We’re so conditioned to be wary of cybersecurity issues that we forget that white hat hackers and grey hat hackers exist. Even major tech companies like Google forget – or choose not to remember. The large hacking operation Google outed was actually being carried out by counterterrorism hackers.
Project Zero is a team of security researchers employed by Google. It’s their job to sniff out vulnerabilities. They identified 11 zero-day exploits that were used to attack Windows, iOS, and Android. The researchers noted the sophistication of the attacks that took advantage of vulnerabilities in Chrome and Safari.
But these were not your average ethical hackers. The hackers originated from a nation-state. These were counterterrorism hackers from a Western ally to the U.S. When Google outed the attacks in January, the counterterrorism operation was still ongoing.
China, North Korea, and Russia are often called out by hackers backed by U. S. rivals. Project Zero didn’t blame anyone when identifying the 11 zero-day attacks. However, because these originated from an ally, it caused some drama at Google.
Which ally was carrying out this attack has not been divulged, nor has the basis for the counterterrorism operation.
MIT Technology Review reported that Google might have left out those details intentionally. It’s not even clear whether the Project Zero researchers notified the hackers before they outed them in January.
The drama inside Google includes some employees stating that counterterrorism efforts should not be outed publicly. Other employees believe the researchers did nothing wrong, as these attacks could bring harm to end-users.
Again, the researchers were alarmed by the sophistication of the attacks. “Watering hole” techniques were used by the counterterrorism hackers to add malware to websites that targets would use on Windows, Android, and iOS. The attacks only took nine months to carry out.
After the Discovery
A former senior U.S. intelligence officer explained that Western operations are always recognizable.
There are certain hallmarks in Western operations that are not present in other entities … you can see it translate down into the code. And this is where I think one of the key ethical dimensions comes in. How one treats intelligence activity or law enforcement activity driven under democratic oversight within a lawfully elected representative government is very different from that of an authoritarian regime. The oversight is baked into Western operations at the technical, tradecraft, and procedure level.”
Now that the counterterrorism operation has been outed, it’s not known to what extent its efforts were damaged. But outside of all of that troubling information, the basis for Google reporting the attacks is still troubling as well. The hackers took advantage of exploits on Chrome and Safari. It could have been malicious attackers who made that discovery.
It’s not clear whether the counterterrorism hackers are white hat or grey hat, but they definitely were ethical. Read on for a discussion on whether hackers can be a force for good.