Turns Out This Sophisticated Hacking Campaign Was Actually the Work of ‘Western Government Operatives’

Illustration for article titled Turns Out This Sophisticated Hacking Campaign Was Actually the Work of 'Western Government Operatives'

Photo: Damien Meyer/AFP (Getty Images)

A sophisticated hacking campaign that was previously witnessed targeting security flaws in Android, Windows and iOS devices is actually the work of Western government operatives conducting a counterterrorism operation, according to a new report from MIT Technology Review.

The campaign in question, which has garnered more and more attention from media outlets over the last few weeks, was first written about in January by Googles threat research team Project Zero. At the time, all that was publicly known was that someone had been up to some very tricky business: a highly sophisticated group, likely staffed by teams of experts, was responsible for targeting numerous zero-day vulnerabilities (the grand total would later turn out to be 11) in various prominent operating systems, researchers wrote.

This hacking campaign, which ended up going on for about nine months, used the so-called watering hole methodin which a threat actor injects malicious code into a website to effectively booby trap it (visitors to the site will subsequently become infected with malware, which allows the hacker to target and escalate compromise of specific targets).

From all of these descriptors, signs naturally pointed to the involvement of some sort of high-level nation-state hackersthough few wouldve guessed that the culprits were, in fact, our friends! Nevertheless, that would appear to be the case. It is unclear what government is actually responsible for the attacks, who its targets were, or what the so-called counterterrorism operation related to all of this entailed. MIT has not divulged how they came into this information.

One thing is certain: Googles discovery and subsequent public disclosure of the exploits (as well as the companys decision to patch the vulnerabilities) has apparently derailed whatever government operation was occurring. MIT writes that, by going public, the tech company effectively shut down a live counterterrorism cyber mission, also adding that it is not clear whether Google gave advance notice to government officials that they would be publicizing and shutting down the attacks. This has apparently caused internal division at Google and raised questions inside the intelligence communities of the United States and its allies.

There are a whole lot of questions here, obviously. First off, what government was doing this? What was the terror threat they were investigating? Which websites were used in the pursuit of said terrorists? Given the sensitive political nature of these kinds of operations, its unlikely that were going to get any answers to those questionsat least not right away. But since theres so little information available, its also pretty difficult to understand whether Project Zero was justified in outing the operation or not, or what was even going on here.

Google apparently knows who the hackers are, and MIT reports that the incident has spurred a debate at the company over whether counterterrorism operations like this should be considered out of bounds for public disclosure, or whether it was well within their purview to disclose the vulnerabilities to protect users and make the internet more secure.

Source link

Leave a Reply

Your email address will not be published. Required fields are marked *