Breach on cybersecurity firm unveils vast network of contracts, at the heart of Europe and covering most countries.

Sudan, Ethiopia, U.A.E, Bahrain, Uzbekistan… So far all the countries that the company said it wasn’t selling its systems to proved to be among its biggest customers.

This is what Eric Rabe, their US spokeperson, had to say about it in 2013:

On the issue of repressive regimes, Hacking Team goes to great lengths to assure that our software is not sold to governments that are blacklisted by the E.U., the U.S.A., NATO and similar international organizations or any “repressive” regime. Furthermore, we have created an external board to review potential HT sales, and this board has a veto over sales it deems illegal or unwise. We also go to some lengths to monitor reports of use of our software in ways that might be inappropriate or illegal. When we find reports of such issues, we conduct an investigation to determine if action is needed. Under the terms of our contracts with clients, we have the authority to suspend support for the software that is used illegally, making it ineffective.

But we discovered it had all but stonewalled a United Nations investigation into its contracts with Sudan

And that revenue streams were closely related to sales to many of these repressive regimes:

EU Countries are involved too.

While only a handful of EU countries appear on the list of customers above, many Intelligence Services were engaged in talks with the company, hosted demonstrations at home or traveled to Italy for further talks, until very recently.

FRANCE

A demo was organised on Sept 12th 2014, after an initial meeting one year prior:

They discussed purchasing Hacking Team’s Galileo system

(previously called DaVinci )

Date: Fri, 29 Aug 2014 09:32:56 +0100

Subject: Re: MOD France

From: Marco Bettini <m.bettini@hackingteam.com>

To: Brian Groom <bgroom@kcsgroup.com> Of course, new modules (like Intelligence, translation) and new platforms will be offered separately based on the configuration chosen. Estimated price reserved to you for new modules are:

- Intelligence module from Euro 50k to 90k depending on the configuration

- Translation module (three languages) Euro 110k

- New platforms (operating systems) Euro 35k each

New demonstrations are planned for September 2014, at the Novotel Paris Charles de Gaulle Terminal - Roissy pôle:

Date: Fri, 29 Aug 2014 11:29:17 +0100

Subject: Re: MOD France

From: Marco Bettini <m.bettini@hackingteam.com>

To: Brian Groom <bgroom@kcsgroup.com> Jean-Marc Delair just called HT saying my assistant that he wants to arrange the meeting on September 12.

And it seems the group’s capabilities were discussed internally within the French Ministry of Defence:

Da: Brian Groom [mailto:bgroom@kcsgroup.com]

Inviato: Monday, August 25, 2014 02:33 PM

A: Marco Bettini <m.bettini@hackingteam.it>

Oggetto: RE: MOD FranceGood afternoon, Marco: I trust you are keeping well. It appears that another department within the French Government have received a summary presentation of the Galileo system within the last couple of days and that there is a genuine and quite serious interest in this HT product. There is now a request for an overall demonstration of all of the facilities within Galileo in the first half of September in Paris (at the same place as the original Da Vinci demonstration.) Can you offers any dates, please, to fit their requested timescales?

There are many emails between Sept 2014 and April 2015, apparently the MOD is quite anxious that the software contains no backdoor (which since these revelations arised has been proven to be the case ) and requested a source code walkthrough.

Finally, another meeting takes place on April 2nd 2015:

Another visit is planned, but this time things get serious, French Defense personnel are to travel to Italy:

Date: 7 avril 2015 16:58:46 UTC+2

De: GENTIL Benoit <benoit.gentil@sagic.fr>

À: Philippe Vinci <p.vinci@hackingteam.com> Objet: Rép : Dates pour la visite à Milan ? est-ce que cela serait possible d’organiser une démonstration semaine 21 c’est à dire entre le 18 et 22 mai? Cordialement.

Benoît Gentil

The climate has changed in France, after gunmen killed 17 people in Paris and new anti-terror laws are to be introduced:

Date: Wed, 08 Apr 2015 13:20:50 +0100

Subject: Fwd: Dates pour la visite =?ISO-8859–1?B?4A==?= Milan ?

From: Philippe Vinci <p.vinci@hackingteam.com>

To: Alessandro Scarafile <a.scarafile@hackingteam.com> Hi Alessandro, I would like to ask you if a FAE could be available during the week of May 18 to make a complete product presentation and demo to a French prospect, GIC (Groupement Interministériel de Contrôle)

http://fr.wikipedia.org/wiki/Groupement_interministériel_de_contrôle GIC is today in charge of administrative interception directly under the French Prime Minister…which means non-judicial interception…mainly for prevention, anti-terrorist interception, etc… As an example, they are the one operating mediation platform such as AQSACOM for the rest of the Law Enforcement agencies in France. They are technical people, but they don’t have today any knowledge (that I know) on offensive solution.

They want to prepare themselves to the change of regulations that will certainly take place in France allowing Hacking interception soon for those matters as anti-terrorism.

There are no more emails after April 2015, but it is safe to say that the French government was clearly intent on buying “offensive” interception solutions from Hacking Team.

But what is perhaps most worrying of all, is top French government officials using yahoo addresses…