Google lists telecoms sector, media, NGOs, as highly vulnerable to cyber attacks
• Partners Microsoft, Facebook, and Twitter to curb menace
• Cautions on spyware vendors, govt-backed threats
While attacks vary from country to country, an American technology firm, Google, nevertheless, has warned that the telecommunications sector, media and non-governmental organisations, among others, are the most prone to cyber attacks, especially, phishing from cyber criminals.
Google said because of the critical features of these sectors, they are usually targeted.
Senior Director of Google’s Threat Analysis Groups (TAG), Hane Huntley, disclosed this, yesterday, at the ongoing Cybersecurity Virtual Reporting Tour.
The event, scheduled for August 29 to September 16, was organised by the Foreign Press Centres of the United States, with the theme: ‘A Shared Responsibility: Prioritising Public-Private Partnerships in Cybersecurity’.
Huntley said Google tracks threat groups from all over the world, not only actors coming to target Google itself, but also day-to-day attacks targeting users on all its platforms, including Gmail and Android.
She said in the last couple of years, Google had looked at serious cybercrime, especially the growth of ransomware, hack-for-hire and many of other sorts of large-scale and coordinated attempts and financially motivated hacking.
She said, lately, trends have shown that organisations are worried about being hacked by government-backed actors. She said collaborations would be crucial in preventing such criminals from launching attacks.
Huntley, who said there has been huge growth in commercial spyware vendors, urged that if anything is discovered, it should be exposed so that urgent measures could be taken.
According to her, to be ahead of cybercriminals, Google works closely with partners and competitors in the industry.
She said: “We’ll work with Microsoft and Facebook and Twitter and anyone, really, who is able to come together. This is a global effort and also a cross-industry effort.
“From Google’s perspective, we want to counter the threats. A more secure Internet, one, where users and customers and everyone is able to safely do their work is our goal. So, we will work together with people on those goals.”
The Google chief revealed that another disturbing trend is exploitation and zero-day threat.
She said zero-day is a vulnerability or an exploit, which there is no patch available for. “So, I hope you all are updating your computers, iPhones and Android phones to counter these vulnerabilities. But sometimes, the attacker finds something before the defenders do, and they’re out there using these exploits before there’s a fix available. These are super dangerous exploits!”
According to her, tackling this menace is part of TAG’s responsibilities.
She said: “We actually go out there and try, as part of our understanding the adversary, which is our mission. We try and understand the tools they use and discover these exploits. Some people call them cyber weapons, being used against users on a day-to-day basis. We try and get them fixed. We actually have set some fairly strong policies and got some pushbacks.”
Huntley revealed that trends show that journalists are attacked, almost on monthly basis, especially by government-backed threat actors, all across the globe. “So, I think anybody in this space should be looking at their own protection and security. From my perspective, you need to look at the devices you’re using. You want a secure up-to-date device; it doesn’t have to be an expensive device. Chrome books are awesome. But, whatever you have, you should keep it up to date and patched.
“You should make sure you’re using a secure password that you’re not using anywhere else. And you should sign up for the best sort of two-factor protection that you can. Our best programme that we have specifically designed for the most-risk users is called Advanced Protection Programme.
“In this case, you use these physical security keys. And physical security keys are super important, where you get security code via SMS on your telephone to enable you to secure your platforms.”