Google issued 12,000 warnings to users globally on govt-backed attackers, 500 in India

The disclosure comes close on the heels of messaging giant WhatsApp's statement that an Israeli spyware, Pegasus, had been used to spy on global journalists and human rights activists, including 121 people in India.

Google sent out over 12,000 warnings to users globally, including 500 in India, between July and September this year to alert them about being targeted by “government-backed attackers”.

The disclosure comes close on the heels of messaging giant WhatsApp's statement that an Israeli spyware, Pegasus, had been used to spy on journalists and human rights activists globally, including 121 people in India.

In a blogpost, Google said its Threat Analysis Group (TAG) tracks more than 270 targeted or government-backed groups from over 50 countries, without naming any entity. These groups, it said, have many goals including intelligence collection, stealing intellectual property, targeting dissidents and activists, launching destructive cyber attacks, and spreading coordinated disinformation.

We've had a long-standing policy to send users warnings if we detect that they are the subject of state-sponsored phishing attempts, and have posted periodically about these before, stated Google.

It added that, from July to September 2019, it had “sent more than 12,000 warnings to users in 149 countries that they were targeted by government-backed attackers”. As per the heatmap on 'Distribution of government-backed phishing targets in Q3 (July-September 2019)', users in India had received about 500 such warnings.

Google said it uses the intelligence it gathers from such information to protect its infrastructure and users from targeted malware or phishing attacks.

The US-based company pointed out that the number of warnings issued this quarter were on a par with the number of warnings sent in the same period of 2018 and 2017.

Over 90 percent of these users were targeted via 'credential phishing emails'... These are usually attempts to obtain the target's password or other account credentials to hijack their account. We encourage high-risk users—like journalists, human rights activists, and political campaigns—to enroll in our Advanced Protection Program (APP), Google added.

APP uses hardware security keys and provides the strongest available protection against phishing and account hijackings and is designed specifically for the highest-risk accounts, it added.

Last month, WhatsApp had disclosed that the Pegasus spyware was used by unnamed entities to snoop on about 1,400 users globally, including 121 users from India.

NSO, said to be the maker of the Pegasus software, had stated it only sold its “technology to licensed government intelligence and law enforcement agencies to help them fight terrorism and serious crime” and it was not “designed or licensed for use against human rights activists and journalists”.

However, the government has maintained that it has no dealings with NSO.

Last week, WhatsApp had written to the Indian government expressing “regret” over the snooping row, with assurances that it was taking all possible security measures to address the concerns.

(Edited by Athirupa Geetha Manichandar)


Updates from around the world