Google shutting down an active counterterrorism operation (2020)
This page is under construction.
Date | The first attacks were discovered in February 2020, the second wave of attack is dated October 2020.[1] |
---|---|
Suspected actor | Western government operatives [2] |
Target | Devices using iOS, Android and Windows software.[1] [3] |
Target systems | Even though the Project Zero team omitted the information who was being targeted,[2]it can be concluded that in general the targeted systems were the browsers - Safari, Chrome, Samsung Browser.[1] |
Method | The “threat actor” conducted an attack in which he was luring the users of the browsers in through a never-before-seen “watering hole website” that would attempt to infect some devices using a mixture of three zero-day and other “n-day” (already publicly known) vulnerabilities. [3]The website was pointing to two exploit servers that hosted exploit chains for Android, Windows, and iOS devices. [1] |
Purpose | According to the findings by MIT Technological Review attacks were part of a counter-terrorism operations.[2] |
Result | After nine months of a hacking operation, Google’s security teams exposed it. Moreover, since the “expert” hacking group exploited 11 powerful vulnerabilities, Project Zero consider this operation as a big success.[1]On the other hand, when MIT revealed that the “expert” hacking group were actually Western government operatives actively conducting a counterterrorism operation, it raised the question if the disclosure of such operation is appropriate.[4] |
Aftermath | The main issue of the operation was the speed and level of the expertise of attacks. Moreover, the fact that so many vulnerabilities were discovered that quickly is still troublesome, as other skilled hackers might have found and exploited them. According to the BGR “The silver lining of these revelations is that Western spies were targeting specific groups of people, which means most Android, iPhone, and Windows users shouldn’t be impacted.”[5] |
Analysed in |
Collected by: ???
- ↑ 1.0 1.1 1.2 1.3 1.4 Project Zero, In-the-Wild Series: October 2020 0-day discovery , (18 March 2021)
- ↑ 2.0 2.1 2.2 Patrick Howell O’Neill, Google’s unusual move to shut down an active counterterrorism operation being conducted by a Western democracy , (March 26, 2021), MIT Technological Review
- ↑ 3.0 3.1 Lewis Page, Google’s Project Zero shuts down Western counter-terrorist hacker team , (29 May 2021), Verdict
- ↑ Lily Hay Newman, Security News This Week: Prolific Hackers Hosed by Google Were a Counterterrorism Operation , (27 March 2021), Wired
- ↑ Chris Smith, A Massive hack that Google thwarted was actually a counterterrorism operation , (28 March 2021), BGC