to control who uses the technology has been lost. Terrorists, extortionists and others can deploy this technology at will if they have the technical ability to do so."
On Tuesday, Vincenzetti said the company was building a "totally new internal infrastructure" to keep its data safe.
Internal documents disclosed by the unidentified hackers indicate that Hacking Team’s surveillance-software customers have included the FBI and the Drug Enforcement Administration in the U.S., police agencies in several European countries, and police and state security organizations in countries with questionable human-rights records.