- Google has released a six-part documentary entitled Hacking Google.
- The series covers key industry-defining events like the Operation Aurora cyberattack and more.
- Each episode is dedicated to each of the teams that make up Google’s cybersecurity department.
From replying to emails to watching YouTube videos, the internet is a part of our daily lives. Whether we’re glancing at our phone after waking up or logging in to start the workday, we use the internet without a second thought. And not only do we often use it carelessly, but we also trust the services we use to protect us from the dangers that lurk on the internet.
However, keeping everyone safe online is easier said than done. To unveil everything that contributes to your safety while surfing the Internet, Google has released a six-part documentary titled Hacking Google. The series focuses on each of the company’s cybersecurity teams and their relentless efforts to thwart cyber threats.
Android authority got a chance to watch the documentary in its entirety, and here are the craziest things we learned from it.
After the release of the stable version of its new operating system (Android) in 2008, the following year was an eventful one for Google. Later, when Google was sailing at the peak of its new operating system, it was in for a nasty surprise that seemed to stop everything.
On December 14, 2009, Vice President of Security Engineering Heather Adkins and others in the department discovered unusual activity in the form of a single message being sent to an employee. What seemed like a simple phishing attack — where the sender tries to trick the recipient into clicking a malicious link or divulging sensitive information — turned out to be something much bigger, one that would change the industry forever.
Once the link was opened, the user was taken to a website that downloaded malicious software that helped the attacker gain a foothold on one of Google’s servers. The cyber attack was nothing ordinary as it could learn and change tactics faster than Google’s local security team could handle at the time. As a result, Google’s security team dropped everything to focus on this one issue.
Immediately after Android’s initial launch, Google faced one of the most devastating attacks in its history.
The problem was deemed so severe that the team stopped reserving one conference room as a war room and instead expanded it to cover the entire building. Google’s security experts from around the world gathered in Mountain View and pulled hard drives from across campus to conduct forensic investigations.
While trying to understand the exploit used for the attack, the code word “Aurora” was found in the malicious code. Aurora refers to a Russian battleship that fired a shot that started the Russian Revolution. This discovery led to Google launching Operation Aurora, a project that completely changed the way Google approached cybersecurity.
The security team was eventually able to rid its network of the attacker after deciding to remove all employees from the network and reset all passwords. In 2010, Google learned that at least 20 other companies were compromised and that the culprit behind the attack was a foreign government – China.
This was one of the first instances where a government was more likely to hack companies and individuals than other governments or government employees.
I could cry
WannaCry is one of the most notorious ransomware attacks — a cyberattack that takes computers hostage in exchange for money — in history, and Google played a role in discovering its origin.
Google’s Threat Analysis Group (TAG) was formed in the wake of Operation Aurora. Its job is to hunt down and tag cyber criminals and their techniques. This enables various security teams to create countermeasures and responses to cyber attacks.
The backbone of TAG is Google’s search engine, a tool that downloads the entire public-facing web. As you know, the internet is full of good and bad websites, but Google’s search engine usually flags bad content before it reaches your search results.
WannaCry was a huge problem and Google played a key role in solving the problem.
TAG created a full replica of Google Search to inject any malware the team finds. This way, it has a complete index of malicious software that the team can search through when identifying attack techniques.
In the documentary, TAG director Shane Huntley says his team used this system against the infamous WannaCry attack, which affected over 200,000 computers in 150 countries.
The group included the malware in their search engine and found related behaviors and accounts used to set up the malware. Their investigations led them to discover that the North Korean government was behind the mess.
An army of fake security experts
WannaCry wasn’t the only cyberattack linked to North Korea. The North Korean government also attempted to obtain inside information by attempting to gain the trust of security professionals around the world through sophisticated fake personas.
In January 2021, it was discovered that an army of supposed security experts were just fake accounts created by a malicious actor. The purpose of these accounts was to earn the trust of real security professionals. This was done through careful, calculated conversations that could trick any expert. Once trust was gained, the fake persona asked the experts to review a website.
As it turns out, not every Associated Google Expert is a real security researcher — or even a real person.
As you probably guessed, the websites contained exploits that would give the malicious actor access to the researcher’s computer. This is particularly dangerous as the researchers’ computers are likely to contain cybersecurity research that could teach the hacker how these experts create the locks used to block malware. With this information, they would be able to find ways to breach these security measures.
Once again, Google was able to locate the source of the attack. The detection and response team also found that two of Google’s own computers had been compromised by one of these fake accounts.
No chloroforming guards
Implementing cyber security measures is a great way to protect your business and the people who use your products and services from cyber threats. But what good are these efforts if they are not effective? For this reason, testing is an important part of ensuring the quality of your cybersecurity. Google’s Red Team is responsible for finding exploits in the company’s cybersecurity.
Known as penetration and vulnerability tests, Red Team works to hack into every product from Google. Sometimes this requires creative thinking.
A team at Google spends their days hacking Google themselves, but they have to follow a few rules.
An example of this is when the group pursued Google Glass. In order to hack into the project, Red Team devised a plan to offer USB plasma balls with preinstalled malware to other employees on campus. In fact, someone plugged one of the globes into their computer and the team was able to gain access to the Google Glass project through a series of infections dubbed Kill Chain.
Several generations of mobile espionage
Project Zero is a dedicated team that finds and reports vulnerabilities. They are responsible for finding so-called zero-day hacks – a vulnerability in a program’s code that cybercriminals discover before the people responsible for fixing it. Humans have zero days to defend against a zero-day attack, hence the name.
The documentary states that zero-day vulnerabilities have been used for everything from monitoring human rights activists to damaging physical infrastructure. For example, the Aurora attack was a zero-day exploit.
An unknown commercial phone was basically a video spy device.
Thanks to the efforts of security engineer Natalie Silanovich, five different video chat apps were discovered to have a vulnerability that could allow a hacker to force a phone to transmit video and audio without the owner’s knowledge.
One of Project Zero’s biggest discoveries had to do with a popular cell phone. In December 2018, TAG found a group of exploits being used against an unnamed handset. Project Zero analyzed the exploits and found that the vulnerabilities could allow someone to take chat histories, photos, GPS locations, and more.
Even more disturbingly, it appeared that this exploit had existed for several generations of this mobile device. In fact, the exploit was used to spy on the Uyghur community.
Which of these revelations did you find most interesting? Let us know in the poll below.
What do you think is the craziest thing about this documentary?
https://www.androidauthority.com/hacking-google-documentary-3215298/ Here are the craziest stories from the new Hacking Google documentation