Hacking Team, a Milan-based developer of “offensive security” technology that markets its products to governments and law enforcement agencies around the world, was significantly compromised when hackers leaked nearly 400 GB of its internal data, including emails, client files, and financial documents. The leak was announced via Hacking Team’s own compromised Twitter account, and the content made publicly available. Among other things, the leaked documents confirmed our findings that the company sells its software to several governments with repressive human rights records, such as Ethiopia, Sudan, Rwanda, Saudi Arabia, Kazakhstan, and more.

Citizen Lab is sending an open letter to Hacking Team, providing a copy of our latest report on the company and highlighting our reasons for concern from these latest findings.

Citizen Lab Senior Researcher Morgan Marquis-Boire has co-authored an article exploring the sale of commercial spyware produced by Hacking Team to law enforcement agencies and governments across the globe.

Privacy International has filed a criminal complaint with the UK’s National Cyber Crime Unit requesting police investigation into allegations that the computer and telecommunications data of Bahraini democracy activists were subject to unlawful surveillance, which cites reports authored by Citizen Lab on the presence of FinFisher in Bahrain, as well the global proliferation of the software.

This report provides a detailed analysis of two products sold for facilitating targeted surveillance known as network injection appliances. These products allow for the easy deployment of targeted surveillance implants and are being sold by commercial vendors to countries around the world. Compromising a target becomes as simple as waiting for the user to view unencrypted content on the Internet.

This letter is in response to a statement issued by Hacking Team that has recently come to our attention, concerning Citizen Lab’s report titled “Police Story: Hacking Team’s Government Surveillance Malware” (June 24, 2014).

We analyze a newly discovered Android implant that we attribute to Hacking Team and highlight the political subtext of the bait content and attack context. In addition, we expose the functionality and architecture of Hacking Team’s Remote Control system and operator tradecraft in never-before published detail.

By getting into the malware business the federal and potentially provincial governments of Canada would be confronted with an ongoing reality: is the role of government to maximally protect its citizens, including from criminals leveraging vulnerabilities to spy on Canadians, or is it to partially protect citizens so long as such protections do not weaken the state’s ability to secure itself from persons suspected of violating any Act of Parliament?

Cyber Stewards Network (CSN) partner Collaboration on International ICT Policy in East and Southern Africa (CIPESA) released a report outlining the policies and practices surrounding Internet freedom in East Africa. Titled “The State of Internet Freedoms in East Africa,” the release of the report has drawn key individuals from the continent’s ICT industry to Kampala, Uganda for a forum.

Today, the Collaboration on International ICT Policy in East and Southern Africa (CIPESA) launches The State of Internet Freedoms in East Africa research report which is an Investigation into the policies and practices defining internet freedom in East Africa.