Hacking Team: We’ll be back in the spyware biz before you know it

If it builds it, will they come?

Hacking Team might be able to get itself back online from a technical standpoint, but the company still faces a serious credibility issue.

Exactly how many buyers the company will find remains to be seen – the fallout from the initial hack still hasn't finished landing yet. On Friday the head of the Cyprus Intelligence Service (KYP), Andreas Pentaras, resigned after the stolen trove detailed his department's use of the Hacking Team's products.

Other countries are taking a very different approach. Hacking Team code was sold to the Ethiopian government to spy on journalists. On Tuesday the Ethiopian government is seeking to dismiss a legal action against the state brought by a US citizen in Maryland over the use of similar corporate surveillanceware.

The case of Kidane v. Ethiopia came after FinFisher software, from Hacking Team competitor Gamma International, was found on the computer of an Ethiopian expatriate. Between late October 2012 and March 2013 the surveillanceware reported his Skype calls and his family's internet activity back to the 213.55.99.74 IP address – owned by Ethiopia's state-owned telecommunications company Ethio Telecom.

The same IP address was identified as running a FinFisher command and control server in 2008 by security firm Rapid7, and again by Canada's Citizen Lab in 2013. The EFF, representing Kidane, will argue that this is illegal wiretapping.

"The Ethiopian government's US lawyers have asked to have the case dismissed, claiming that foreign governments have a right to wiretap Americans inside their own homes without court oversight, a right that not even the U.S. government claims for itself," the organization said.

"EFF Staff Attorney Nate Cardozo will argue Tuesday that Ethiopia must answer in court for the illegal spying on Mr. Kidane."

It has also emerged that Hacking Team may have helped the Italian National Military police hijack the internet's BGP routing system to take over the IP addresses of a foreign ISP.

Customers or not, it seems likely that the Hacking team will find business if it rebuilds its technical infrastructure. Whether or not it can secure it against the hackers gunning for the firm is another question altogether. ®