Someone Just Leaked The Price List for Cyberwar

A California National Guard soldier assists another analyst during a simulated virus attack at 2014 Cyber Shield exercise.

National Guard Professional Education Center

AA Font size + Print

A California National Guard soldier assists another analyst during a simulated virus attack at 2014 Cyber Shield exercise.

A controversial cyber arms dealer gets hacked, revealing sales to the US military and less savory customers around the world.

On Monday, the Italian company Hacking Team, which produces secret cyber weapons for law-enforcement and government clients around the world, became the victim of an embarrassing public disclosure: more than 400 gigabytes of internal data made its way online in a widely shared torrent file. The group Reporters Without Borders has labeled Hacking Team “an enemy of the Internet,” for the surveillance tools and malware products it provides, with little transparency or accountability, to governments. News of the disclosure brought forth the sounds of schadenfreude from the privacy and tech communities.

So far, the exposed documents have already revealed a few key things about the group, its clients, and the business of cyberwar for hire.

The FBI has spent about $775,000 on the company’s Remote Control Service, or RCS, an eavesdropping system that pulls data from a target computer before it’s encrypted.

Hacking Team purports to sell its services to “law enforcement” but invoices reveal a wide assortment of unsavory clients, including the governments of Russia and Sudan, despite a UN arms embargo against the latter and contrary to previous assertions from company’s president, Christian Pozzi. It’s not clear that the company broke any laws with sales to Sudan, since surveillance software isn’t typically classified as a weapon.

The company had an “action plan” for further expansion into the United States market and listed a Naval Criminal Investigative Service representative as a potential sales target.

A previous disclosure from April showed that the United States Army bought an RCS system for $350,000. The most recent breach adds details: the system went to Fort Meade, but was never used, according to a (typo-ridden) email from Alex Velasco, the third-party contractor who closed the deal on behalf of Hacking Team. “They were never given permission to pull an internet line to their of?ce [sic] to install the system. (ridiculous but true!),” Velasco writes. “They also are interested in the new options that we have developed and want prices. They are not sure when we will be able to install but they believe that it could be in the next few months.”

Most incredibly, the hack brought to light the company’s price list, a blue book for surveillance and malware products. It’s a first-of-its-kind window into the going rate of cyberwar and espionage capabilities. Of the many offenses the company seems to have committed, price gouging seems to be one.

Want to hack into someone’s Windows device to steal Gmail data, turn on the microphone, and take snapshots with the camera? That’s an upfront license fee of €40,000 euros (about $44,200). Microphone recording and keystroke logging on in Mac OS will run you the same amount.

The company also sells what it calls “infection vectors,” or malware, including one product that “allows you to remotely infect Android and BlackBerry smartphones by sending specially crafted messages.” The price for that is €30,000.

Perhaps the strangest product on offer is a software-based AI agent, or “intelligence module,” that does some of the work of a real spy. The module “automatically processes all the evidence to extract and correlate the relevant bits of information, presenting you the overall picture of your investigations as it progress [sic] in time,” all for a price of €220,000.

There are a number of lessons to be learned from the breach.

“The Hacking Team case shows that international rules and controls should be applied more efficiently to private companies which are producing shady cybercapabilities and related technologies, as they are for conventional weapons,” Jarno Limnéll, a professor of cybersecurity at Aalto University in Finland, wrote in the International Business Times.

It also shows that the cyberweapons you build, or buy, can come back to haunt you.

Close [ x ] More from DefenseOne

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Software-Defined Networking

    So many demands are being placed on federal information technology networks, which must handle vast amounts of data, accommodate voice and video, and cope with a multitude of highly connected devices while keeping government information secure from cyber threats. This issue brief discusses the state of SDN in the federal government and the path forward.

  • Military Readiness: Ensuring Readiness with Analytic Insight

    To determine military readiness, decision makers in defense organizations must develop an understanding of complex inter-relationships among readiness variables. For example, how will an anticipated change in a readiness input really impact readiness at the unit level and, equally important, how will it impact readiness outside of the unit? Learn how to form a more sophisticated and accurate understanding of readiness and make decisions in a timely and cost-effective manner.

  • Cyber Risk Report: Cybercrime Trends from 2016

    In our first half 2016 cyber trends report, SurfWatch Labs threat intelligence analysts noted one key theme – the interconnected nature of cybercrime – and the second half of the year saw organizations continuing to struggle with that reality. The number of potential cyber threats, the pool of already compromised information, and the ease of finding increasingly sophisticated cybercriminal tools continued to snowball throughout the year.

  • A New Security Architecture for Federal Networks

    Federal government networks are under constant attack, and the number of those attacks is increasing. This issue brief discusses today's threats and a new model for the future.

  • Information Operations: Retaking the High Ground

    Today's threats are fluent in rapidly evolving areas of the Internet, especially social media. Learn how military organizations can secure an advantage in this developing arena.


When you download a report, your information may be shared with the underwriters of that document.