Google and Microsoft have in recent months scrambled to counter cyberattacks of an unprecedented scale. And as the two companies consistently find themselves at the frontlines of cyberwarfare, a new dilemma is emerging regarding how best to maintain transparency through comprehensive security reports while reducing the probability of intractable collateral damage.
Google Has Problems Outing Friendlies
A just-released cybersecurity report by Technology Review focusing on Google has revealed some quandary emerging from a recent cybersecurity encounter. According to the publication, a Google cybersecurity security team recently stumbled upon a ‘friendly’ counterterrorism hacking operation run by an allied Western power, and unilaterally shut it down. The unit was found to be exploiting 11 zero-day vulnerabilities that targeted the Safari browser, an exclusive Apple product for iOS, as well as Google’s Chrome browser, which is available for both Android gadgets and Windows computers.
In the aftermath of the incident, Google refrained from providing details related to the attack and the foreign agency involved. And now, according to the Technology Review report, some security engineers at the company are questioning whether such findings should be concealed from the public. Notably, the communique released by Google’s cybersecurity team leaves out key details about the malware used. The report also fails to name the country undertaking the counterterrorism scheme. It only divulges that a series of domains were used as ‘watering hole’ sites to target victims’ devices and unleash a chain of vulnerability attacks.
As things stand, publicizing intricate details about such a finding could imperil the lives of the authorities involved and taper security cooperation with the allied nation. As discerned from the 2018 Kaspersky saga, non-disclosure is sometimes key in handling such situations. The Russian cybersecurity firm got chided by a collective of Western powers after it exposed a US cyber counterterrorism project targeting Al Qaeda and ISIS members. The move led to the firm’s programs being effaced from American government systems.
Understandably, Google’s decision to remain silent in this case is a strategic nous. As underscored by a company representative, “We believe sharing this research leads to better defensive strategies and increases security for everyone. We don’t perform attribution as part of this research.”
Microsoft’s Security Reports are Being Used by Hackers
While Google refrains from outing allies in its security reports, Microsoft is dealing with another unique issue. Its detailed security reports are being used by hackers to target its systems. As witnessed in the most recent Microsoft Exchange attack, hackers are able to exploit publicized vulnerabilities before most Microsoft users patch their systems.
Of course, the scale of such exploits can be grand. With over 75 percent of all PCs in the world being powered by Windows, and over 70 percent of all malware attacks targeting Microsoft Office products, it is hard for cybercriminals to miss. The situation is so bad that in February, Google allegedly asked lawmakers to probe Microsoft’s product vulnerabilities and the company’s remissness in tempering the SolarWinds attack.
While Microsoft has acknowledged that hackers are moving fast to exploit systems after every patch release, its vulnerability reporting options remain limited. As such, it has encouraged greater information-sharing and security vigilance among users to thwart cyberattacks.
(Featured Image via Pixabay)