Threat Analysis Group Hacking Google.
Equipped with custom Google Search algorithms and a digital library of the most malicious exploits, the Threat Analysis Group has helped stop some of the most insidious and consequential threats to Google, its users, and the internet at large. Their deep understanding of attackers helps keep billions of users safe.
Watchguards. Lookouts. Sentries. When faced with threats, there have always been those who look out to protect the rest. But who looks out for the threats lurking online?
Google’s Threat Analysis Group (TAG) has the challenging mission to understand and counter targeted and government backed hacking and online threats against Google and its users. Globally, TAG is tracking more than 270 government-backed groups from more than fifty (50) countries in the fields of intelligence collection, IP theft, target dissidents and activists, destructive cyberattacks, and spreading coordinated disinformation.
The group is tasked to detect and defeat threats and warning targeted users and customers about the world’s most sophisticated adversaries, spanning the full range of Google products including Gmail, Drive, and YouTube. “We have a lot of outcomes; one of our main ones is preventing Google from getting hacked from knowing the adversary who may we be up against.
But there are a few things that are external facing, and one of those is the series of warnings that we provide to end-users. Every single time that we determine that a user is targeted by a government-backed threat phishing or malware we send specific warnings to these users because we believe that they should know about that.
We believe that users are able to make good decisions when they know the threats they face,” according to Shane Huntley, Senior Director, Threat Analysis Group at Google.
TAG uses the intelligence gathered by the organization to protect the company’s infrastructure, as well as users targeted with phishing or malware. Since 2020, TAG has been sending out quarterly bulletins updated with actions resulting from their work across Google products.
The group hopes that shining more light on threat actors will be helpful to the security community, deter future attacks, and lead to better awareness and protection against high-risk targets.
As part of their fight against disinformation, TAG is one part of Google and YouTube’s broader efforts to tackle coordinated influence operations that attempt to game their services. The group shares relevant threat information about these campaigns with law enforcement and other tech companies.