A team of Google hackers exposed – and closed – a hacking operation specializing in counterterrorism by an alleged US ally. Although the report concealed most of the details, it raised worrying questions about what constitutes an ally in cyberspace.
Hackers from Project Zero and the tech giant’s Threat Analysis Group discovered and ended a counterterrorism operation run by a U.S. ally, according to MIT’s technical review, which detailed Google’s internal struggle over the disclosure of the incident and what it entailed for future cyber espionage (apparently, everything is fair in love, war and malware attacks).
Both Project Zero, which uncovers and exposes security vulnerabilities, and the Threat Analysis Group, which tracks hacks believed to be run by governments, helped to bring down the “friendly” malware attack, which transformed 11 zero-day vulnerabilities over the course of nine months. A zero-day vulnerability is a flaw that the creator of the software and the user is unaware of, a security issue that can be used as a backdoor and exploited until discovered.
Appearing 11 times in nine months – more often than a typical zero-day exploit – the attack targeted iOS, Android and Windows devices. The exploits were innovative (MIT described them as “Techniques never seen before”) and used infected sites as “waterholes” to deliver malware to unhappy visitors. The infection process has been underway since the beginning of 2020.
Also at rt.com
Google researchers reveal an exploit that allows hackers to ‘own’ iPhones REMOTELY – but they have waited 6 months to tell the world
MIT revealed on Friday that the hackers who run the scheme were “In fact, Western government agents are actively conducting a counterterrorism operation,” an unusual revelation, since tracking hacks to state-level actors is not an easy and straightforward operation that U.S. cyber security companies like CrowdStrike and FireEye like to describe when talking to reporters.
In fact, while the Google Threat Analysis Group assigns hacks to states, Project Zero does not, although private security companies have worked on the ability to “Linking hostile actions to foreign actors” over the past decade – a skill that has recently become more reliable, according to an article by RAND Corporation published in September.
In fact, Google seems to have just been informed that it was a counter-terrorism operation in an effort to convince it to allow the hack to continue. Instead, the Google teams went ahead and suppressed the attack, in a move that was supposed to “It caused internal division at Google,” as “Increase[ing] issues within the intelligence communities of the United States and its allies. “
While Google managed to end the hack, its announcement released few details about the attack itself – who was responsible for the hack, who was the target, and certain technical aspects of the malware and its hosting were left out in a way that is considered highly atypical for a launch by the Google teams, whose work is trusted and revered across the industry.
Also at rt.com
The war on Chinese technology is a way for the United States to continue spying on YOU and the rest of the world without contestation
The decision appeared to be a compromise between the two Google teams, under the justification that even if the ‘good guys’ were running the hack to arrest terrorists now, the 11 separate zero-day vulnerabilities that Google discovered they used on last year they would ultimately end up in the hands of the ‘bad guys’. Better, then, to turn it off and keep the entire Internet safe than to help and encourage criminals, whether they are operating in the future or in the present.
While cyber security teams regularly stumble on each other’s work in the process of patrolling their government’s networks, certain policies can help to decipher who may have been the culprit in this particular case. The Five Eyes alliance – USA, UK, Canada, Australia and New Zealand – has a gentleman’s agreement not to report hacking operations, as long as the security team and the hackers they’ve stumbled upon are friends, and the US in particular avoids uprooting its own ongoing operations.
However, while the United States considers Israel to be its main ally in the Middle East, the National Security Agency and the CIA have already designated that country as * * the greatest spy threat to the United States.
Perhaps most shocking is the implication that Google – a private company – can defend itself, as far as national security is concerned, against any state that seeks to continue this counterterrorism operation without the tech giant spreading the beans to the world. . A former senior US official said that not all hackers, even state-level powers, were in a position where they could easily regenerate the type of exploitation that Google would have ended by revealing the vulnerability.
“The idea that someone like Google can destroy so much capacity that it’s slowly popping up in people,” he said.
Also at rt.com
‘Crying’ for ‘courageous companies’ like Amazon, Google and Apple? You may have Stockholm Syndrome … or just work for Buzzfeed
Do you think your friends would be interested? Share this story!