Total Tests:

10,000 “High Risk” Targets of Nation-State Hacking Groups Get USB Security Keys From Google

By Scott Ikeda for CPO Magazine
Thursday, October 14, 2021

In 2017 Google launched its Advanced Protection Program targeted at higher-risk users of its platform that are likely to be tested by overseas hackers due to the nature of their work. This includes the software that Google uses to scan Play Store apps for malware before they go live, a stronger multi-factor authentication process, and certain account feature restrictions designed to trade some functionality for necessary security. Part of the intent of the giveaway of USB security keys is to raise awareness of the program among its target demographic. The program is free and is available to anyone, but is not necessarily recommended for all Google accounts as it can hamper access to some services.

Ilia Kolochenko, Founder/CEO and Chief Architect of ImmuniWeb, believes that this is a model that other major tech companies should adopt. However, he also points out that even hardware-based 2FA does not make one immune to hacking or to breach of stored data: “This laudable effort by Google should inspire other IT giants to share their knowledge and resources with the most vulnerable people who truly need them. Sadly, many of the targeted or would-be victims are chased by professional cyber-mercenaries and sophisticated state-backed hacking groups. The shrewd threat actors will likely have no difficulty accessing the victims’ data while it resides in the device’s memory in an unencrypted format, successfully bypassing MFA and other security controls. Moreover, the data oftentimes resides in several locations, for example, journalists frequently receive valuable reports and hints from whistleblowers who will now likely become the new target of cybercriminals. Furthermore, virtually any data is backed up or otherwise shared across several organizations, such as IT vendors or accountants, who will now fall victims to unscrupulous cyber gangs. Finally, in many countries that have poor protection of civil liberties, the victims may easily end up in jail for refusal to unlock their devices or cooperate with judicial authorities. Nonetheless, the ongoing efforts undertaken by Google are certainly better than non-feasance and will definitely prevent some cyber attacks.”

The 10,000 free USB security keys will be distributed over the remainder of 2021 by several partner organizations, such as the International Foundation for Electoral Systems (IFES) and Defending Digital Campaigns (DCC). These groups will focus on particular organizations and industries that they work with. Read Full Article

Book a Call Ask a Question
Talk to ImmuniWeb Experts
Have a technical question?

Our security experts will answer within
one business day. No obligations.

Have a sales question?
Tel: +41 22 560 6800 (Switzerland)
Tel: +1 720 605 9147 (USA)
Your data will stay private and confidential