WabiSabiLabi founder arrested in Italy
Charges against Preatoni involve spying scandal at Telecom Italia
IDG News Service - A founder of security start-up WabiSabiLabi Ltd. was among those arrested by Milan police in connection with an ongoing spying scandal at Telecom Italia, according to published reports.
Roberto Preatoni was charged Monday with unauthorized access to computer systems and wiretapping, said the reports (in Italian). Sources confirmed he is the same Roberto Preatoni who is a founder and director of strategy at WabiSabiLabi. A representative of the security start-up declined to comment today. He said the company would send an e-mail statement later in the day.
Preatoni's company was launched in July, billing itself as an online marketplace for exploit code that could be used to hack into computer systems. Legitimate companies such as 3Com Corp. and VeriSign Inc. have paid for this type of code in the past, but WabiSabiLabi was the first open marketplace for such software. Preatoni, who spoke at Microsoft's Blue Hat security conference just weeks ago, billed his marketplace as a mechanism that would allow independent security researchers to get paid for their work.
Preatoni's work at WabiSabiLabi apparently has nothing to do with his arrest. The trouble reportedly started with his security consulting work as a penetration tester -- a security expert hired to test working networks for vulnerabilities.
According to the reports, Preatoni helped staff a 10-member "Tiger Team," ostensibly set up to test Telecom Italia's information security system. Members of this team are now charged with hacking and spying on Carla Cico, CEO of Brasil Telecom; Kroll Inc., an investigative agency; and journalists Fausto Carioti and David Giacalone of the newspaper Libero.
In January, four others were charged with spying in connection with the scandal. They included Fabio Ghioni, vice president and security chief technology officer at Telecom Italia, and Giuliano Tavaroli, the telecom's former head of security.
At the time of those arrests, Tiger Team members were charged with using a Trojan Horse program to steal sensitive data from the computer of Vittorio Colao, the former CEO of the Rizzoli Corriere della Sera publishing group.
The scandal has been front page news in Italy for months.
"It's a big deal, there's a lot of political pressure on this issue and on the general issue of wiretaps, and it's difficult to understand how big or how criminal were the deeds of the persons involved," said Stefano Zanero, a security consultant based in Milan, speaking via instant message. "It's a huge mess, and it engulfs everybody who's touched."
Telecom Italia's Ghioni and Preatoni were both known within the security research community. They gave a joint presentation at the Hack In The Box Security Conference in September 2006 titled "The Biggest Brother." They have also lectured on industrial espionage at the Chaos Communication Congress.
At Hack In The Box, they argued that many security measures put in place by governments after the Sept. 11, 2001, terror attacks have helped to strengthen control over their citizens and erode democratic freedoms. "The Internet allows you to do more effective things regarding controlling the population," Preatoni said.
"Before, we were just being spied on," Ghioni said, adding that governments are now using psychological operations and technology to prey upon their citizens' fears and extend their own power.
Sumner Lemon of the IDG News Service contributed to this story.
- The Pivotal Big Data Suite- Reducing the Risks of Big Data The explosion of big data and the rapid evolution of big data tools and technologies is challenging IT to meet the demands of...
- A Survival Guide for Data in the Wild All corporate data used to reside in the data center. Safe and sound behind the corporate firewall. But now, employees have multiple devices...
- Transforming Security: Designing a State-of-the-Art Extended Team The information security mission is no longer about implementing and operating controls.
- The Big Data Security Analytics Era Is Here New security risks and old security challenges often overwhelm legacy security controls and analytical tools.
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different....
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities. All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!