Google unveils elite hacker squad

Google unveils elite hacker squad

Summary: Search giant has revealed that it has put together a team of security researchers that will target finding zero-day exploits, regardless of whether they exist in Google software or not.

TOPICS: Security, Google

Google has unveiled an elite squad of hackers tasked with scouring the internet for security holes and defending the public against cyberattacks.

Unveiled on Wednesday as "Project Zero", the team will hunt for bugs in the world's most popular software, such as Google Chrome and Internet Explorer.

"You should be able to use the web without fear that a criminal or state-sponsored actor is exploiting software bugs to infect your computer, steal secrets or monitor your communications," Google security researcher Chris Evans said in a blog post.

Yet he said sophisticated attacks continue to target, for instance, human rights activists and businesses.

"This needs to stop. We think more can be done to tackle this problem."

"We're hiring the best practically-minded security researchers and contributing 100 per cent of their time toward improving security across the internet."

The squad will focus mainly on "zero-day vulnerabilities" — little-known software weaknesses used to hack devices and spy on users before developers have a chance to fix them.

A number of private firms already hunt for such vulnerabilities, selling their information to governments and affected companies.

Yet these firms do not always share their findings publicly, meaning the vulnerabilities can continue to be exploited.

Evans said Project Zero would conduct its work transparently, with all bugs being filed in a public database after first being passed on to the software's vendor for fixing.

Public disclosure will also give users the opportunity to monitor how long companies take to resolve vulnerabilities, he added.

Google's announcement comes after the recent Heartbleed scare, in which a flaw in internet encryption codes went undiscovered for two years, potentially allowing attackers to siphon data from supposedly secure websites.

Google researchers were involved in discovering and patching the bug.

Topics: Security, Google

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • it all sounds so good...

    but from one of the creepiest companies ever, gives rise to what else will they do? They earned their distrust this wont change it.
    • Distrust

      GoOgle being GoOgle, their hackers are most likely for finding other ways to getting all of your personal information to sell to marketers and the government. Of course they'll claim it's for other "good intentions" just for positive publicity.....
  • Anyone surprised that they are making this official?

    They have always had a hacker unit, specializing in finding zero day for Microsoft software & releasing them to the wild. What makes them announce it now?
    • interested in hearing your proof on that one.

      considering how many times they have told Microsoft and not the public about zero days I'm surprised you can even say that with a straigth face. (maybe you can't, I can't see you to tell.)

      They didn't release the heardbleed code until they had developed a fix themselves, they have told Mcirosoft first when they find something with windows.. where are you getting this stuff from? Are you wearing a shiny silver beany?
  • Keyboard Encryption will Lock-Down your data and Keyboard...

    #MobileKeyLoggingTheftSolution can be found on Face Book and G+ for a Pro-Active Solution for #KeyboardEncryption that Locks-Down your PC, Mac and Mobile Keyboard and keeps your data safe from #Hackers
  • Not To Be Trusted

    Google can't be trusted. Why would a company which will help The Department of Defense develop combat robotics, not also help with "defensive cyber security?" Any security flaws they find will be given to NSA, FBI, CIA, etc.
  • Hacker Squad

    Lets turn them loose on some of these private security firms! Then we can know what their discovering and integrate a defense against them as well. It would be easier and more efficient to steal their "discoveries" then to reinvent the wheel!