Google shutting down an active counterterrorism operation (2020): Difference between revisions
Jump to navigation
Jump to search
Content added Content deleted
No edit summary |
(minor edits) |
||
| Line 1: | Line 1: | ||
''This page is under construction.'' |
|||
{| class="wikitable" |
{| class="wikitable" |
||
! scope="row"|Date |
! scope="row"|Date |
||
|The first |
|The first attacks were discovered in February 2020, the second wave of attack is dated October 2020.<ref name=":0">Project Zero, [https://googleprojectzero.blogspot.com/2021/03/in-wild-series-october-2020-0-day.html In-the-Wild Series: October 2020 0-day discovery] , (18 March 2021)</ref> |
||
|- |
|- |
||
! scope="row"|Suspected actor |
! scope="row"|Suspected actor |
||
|Western government operatives |
|Western government operatives<ref name=":1">Patrick Howell O’Neill, [https://www.technologyreview.com/2021/03/26/1021318/google-security-shut-down-counter-terrorist-us-ally/ Google’s unusual move to shut down an active counterterrorism operation being conducted by a Western democracy] , (March 26, 2021), MIT Technological Review</ref> |
||
|- |
|- |
||
! scope="row"|Target |
! scope="row"|Target |
||
| Line 12: | Line 10: | ||
|- |
|- |
||
! scope="row"|Target systems |
! scope="row"|Target systems |
||
|Even though the Project Zero team omitted the information who was being targeted,<ref name=":1" />it can be concluded that in general the |
|Even though the Project Zero team omitted the information who was being targeted,<ref name=":1" /> it can be concluded that in general the systems were targeted through browsers - Safari, Chrome, Samsung Browser.<ref name=":0" /> |
||
|- |
|- |
||
! scope="row"|Method |
! scope="row"|Method |
||
|The “threat actor” conducted an attack in which he was luring the users of the browsers in through a never-before-seen “watering hole website” that would attempt to infect some devices using a mixture of three zero-day and other “n-day” (already publicly known) vulnerabilities. |
|The “threat actor” conducted an attack in which he was luring the users of the browsers in through a never-before-seen “watering hole website” that would attempt to infect some devices using a mixture of three zero-day and other “n-day” (already publicly known) vulnerabilities.<ref name=":2" /> The website was pointing to two exploit servers that hosted exploit chains for Android, Windows, and iOS devices.<ref name=":0" /> |
||
|- |
|- |
||
! scope="row"|Purpose |
! scope="row"|Purpose |
||
|According to the findings by MIT Technological Review attacks were part of a counter-terrorism operations.<ref name=":1" /> |
|According to the findings by the MIT Technological Review, the attacks were part of a counter-terrorism operations.<ref name=":1" /> |
||
|- |
|- |
||
! scope="row"|Result |
! scope="row"|Result |
||
|After nine months of a hacking operation, Google’s security teams exposed it. Moreover, |
|After nine months of a hacking operation, Google’s security teams exposed it. Moreover, since the “expert” hacking group exploited 11 powerful vulnerabilities, Project Zero consider this operation as a big success.<ref name=":0" /> On the other hand, when MIT revealed that the “expert” hacking group were actually Western government operatives actively conducting a counterterrorism operation, it raised the question if the disclosure of such operation is appropriate.<ref>Lily Hay Newman, [https://www.wired.com/story/security-news-hackers-hosed-by-google-counter-terrorism-operation/ Security News This Week: Prolific Hackers Hosed by Google Were a Counterterrorism Operation] , (27 March 2021), Wired</ref> |
||
|- |
|- |
||
! scope="row"|Aftermath |
! scope="row"|Aftermath |
||
|The main issue of the operation was the speed and level of the expertise of attacks. Moreover, the fact that so many vulnerabilities were discovered that quickly is still troublesome, as other skilled hackers might have found and exploited them. According to the BGR “'' |
|The main issue of the operation was the speed and level of the expertise of attacks. Moreover, the fact that so many vulnerabilities were discovered that quickly is still troublesome, as other skilled hackers might have found and exploited them. According to the BGR “''the silver lining of these revelations is that Western spies were targeting specific groups of people, which means most Android, iPhone, and Windows users shouldn’t be impacted.''”<ref>Chris Smith, [https://bgr.com/tech/google-project-zero-iphone-android-hack-counterterrorism-western-ally/ A Massive hack that Google thwarted was actually a counterterrorism operation], (28 March 2021), BGC</ref> |
||
|- |
|- |
||
! scope="row"|Analysed in |
! scope="row"|Analysed in |
||
| Line 30: | Line 28: | ||
|} |
|} |
||
Collected by: [[People#Research_assistants| |
Collected by: [[People#Research_assistants|Anna Blechová]] |
||
[[Category:Example]] |
|||
[[Category:2021]] |
[[Category:2021]] |
||
Revision as of 12:24, 25 October 2021
| Date | The first attacks were discovered in February 2020, the second wave of attack is dated October 2020.[1] |
|---|---|
| Suspected actor | Western government operatives[2] |
| Target | Devices using iOS, Android and Windows software.[1] [3] |
| Target systems | Even though the Project Zero team omitted the information who was being targeted,[2] it can be concluded that in general the systems were targeted through browsers - Safari, Chrome, Samsung Browser.[1] |
| Method | The “threat actor” conducted an attack in which he was luring the users of the browsers in through a never-before-seen “watering hole website” that would attempt to infect some devices using a mixture of three zero-day and other “n-day” (already publicly known) vulnerabilities.[3] The website was pointing to two exploit servers that hosted exploit chains for Android, Windows, and iOS devices.[1] |
| Purpose | According to the findings by the MIT Technological Review, the attacks were part of a counter-terrorism operations.[2] |
| Result | After nine months of a hacking operation, Google’s security teams exposed it. Moreover, since the “expert” hacking group exploited 11 powerful vulnerabilities, Project Zero consider this operation as a big success.[1] On the other hand, when MIT revealed that the “expert” hacking group were actually Western government operatives actively conducting a counterterrorism operation, it raised the question if the disclosure of such operation is appropriate.[4] |
| Aftermath | The main issue of the operation was the speed and level of the expertise of attacks. Moreover, the fact that so many vulnerabilities were discovered that quickly is still troublesome, as other skilled hackers might have found and exploited them. According to the BGR “the silver lining of these revelations is that Western spies were targeting specific groups of people, which means most Android, iPhone, and Windows users shouldn’t be impacted.”[5] |
| Analysed in |
Collected by: Anna Blechová
- ↑ 1.0 1.1 1.2 1.3 1.4 Project Zero, In-the-Wild Series: October 2020 0-day discovery , (18 March 2021)
- ↑ 2.0 2.1 2.2 Patrick Howell O’Neill, Google’s unusual move to shut down an active counterterrorism operation being conducted by a Western democracy , (March 26, 2021), MIT Technological Review
- ↑ 3.0 3.1 Lewis Page, Google’s Project Zero shuts down Western counter-terrorist hacker team , (29 May 2021), Verdict
- ↑ Lily Hay Newman, Security News This Week: Prolific Hackers Hosed by Google Were a Counterterrorism Operation , (27 March 2021), Wired
- ↑ Chris Smith, A Massive hack that Google thwarted was actually a counterterrorism operation, (28 March 2021), BGC