The primary source of Microsoft’s Zero-Day hack-attacks has been revealed in the MIT Technology Review. This is mostly the work of “Western government operatives” conducting a counter-terrorism operation,” the report claims.
The 9-month hacking campaign was targeting security flaws in Android, Windows, and iOS devices. Google’s security research teams went public with patches to “fix” the problem in January.
The Microsoft hack was reportedly discovered in October 2020. And had a second wave of attackers in February 2021 after Google’s teams went public. Microsoft’s site first disclosed details of the attack on March 2021.
Google cyber-security teams are busy
In the last two months, the campaign in question has gotten an increasing amount of attention. Initially, it was revealed a “highly sophisticated” group with “teams of experts,” was responsible. Eventually, it came out they were targeting 11 zero-day vulnerabilities in major operating systems.
Multiple sources, including the CISA, identified it was a Chinese-government HAFNIUM attack.
According to the MIT Technology Review, “Google runs some of the most venerated cybersecurity operations on the planet: its Project Zero team, for example, finds powerful undiscovered security vulnerabilities, while its Threat Analysis Group directly counters hacking backed by governments, including North Korea, China, and Russia.”
Handling of zero-day hack-attacks leave questions
The MIT article reports the public disclosure effectively shut down a “live counter-terrorism” cyber mission. It “is not clear whether Google gave advance notice to government officials that they would be publicizing and shutting down.” The disclosure of the source of zero-day hack-attacks closed the operation.
It is still uncertain who was running the counter-terrorism operations. But the debate is ongoing. Should it have been considered “out of bounds” for public disclosure? Or was it important the vulnerabilities be revealed so they could be “fixed”? The mission is to, “protect users and make the internet more secure.”
Supposedly alarms are still going off at Google and elsewhere. There are more questions than answers regarding the initial attack and which governments it thwarted. Regardless, this is probably the biggest ever cyber-security effort which may have been “killed by friendly fire.”