Could Indian government be attempting to hack Google's systems or Google users? A new report from the search giants indicates an overwhelming number.
There were more than 12,000 warnings sent to users across 149 countries that they were targeted by government-backed attackers, according to a new report by Google’s Threat Analysis Group (TAG).
Of this, over 500 users in India were targeted by government-backed attackers, the report indicates.
The number in India is higher than even China. But India wasn't the worst at trying to snoop into Google users. US saw over 1,000 such government-backed phishing attacks while countries like Pakistan, Vietnam Laos and South Korea also saw between 500 and 1,000 such attempts.
Google's TAG unit works to counter targeted and government-backed hacking against Google and our users.
Journalists, human rights activists, and political campaigns could be high-risk users being targeted by government, Google said.
“We encourage high-risk users—like journalists, human rights activists, and political campaigns—to enrol in our Advanced Protection Program (APP), which utilizes hardware security keys and provides the strongest protections available against phishing and account hijackings. APP is designed specifically for the highest-risk accounts,” Google research Shane Huntley wrote in a blogpost.
The report doesn't come as a surprise as a similar report was issued by Facebook-owned Whatsapp recently.
Malicious software Pegasus
WhatsApp recently sued an Israeli company called NSO Group for using its platform for conducting surveillance. NSO Group's malicious software Pegasus was at the heart of the lawsuit filed in the US that WhatsApp claims infected 1,400 specifically targeted devices, including several in India belonging to journalists and activists.
NSO Group says it provides 'authorized governments with technology that helps them combat terror and crime'.
Google's TAG tracks more than 270 targeted or government-backed groups from more than 50 countries.
“These groups have many goals including intelligence collection, stealing intellectual property, targeting dissidents and activists, destructive cyber-attacks, or spreading coordinated disinformation. We use the intelligence we gather to protect Google infrastructure as well as users targeted with malware or phishing,” Shane said in the blog.
Over 90% of these users were targeted via “credential phishing emails”, which mostly attempt to obtain the password or other account details of the target with the intention of hijacking their account, Google said.
"These are usually attempts to obtain the target’s password or other account credentials to hijack their account," Google said.