Total Tests:

Google Sending Security Keys to 10,000 Users at High Risk of Attack

By Jeff Burt for eSecurityPlanet
Tuesday, October 12, 2021

Google is giving out 10,000 free security keys to high-risks users, an announcement that came a day after the company warned 14,000 of its high-profile users that they could be targeted by the notorious Russia-based APT28 hacking group.

Will Other Vendors Follow?

Ilia Kolochenko, founder of application security firm ImmuniWeb and a member of the Europol Data Protection Experts Network, said in a statement that Google’s effort to get 10,000 security keys into the hands of these high-risk targets is laudable and encouraged other major IT vendors to follow suit.

However, how effective Google’s efforts will be in protecting high-profile users is unclear, given the complexity of the global cybersecurity environment and the sophistication of professional cybercriminals and the resources of state-sponsored hacking groups, Kolochenko said.

“The shrewd threat actors will likely have no difficulty accessing the victims’ data while it resides in the device’s memory in an unencrypted format, successfully bypassing MFA [multi-factor authentication] and other security controls,” he said. “Moreover, the data oftentimes resides in several locations. For example, journalists frequently receive valuable reports and hints from whistleblowers who will now likely become the new target of cybercriminals.”

In addition, most data is backed up or shared across several organizations, such as IT vendors or accountants, who also will be targeted by bad actors, Kolochenko said. There also is the issue of countries with poor civil liberties protections, making citizens who refuse to cooperate with authorities – such as unlocking their devices – face additional threats.

Still, he noted, “the ongoing efforts undertaken by Google are certainly better than non-feasance and will definitely prevent some cyberattacks.” Read Full Article

Book a Call Ask a Question
Talk to ImmuniWeb Experts
Have a technical question?

Our security experts will answer within
one business day. No obligations.

Have a sales question?
Tel: +41 22 560 6800 (Switzerland)
Tel: +1 720 605 9147 (USA)
Your data will stay private and confidential