



However, according to a former US intelligence official, Western operations are recognizable.

You can see that Western operations have certain characteristics that other entities do not have, which are translated into code. A former employee who spoke on condition of anonymity said he was not authorized to comment on the operation. And I think one of the important ethical aspects comes out here. How to handle intelligence or law enforcement activities under democratic oversight within a legally elected representative government is very different from that of an authoritarian regime.

Supervision has been incorporated into Western operations at the technical, trade technology, and procedural levels, they added.

Google has discovered that hacking groups have exploited 11 zero-day vulnerabilities in just nine months. This is a number of abuses in a short period of time. The attacked software included not only the Safari browser on the iPhone, but also many Google products, including the Chrome browser on Android phones and Windows computers.

But the conclusion within Google was who was hacking and why it wasn’t as important as the security flaw itself. Earlier this year, Project Zeros Maddie Stone claimed that hackers were too easy to find and use powerful zero-day vulnerabilities, and her team faced a difficult battle to detect their use. ..

Instead of focusing on the people behind or being targeted for a particular operation, Google has decided to take broader action on everyone. Justified is that even if the Western government exploits these vulnerabilities today, they will eventually be used by others, so the right choice is always to fix today’s flaws.

It’s not their job to understand

This isn’t the first time a Western cybersecurity team has caught a hacker from an ally. However, some companies expose such hacking operations if both the security team and the hacker are considered friendly, for example, if they are members of the Five Eyes Intelligence Alliance, which consists of the United States and the United Kingdom. I have a quiet policy of not doing it. , Canada, Australia, and New Zealand. Some members of Google’s security team are veterans of Western intelligence, and some have conducted hacking campaigns for these governments.

In some cases, security companies clean up so-called friendly malware, but avoid exposing it.

They aren’t usually the fault of US-based businesses, said Sasha Romanoski, a former Pentagon official who published a recent study on cybersecurity investigations in the private sector. They told us they were specifically leaving, it’s not their job to understand, they politely move aside. That’s not unexpected.

Google’s situation is unusual in some respects, but there have been some similar cases in the past. Russian cybersecurity firm Kaspersky fired in 2018, exposing US-led anti-terrorism cyber operations against members of ISIS and al-Qaeda in the Middle East. Kaspersky did not explicitly identify the threat, as Google did, but it still exposed it and became useless, US officials said. This made operatives inaccessible to valuable surveillance programs and even endangered the lives of soldiers on the ground.

Kaspersky had already been severely criticized for its relationship with the Russian government at the time and was eventually expelled from the US government system. I have always denied that there is a special relationship with the Kremlin.

Google had previously been in somewhat similar water. In 2019, the company released a survey that could have been an American hacking group, but did not show any specific attribution. But the study was about historic operations. But Google’s recent announcement was different because it spotlighted that it was a live cyber-spy activity.

Who is protected?

Alerts issued both within the government and at Google indicate that the company is in a difficult position.

Google’s security team is responsible for corporate customers and is widely expected to make every effort to protect their products and therefore the users under attack. It’s worth noting that in this case, the technology used affected not only Google products such as Chrome and Android, but also the iPhone.

While different teams draw their own lines, Project Zero named it by addressing critical vulnerabilities across the Internet, not just those found in Google products.

