Google is reporting a disturbing increase in suspected state-sponsored hacks.
Since 2012, Google has issued warnings to users if a state-sponsored hacker might be targeting their accounts. “So far in 2021, we’ve sent over 50,000 warnings, a nearly 33% increase from this time in 2020,” Security Engineer Ajax Bash wrote in a post on Thursday.
Google is blaming the increase mainly on the notorious Russian hacking group APT 28, also known as Fancy Bear. A large-scale phishing campaign from the group prompted Google to send 14,000 warnings to users last month.
The other warnings can be sourced back to a variety of state-sponsored hacking groups Google has been trying to monitor. “On any given day, TAG (the company’s Threat Analysis Group) is tracking more than 270 targeted or government-backed attacker groups from more than 50 countries,” Bash said. “Thousands of these warnings are sent every month, even in cases where the corresponding attack is blocked.”
His post then discusses how one Iranian state-sponsored hacking group known as APT 35, or Charming Kitten, has been trying to phish users. One method involves uploading a fake VPN app to the Google Play Store that was designed to steal data from victims’ phones. Fortunately, Google detected the app and removed it before any users tried to install the malicious program.
Another tactic involved impersonating officials at international conferences and sending phishing emails on their behalf. But again, the company disrupted the attacks by “using Google Drive, App Scripts, and Sites pages,” which can block or place warnings on suspected phishing attempts.
To protect your account from state-sponsored hackers, consider the company’s free Advanced Protection Program. It represents Google’s highest security system for user accounts, and requires anyone logging on to both supply the correct password and a security key or applicable smartphone to gain access.
If the program seems too restrictive, consider turning on two-factor authentication. Google plans on automatically enabling the security setting for 150 million users later this year.
