Google’s Threat Analysis Group (TAG) revealed that it has detected and blocked attacks carried out by nation-state actors on 12,000 of its users in the third quarter of this year.
Over 90 percent of the users identified by Google were targeted via “credential phishing emails” that attempt to trick victims into providing their password or other account credentials to hijack their Google account.
“TAG tracks more than 270 targeted or government-backed groups from more than 50 countries. These groups have many goals including intelligence collection, stealing intellectual property, targeting dissidents and activists, destructive cyber attacks, or spreading coordinated disinformation.” reads the report published by Google TAG.”We use the intelligence we gather to protect Google infrastructure as well as users targeted with malware or phishing ”
The tech giant encourages users like journalists, human rights activists, and people involved in political campaigns to enroll in its Advanced Protection Program (APP), which leverages hardware security keys to improve the security of the accounts and prevent phishing and account hijackings.
Users in 149 countries have been alerted between July and September 2019, which is consistent with a +/-10 percent range with the number of phishing email warnings sent in the same period of 2018 and 2017.
Google pointed out that alerts only inform users that nation-state actors attempted to access their accounts using various attack techniques, such as phishing or malware. It
One of the goals of the Google TAG is to tackle coordinated disinformation operations that attempt to game Google services. The group shares relevant threat information on these campaigns with law enforcement and other tech companies.