A massive hack that Google thwarted was actually a counterterrorism operation

Follow 9News Nigeria On Social Media

Russian hacker hacking the server in the dark
Social sharing

Security researchers regularly reveal software vulnerabilities that hackers can exploit, or even have exploited in the past. In some cases, they’re software issues that have not been used to hack or spy on users. In others, researchers identify malware and hacks that are actively used in the wild. By the time they release information about the attacks, the companies whose code had been attacked have already released updates to patch the problems. And security researchers usually point out when they believe the hacks are too sophisticated for a regular hacker to pull off.

Google runs an infamous security team at Project Zero that analyzes all sorts of operating systems and products for vulnerabilities. Since January, the team produced research that highlighted 11 zero-day exploits that were used to compromise Android, iPhone, and Windows. Back in January, Project Zero scientists pointed out the sophistication of the attacks that utilized previously unknown vulnerabilities in Chrome and Safari code. It turns out that the hackers behind the campaign that Google found were from a nation-state. They were part of a counterterrorism operation initiated by a Western ally, and the operation was ongoing when Project Zero started revealing the software issues.

Today’s Top DealCook perfect steak and chicken every single time with this brilliant $32 Amazon find!List Price:$33.99Price:$31.99You Save:$2.00 (6%)Buy NowAvailable from Amazon BGR may receive a commission

Whenever hackers backed by US rivals are responsible for newly discovered attacks, some researchers would go out and say the hacks originate from China, North Korea, or Russia. But Google’s Project Zero did not point any fingers while revealing these 11 zero-day bugs. The decision to shut down the cyberattack coming from a Western ally apparently caused some controversy inside Google, MIT Technology Review has found out.

READ ALSO  Systems Management: The most important things to know when managing a stakeholder

It’s unclear which Western government had employed the sophisticated attack or what sort of counterterrorism operation they were running. The MIT report indicates that Google might have omitted the identity of attackers intentionally. Google might know precisely who the hackers are and what the operation was. It’s also unclear whether Google notified the attackers before revealing the zero-day vulnerabilities publicly.

Some Google employees have apparently argued that counterterrorism operations should be out of bounds when it comes to public disclosure. Others say that Google was within its rights to protect the company’s products from imminent attacks that could harm end-users. Google defended its actions in a statement:

Project Zero is dedicated to finding and patching 0-day vulnerabilities, and posting technical research designed to advance the understanding of novel security vulnerabilities and exploitation techniques across the research community. We believe sharing this research leads to better defensive strategies and increases security for everyone. We don’t perform attribution as part of this research.

The attackers used never-before-seen “watering hole” techniques to inject unknown websites with malware and deliver them to targets running Chrome and Safari on Android, iPhone, and Windows devices. The attackers exploited the 11 zero-days over just nine months, beginning in February 2020. The level of sophistication and speed of the attack is what troubled researchers.

READ ALSO  Systems Management: The most important things to know when managing a stakeholder

A former senior US intelligence official told MIT that Western operations are recognizable, and that’s because of the local laws that impact what spy agencies can and can’t do:

There are certain hallmarks in Western operations that are not present in other entities … you can see it translate down into the code. And this is where I think one of the key ethical dimensions comes in. How one treats intelligence activity or law enforcement activity driven under democratic oversight within a lawfully elected representative government is very different from that of an authoritarian regime.

The oversight is baked into Western operations at the technical, tradecraft, and procedure level.

It’s unclear to what end the counterterrorism operation might have been crippled, and those are the kind of secrets that will probably never be revealed to the public. The fact that so many vulnerabilities were discovered that quickly is still troublesome, as other skilled hackers might have found and exploited them — which is ultimately why Google chose to reveal the info. The silver lining of these revelations is that Western spies were targeting specific groups of people, which means most Android, iPhone, and Windows users shouldn’t be impacted.

As always, when software vulnerabilities are disclosed, the best course of action is to install all available operating system updates, and to update all apps. The MIT Technology Review’s story is worth a read in full — it’s available at this link.

READ ALSO  Systems Management: The most important things to know when managing a stakeholder
Leave your comment on this post

THE ROTTEN FISH: CAN OF WORMS OPENED OF APC & TINUBU'S GOVERNMENT OVER NIGERIA'S ECONOMIC DOWNTURN

WATCH THE CRITICAL ANALYSIS AND KNOW THE RESPONSIBLE PARTIES TO BLAME FOR NIGERIA'S ECONOMIC CHALLENGES, WHILE CITIZENS ENDURE SEVERE HARDSHIPS.

Watch this episode of ISSUES IN THE NEWS on 9News Nigeria featuring Peter Obi's Special Adviser, Dr Katch Ononuju, 9News Nigeria Publisher, Obinna Ejianya and Tinubu Support Group Leader, McHezekiah Eherechi

The economic crisis and hardship in Nigeria are parts of the discussion.


Watch, leave your comments, and share to create more awareness on this issue.


#9NewsNigeria #Nigeria #issuesInTheNews #politics #tinubu THE ROTTEN FISH: CAN OF WORMS OPENED ...
DON'T FORGET TO SUBSCRIBE AND LEAVE YOUR COMMENTS FOR SUBSEQUENT UPDATES
#9newsnigeria #economia #economy #nigeria #government @9newsng
www.9newsng.com

Leave your comment

Click on the link below or Scan the QR Code to join the 9News Nigeria WhatsApp Channel

9News Nigeria Investigative Reports WhatsApp Channel
9News Nigeria Investigative Reports WhatsApp Channel

Be the first to comment

Leave your comment