Western operations are recognized, according to a former senior U.S. intelligence official.
“Western operation has some hallmarks that do not exist in other entities … you can translate it into code,” said the official, who was authorized to comment on the operation and spoke on condition of anonymity. “And that’s where I think one of the key policy aspects comes from. How to deal with intelligence activity or law enforcement activity under democratic supervision within a legally elected representative government.”
“Surveillance is baked into Western activities at the technical, tradecraft and process level,” they added.
The Google hacking group exploited 11 zero-day vulnerabilities in just nine months, a high number in a short period of time. The software that was attacked included a number of Google products, including the Safari browser on iPhones, as well as the Chrome browser on Android phones and Windows computers.
But the conclusion within Google is who was hacking and why security itself is so flawed is not so important. Earlier this year, Project Zero’s Maddie Stone argued This is very easy for hackers Strong zero-day weakness and to find and use it His team faces a final fight Identification of their use.
Instead of focusing on who was behind the specific activity and who was the target, Google has decided to take a broader approach for everyone. The rationale was that if any Western government used those vulnerabilities today, it would eventually be used by others and so the right mistake would always be to fix the error.
“It’s not their job to determine.”
This is the first time a Western cybersecurity team has caught allied hackers. Some organizations, however, have a policy of not disclosing such hacking activities in public if both the security team and the hacker are considered friendly. Formed the United States, United Kingdom, Canada, Australia, and New Zealand. Several members of Google’s security team are veterans of Western intelligence agencies and some have carried out hacking campaigns for these governments.
Inside Some reason, Security agencies will clean up so-called “friendly” malware but avoid becoming public with it.
“They don’t usually blame US-based operations,” said Sasha Romanowski, a former Pentagon official, in a recent statement. Research In the private sector cyber security investigation. “They told us they had moved away in particular. It is not their job to determine; They politely moved to one side. This is not unexpected. ”
While the Google situation is unusual in some ways, there have been some such incidents in the past. Russian cybersecurity firm Kaspersky Fire In 2018 when it unveiled a US-led anti-terrorism cyber operation against ISIS and al Qaeda members in the Middle East. Casparsky, like Google, did not explicitly identify the cause of the threat but nevertheless disclosed it and presented it as useless, with U.S. officials saying it lost operators access to a valuable surveillance program and even endangered the lives of soldiers.
Kaspersky was immediately criticized for his immediate relationship with the Russian government, and in the end the organization was Forbidden From the US government system. It has always denied having any special relationship with the Kremlin.
Google has found similar waters before. In 2019, the company was released Research As to what the American hacking group might be, though no specific specification was ever made. But that study was about a historic operation. Google’s recent announcements, however, shed light on what live cyber-intelligence operations were carried out.
Who is being protected?
Alarms are raised both inside the government and Google shows that the company is in a tough position.
Google security teams have a responsibility to the customers of this organization and it is widely expected that they will do their best to protect the products that are under attack – and therefore the users -. In this case, it is noteworthy that the technologies affect not only Google products like Chrome and Android, but also iPhones.
Project Zero has made a name for itself by tackling critical vulnerabilities across the Internet, not just those not found on Google products, as different teams draw their own lines.