Google has divided the opinion of its workers after stopping an attack of hackers which turned out to be a group of experts from an allied country in the middle of an anti-terrorist operation.
The company reported that its divisions Project Zero, in charge of finding vulnerabilities in systems, and the Threat Analysis Group, that is in charge of countering cyberattacks backed by governments such as Russia or North Korea, found a group of hackers that took advantage of 11 dangerous vulnerabilities to attack PCs and cell phones Android Y iOS.
However, according to the MIT Technology Review, Google did not report that these hackers they were government agents from a western country actively working on a counterterrorism operation.
Two recent blog posts by Google detail the set of zero-day vulnerabilities that hackers used for nine months. The exploits, dating back to the beginning of 2020 and based on techniques never seen before, they were “well” attacks that, through infected web pages, introduced malware To visitors. They caught the attention of cybersecurity experts from Google for its scale, sophistication and speed.
Doubts in the case
In a statement, a spokesperson for Google states: “Project Zero is dedicated to finding and fixing zero-day vulnerabilities and publishing technical research designed to advance the understanding of new security vulnerabilities and exploitation techniques throughout the research community. We believe that sharing this research leads to better defensive strategies and increases safety for all. We do not make any attributions as part of this investigation. “
It is true that Project Zero does not formally attribute hacks to specific groups. But Threat Analysis Group, who also participated in this project, yes. Google omitted many details about the report, in addition to the name of the government behind the attacks and, through that information, the teams knew internally who the hackers and the objectives.
It is not known if Google He notified the government authorities in advance in advance that they would make the attack method public and stop it.
The conclusion within Google was that who hacks and why are not as important questions as the security vulnerabilities themselves.
Although what happened in Google It is somewhat unusual, similar cases have occurred in the past. The Russian cybersecurity company Kaspersky It was heavily criticized in 2018 when it exposed a US-led counter-terrorism cyber operation against members of Al Qaeda and ISIS in the Middle East.
Google he has also been in similar situations. In 2019, he published an investigation into what may have been a group of hackers Americans, although no specific attribution was ever made. But that investigation was about a past operation. Recent publications by Google, instead, they focused on an active cyber espionage operation.
We recommend METADATA, RPP’s technology podcast. News, analysis, reviews, recommendations and everything you need to know about the technological world. To hear it better, #StayEnCasa.