Google shutting down an active counterterrorism operation (2020)

From International cyber law: interactive toolkit
Revision as of 08:06, 11 October 2021 by Nukib472 (talk | contribs)
Jump to navigation Jump to search

This page is under construction.

Date The first  attacks were discovered in February 2020, the second wave of attack is dated October 2020.[1]
Suspected actor Western government operatives [2]
Target Devices using iOS, Android and Windows software.[1] [3]
Target systems Even though the Project Zero team omitted the information who was being targeted,[2]it can be concluded that in general the targeted systems were the browsers  - Safari, Chrome, Samsung Browser.[1]
Method The “threat actor” conducted an attack in which he was luring the users of the browsers in through a never-before-seen “watering hole website” that would attempt to infect some devices using a mixture of three zero-day and other “n-day” (already publicly known) vulnerabilities. [3]The website was pointing to two exploit servers that hosted exploit chains for Android, Windows, and iOS devices. [1]
Purpose According to the findings by MIT Technological Review attacks were part of a counter-terrorism operations.[2]
Result After nine months of a hacking operation, Google’s security teams exposed it. Moreover,  since the “expert” hacking group exploited 11 powerful vulnerabilities, Project Zero consider this operation as a big success.[1]On the other hand, when MIT revealed that the “expert” hacking group  were actually Western government operatives actively conducting a counterterrorism operation, it raised the question if the disclosure of such operation is appropriate.[4]
Aftermath The main issue of the operation was the speed and level of the expertise of attacks. Moreover, the fact that so many vulnerabilities were discovered that quickly is still troublesome, as other skilled hackers might have found and exploited them. According to the BGR “The silver lining of these revelations is that Western spies were targeting specific groups of people, which means most Android, iPhone, and Windows users shouldn’t be impacted.[5]
Analysed in

Collected by: ???