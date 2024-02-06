



Google reported on Tuesday that commercial surveillance vendors (CSVs) are involved in nearly 50% of known zero-day exploits targeting Google products.

The news revealed the increasing prevalence of CSV and the potential threat of spyware being used not only against well-known journalists, politicians, and academics, but also against ordinary citizens and businessmen.

According to Google's 50-page report, from mid-2014 to 2023, security researchers along with the Google Threat Analysis Group (TAG) discovered 72 real-world zero-day exploits impacting Google products, including 35 zero-day exploits have been attributed to CSV.

The commercial surveillance industry is filling a lucrative market niche by selling cutting-edge technology to governments around the world that exploits vulnerabilities in consumer devices and applications to secretly install spyware on personal devices. has appeared, Google researchers wrote. In doing so, commercial surveillance vendors (CSVs) are enabling the spread of dangerous hacking tools.

Morgan Wright, chief security advisor at SentinelOne, said Google's new information means everyone, everywhere is at risk.

The proliferation of mobile computing and the continued discovery of zero-day exploits means that spyware has become a booming market and will continue to grow because of the demand for these capabilities, Wright said. Most concerning, Wright said, is that spyware capabilities, once the exclusive domain of national intelligence agencies, are now readily available to anyone with a large enough bank account. continued.

Wright said the number of threat actors will grow exponentially, making it extremely difficult to identify and defend against these threats. For the security community, this means no rest. Until now. Attack vectors change minute by minute and hour by hour. As a threat emerges, is identified and addressed, more threats are developed to replace it. This forces certain decisions regarding open and closed platforms. More freedom and security may require tighter controls.

Marina Liang, threat intelligence engineer at Interpres, said spyware is not going away anytime soon, as it has proven to be very lucrative for cyber espionage and surveillance of targeted populations. Liang has played a key role on the cybernetics front, with large-scale surveillance operations targeting dissidents, journalists and minority groups, she said. Unfortunately, beyond preventing personal travel to countries known to exploit spyware or preventing the use of your phone when traveling abroad, there are many ways to actually protect your mobile device security. Liang pointed out that it is difficult to enforce.

Liang said neither option is feasible, if not impossible. In a campaign targeting Uyghurs and Muslims in China, sensitive information such as emails, contacts, and text messages is used to track unsuspecting tourists by installing spyware apps on their Android phones. I found out that it was. Muslim keyword location or national flag. In this campaign targeting Muslims in China and neighboring countries, it is important to note that the targeted individuals may be intermediary targets, making the use of spyware more widespread. .

Michael Covington, Jamf's vice president of portfolio strategy, said a recent analysis of commercial spyware shows that it is no longer the domain of individual attackers, but rather a variety of relationships with a common goal of quietly destroying hardware. He added that the results show that the industry has become a sophisticated ecosystem of people. and the software tools that so many people have come to rely on for their daily work.

Covington said that to effectively counter this growing and already significant threat, the U.S. government must undertake extensive efforts to build a community focused on stopping these tools.

Covington said promoting transparency, facilitating the secure sharing of breach details, and enforcing sanctions and legal action are all necessary elements to building an effective campaign against these threat actors. Stated. Much of the burden of dealing with the commercial spyware market is expected to fall on the security community. These organizations play a critical role in addressing existing exploited vulnerabilities, running triage programs, and establishing best practices going forward.

