A Google hacking team has exposed – and shut down – an expert counterterrorism hacking operation by an alleged US ally.While the report concealed most of the details, it raised troubling questions about what constitutes an ally in cyberspace. .
The tech giant’s hacking teams Project Zero and Threat Analysis Group discovered and ultimately ended a counterterrorism operation led by a U.S. ally, according to MIT Tech Review, which detailed the infighting at Google over whether publicize the incident and what it implied for future cyber espionage (apparently, anything goes in love, war, and malware attacks).
Both Project Zero, which discovers and exposes security vulnerabilities, and Threat Analysis Group, which tracks attacks believed to be carried out by governments, helped to end the “friendly” malware attack, weaponizing 11 zero-day vulnerabilities over the course of nine months. A zero-day vulnerability is a flaw unknown to the creator and user of the software, a security issue that can be used as a backdoor and otherwise exploited until discovered.
Appearing 11 times in nine months, more frequently than a typical zero-day exploit, the attack targeted devices powered by iOS, Android, and Windows. The exploits were groundbreaking (MIT described them as “Techniques never seen before”) and used infected websites as “watering holes” to distribute malware to unlucky visitors. The infection process has been ongoing since the beginning of 2020.
Also on rt.com
Google researchers reveal an exploit that allowed hackers to REMOTELY ‘own’ iPhones, but waited 6 months to tell the world
MIT revealed on Friday that the hackers executing the plan were “Actually, Western government operatives actively conducting an anti-terrorist operation,” An unusual revelation given that tracking down attacks on actors at the state level is not the easy-to-understand, short and dry operation that US cybersecurity firms like CrowdStrike and FireEye like to describe when speaking to reporters.
In fact, while Google’s Threat Analysis Group attributes hacks to states, Project Zero does not, although private security companies have been working on the ability to “Linking hostile actions with foreign actors” over the past decade, a capability that has recently become more reliable, according to a RAND Corporation article published in September.
In fact, it appears that Google was only told that it was a counter-terrorism operation in an effort to convince it to allow the attack to continue. Instead, Google teams went ahead and put down the attack, in a move that reportedly “It caused internal division in Google”, as well as “Rais[ing] questions within the intelligence communities of the United States and its allies. “
While Google managed to shut down the attack, its announcement revealed few details about the attack itself: who was responsible for the attack, who was the target, and certain technical aspects of the malware and its hosting were left out in a way that is considered very outlier for a release by the Google teams, whose work is trusted and revered across the industry.
Also on rt.com
The war on Chinese technology is a way for the US to continue spying on YOU and the rest of the world without being challenged.
The decision appeared to be a compromise between the two Google teams, under the rationale that even if the ‘good guys’ were running the trick to catch terrorists now, the 11 separate zero-day vulnerabilities Google had found to be using during the last year they would. they eventually end up in the hands of the ‘bad guys’ It is better, then, to turn it off and keep the entire Internet safe than to aid and incite criminals, whether they are operating in the future or in the present.
While cybersecurity teams regularly stumble upon each other’s work in the process of patrolling their governments’ networks, certain policies could help decipher who might have been to blame in this particular case. The Five Eyes Alliance (US, UK, Canada, Australia and New Zealand) has a gentlemen’s agreement not to report hacking operations as long as both the security team and the hackers encountered are friends, and the US in particular. avoid uprooting your own ongoing operations.
However, while the US regards Israel as its main ally in the Middle East, the National Security Agency and the CIA have previously designated that country as * the * main espionage threat to the US.
Perhaps most shocking is the implication that Google, a private company, can defend itself, in terms of national security, against any state that seeks to continue this counterterrorism operation without the tech giant spilling the beans to the world. A former senior US official pointed out that not all hackers, even state powers, were in a position where they could so easily regenerate the kind of exploit capabilities that Google would have shut down by disclosing the vulnerability.
“The idea that someone like Google can destroy so much capacity quickly is slowly catching on to people.” he said.
Also on rt.com
‘Crying’ for ‘brave corporations’ like Amazon, Google and Apple? You may have Stockholm syndrome … or you just work for Buzzfeed
Do you think your friends would be interested? Share this story!