In recent days and especially after the formation of the Threat Analysis Group (TAG) (over a decade old) by Google Inc, the organisation has been 24×7 involved in detecting and defeating threats, and warning targeted users and customers about the world’s most sophisticated adversaries, this service is provided by Google Inc to the complete range of its products including Gmail, Drive, and YouTube.
We are all aware of the presence of security teams ‘Project Zero’ within Google Inc, which is 24/7 involved in identifying and exploring zero day vulnerabilities. Google had also formed the Threat Analysis Group (TAG) to counter targeted and government-backed hacking against Google and also Google Users. TAG was also mandated by the top management at Google to publicise and share its work to “advance the broader digital security discussion.” As it is obvious, this TAG team was also responsible for ensuring the Privacy and Human Rights to its consumers.
The TAG has also been posting on its blog related matters, and at the same time sensitising individual customers of phishing campaigns, vulnerabilities, and disinformation. It also works and coordinates with security teams within Google on the tasks envisaged, as also with other tech companies and law enforcement.
Recently the TAG team through an official press release has revealed that over 270 national government-backed cyberattack groups have been active in the month of April 2020 alone. These entities have been launching attacks on individuals in more than 50 countries. The tasked group at Google had also detected phishing and hacking attempts on Google accounts of over 50 such Google individual customers in India during the same month, i.e. April 2020. It has also been clarified that the attempts on the Google customers have been carried out by largely government agencies or those hired by them. As part of ethics and consumer obligation, Google has been informing the users about such attempts by these agencies.
Readers may recall, the involvement of “Pegasus” as claimed to be engaged by government agencies in India to spy on Indian Whatsapp Users. Now this time Google has reported that its users have been targeted. According to Google, government-backed or state-sponsored attacker groups have varying objectives. While some are due to law enforcement and intelligence activities, others may be related to intellectual property disputes or, could be targeting dissidents or activists. Overall, Google found 1755 instances of such state-sponsored backing.
Google TAG team has reportedly quoted, “We’ve seen new activity from “hack-for-hire” firms, many based in India that have been creating Gmail accounts spoofing the WHO. The accounts have largely targeted business leaders in financial services, consulting, and healthcare corporations within numerous countries including, the U.S., Slovenia, Canada, India, Bahrain, Cyprus, and the UK. ”
These emails used links to direct targets to malicious websites with fake login pages and then prompt them to give up their Google account credentials.