Google has said it will provide free hardware security keys to 10,000 “high-risk” users, days after the company warned thousands of Gmail users that they had been targeted by state-sponsored hackers.
The alert, sent out by Google’s Threat Analysis Group (TAG), alerted more than 14,000 Gmail users that they were targeted from APT28 in a state-sponsored phishing campaign, also known as Fancy Bear. that it is made up of operators of GRU of Russia. intelligence Agency. Fancy Bear has been active for more than a decade, but it is widely known for its hacking into the Democratic National Committee and its propaganda and election-influencing campaign leading up to the 2016 US presidential election.
“These warnings indicate targeting is not compromised. If we’re warning you we’re very likely to be blocked,” Google’s TAG Director Shane Huntley wrote in a Twitter thread on Thursday. “The increased numbers this month come from a small number of broadly targeted campaigns that were blocked.”
Huntley said these warnings are common to individuals such as activists, journalists and government officials because they target government-backed organizations. “If you are an activist/journalist/government official or work in” [national security], this warning honestly shouldn’t come as a surprise. at some point [government] The supported organization will probably try to send you something,” he said.
google said in a blog post That it will send security keys throughout 2021 to encourage users to enroll in its Advanced Protection Program (APP), which protects users with high visibility and sensitive information who are at risk of targeted online attacks. Security keys make it harder for phishing attacks to work because security keys can only be used to unlock accounts on legitimate websites.
Additionally, Google also announced a new and expanded partnership with the International Foundation for Electoral Systems (IFES), UN Women and the non-profit Defending Digital Campaign (DDC) to enhance security for its most at-risk users.
Through its collaboration with the latter, Google said it has provided Titan security keys to more than 180 eligible federal campaigns during the 2020 US election season, adding that it is now available for state-level campaigns and political and Working with the organization to provide security. Parties, committees and related organizations, including workshops and training on how to defend against cyber attacks.