WabiSabiLabi founder arrested in Italy
Charges against Preatoni involve spying scandal at Telecom Italia
IDG News Service - A founder of security start-up WabiSabiLabi Ltd. was among those arrested by Milan police in connection with an ongoing spying scandal at Telecom Italia, according to published reports.
Roberto Preatoni was charged Monday with unauthorized access to computer systems and wiretapping, said the reports (in Italian). Sources confirmed he is the same Roberto Preatoni who is a founder and director of strategy at WabiSabiLabi. A representative of the security start-up declined to comment today. He said the company would send an e-mail statement later in the day.
Preatoni's company was launched in July, billing itself as an online marketplace for exploit code that could be used to hack into computer systems. Legitimate companies such as 3Com Corp. and VeriSign Inc. have paid for this type of code in the past, but WabiSabiLabi was the first open marketplace for such software. Preatoni, who spoke at Microsoft's Blue Hat security conference just weeks ago, billed his marketplace as a mechanism that would allow independent security researchers to get paid for their work.
Preatoni's work at WabiSabiLabi apparently has nothing to do with his arrest. The trouble reportedly started with his security consulting work as a penetration tester -- a security expert hired to test working networks for vulnerabilities.
According to the reports, Preatoni helped staff a 10-member "Tiger Team," ostensibly set up to test Telecom Italia's information security system. Members of this team are now charged with hacking and spying on Carla Cico, CEO of Brasil Telecom; Kroll Inc., an investigative agency; and journalists Fausto Carioti and David Giacalone of the newspaper Libero.
In January, four others were charged with spying in connection with the scandal. They included Fabio Ghioni, vice president and security chief technology officer at Telecom Italia, and Giuliano Tavaroli, the telecom's former head of security.
At the time of those arrests, Tiger Team members were charged with using a Trojan Horse program to steal sensitive data from the computer of Vittorio Colao, the former CEO of the Rizzoli Corriere della Sera publishing group.
The scandal has been front page news in Italy for months.
"It's a big deal, there's a lot of political pressure on this issue and on the general issue of wiretaps, and it's difficult to understand how big or how criminal were the deeds of the persons involved," said Stefano Zanero, a security consultant based in Milan, speaking via instant message. "It's a huge mess, and it engulfs everybody who's touched."
Telecom Italia's Ghioni and Preatoni were both known within the security research community. They gave a joint presentation at the Hack In The Box Security Conference in September 2006 titled "The Biggest Brother." They have also lectured on industrial espionage at the Chaos Communication Congress.
At Hack In The Box, they argued that many security measures put in place by governments after the Sept. 11, 2001, terror attacks have helped to strengthen control over their citizens and erode democratic freedoms. "The Internet allows you to do more effective things regarding controlling the population," Preatoni said.
"Before, we were just being spied on," Ghioni said, adding that governments are now using psychological operations and technology to prey upon their citizens' fears and extend their own power.
Sumner Lemon of the IDG News Service contributed to this story.
- Mobile First: Securing Information Sprawl Learn how the partnership between Box and MobileIron can help you execute a "mobile first" strategy that manages and secures both mobile apps...
- Cybersecurity Imperatives: Reinvent your Network Security The Rise of CyberSecurity
- Surescripts Case Study- Securing Keys and Certificates Surescripts implemented Venafi's Trust Protection Platform™ to secure digital keys and certificates, ensure the privacy and confidentiality of electronic clinical information for its...
- Ponemon 2014 SSH Security Vulnerability Report According to research by the Ponemon Institute, 3 out of 4 enterprises have no security controls in place for SSH which leaves organizations...
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities.
- Deep Dive into Advanced Networking and Security with Hybrid Cloud Security and networking are among the top concerns when moving workloads to the cloud. VMware vCloud® Hybrid Service™ enables you to extend your... All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!