Skip to main content

Google’s Threat Analysis Group to share more about countering state-backed hacking

One of Google’s best-known security teams is Project Zero, and its mission is to find zero days vulnerabilities. Internally, the company also has the Threat Analysis Group (TAG) to “counter targeted and government-backed hacking against Google and our users.” Moving forward, TAG will publicize and share its work to “advance the broader digital security discussion.”

The Threat Analysis Group is over a decade old, and has previously posted about phishing campaigns, vulnerabilities, and disinformation. It works and coordinates with security teams within Google, as well as other tech companies and law enforcement.

Our daily work involves detecting and defeating threats, and warning targeted users and customers about the world’s most sophisticated adversaries, spanning the full range of Google products including Gmail, Drive, and YouTube.

In the future, Google TAG will “share more technical details and data about the threats we detect and how we counter them.” The team hopes that this will aid the broader security community and deter future attacks, while leading to “better awareness and protections among high-risk targets.”

TAG tracks more than 270 targeted or government-backed groups from more than 50 countries. These groups have many goals including intelligence collection, stealing intellectual property, targeting dissidents and activists, destructive cyberattacks, or spreading coordinated disinformation. We use the intelligence we gather to protect Google infrastructure as well as users targeted with malware or phishing.

Meanwhile, TAG today provided an update on state-sponsored phishing attempts — through credential phishing emails — and subsequent warnings that Google provides targeted users:

From July to September 2019, we sent more than 12,000 warnings to users in 149 countries that they were targeted by government-backed attackers. This is consistent (+/-10%) with the number of warnings sent in the same period of 2018 and 2017.

Distribution of government-backed phishing targets in Q3 (Jul-Sep 2019)

FTC: We use income earning auto affiliate links. More.

You’re reading 9to5Google — experts who break news about Google and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Google on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

Check out 9to5Google on YouTube for more news:

Comments

Author

Avatar for Abner Li Abner Li

Editor-in-chief. Interested in the minutiae of Google and Alphabet. Tips/talk: abner@9to5g.com