Nation-state threats continue to pose risks to national security. In an effort to mitigate those attacks, Google continues to improve its security tools to better detect and respond to state-sponsored threats, particularly with regard to protecting political campaigns and local, state and national elections.
In “An Update of State-Sponsored Activity” published 23 August, Kent Walker, SVP of Google’s global affairs, wrote that its threat analysis group has been working with its partners at Jigsaw and the Google Trust & Safety team to identify bad actors, disable their accounts, warn users and share intelligence – both with other companies and law enforcement officials.
Three specific areas of work that Google has focused on include “state-sponsored phishing attacks, technical attribution of a recently reported influence campaign from Iran and detection and termination of activity on Google properties.” To that end, Gmail users recently received a notification from Google alerting them to take immediate action against government-back attackers who may have been attempting to steal passwords.
“Google’s efforts to track and terminate deceptive campaigns of influence run by inauthentic nation-state actors is a step in the right direction. Deception is one of the most effective and pernicious cyber-threats facing Americans and democracy today,” said Rick Moy, chief marketing officer at Acalvio.
“This coordinated action with other security organizations should be welcomed. While some may characterize this as censorship, the evidence presented in the reports is transparent and open to vetting and analysis by the broader community.”
Yet not all experts in the security industry welcome these types of coordinated efforts.“Everyone appreciates any action taken to prevent any interference with the US political process. However, we must be careful that private actions done outside of the appropriate legal framework doesn't result in exactly the opposite results that those actions were trying to protect against,” said Joseph Kucic, chief security officer at Cavirin.
“There should be a governmental process implemented, similar to a FISA court, where appropriate oversight is in place prior to private companies taking actions against perceived bad actors (individuals and/or companies).”