Google announces new efforts to protect journalists and high-risk users from cyberattacks

The announcement comes one day after the Google TAG team alerted journalists and high-risk groups that could be targets to ongoing attacks.
Written by Jonathan Greig, Contributor

Google announced on Friday that it would be delivering a slate of new cybersecurity protection features for high-risk users one day after telling about 14,000 Gmail users that they had been targets of Russian-government group APT28.

In a blog post, Google said an increasing number of cyberattacks targeted high profile individuals and groups, forcing them to take extra measures and create a team "dedicated to detecting and stopping the world's most sophisticated cybercriminals."

"We're excited to be working with these leading organizations to protect high-risk user groups and earn more about the needs of at-risk users and organizations. These collaborations help us make the world's most advanced security even stronger, more inclusive and easier to use -- helping everyone stay safer with Google," the company explained. 

In addition to touting the Advanced Protection Program (APP) that users can turn on to beef up their protection from certain attacks, Google said it was partnering with organizations across the globe to provide free security keys to over 10,000 high-risk users throughout 2021. 

"APP brings Google's strongest security protections together into a holistic program that is constantly upgraded in response to emerging threats. APP is available to all users but is specifically designed for individuals and organizations at higher risk of targeted online attacks, such as elected officials, political campaigns, human rights activists and journalists," Google explained. 

"Users who enroll in APP are protected against a wide variety of online threats, including sophisticated phishing attacks (through the use of security keys), malware and other malicious downloads on Chrome and Android, and unauthorized access to their personal account data (such as Gmail, Drive or Photos).  As new threats are discovered, APP evolves to provide the latest protections."

Google also announced new partnerships with the International Foundation for Electoral Systems (IFES), UN Women and nonprofit Defending Digital Campaigns (DDC). 

Google is working with IFES on global educational security programming for human rights workers and groups online, providing free security keys for attendees of the group's global cyber hygiene trainings. The group has provided specific support to journalists in the Middle East and women activists in Asia through their virtual "She Leads" series.

By next year, Google said it plans to expand its work with the group "through a continued contribution of Titan Security keys and educational materials for their high-risk user trainings."

"Equipping our participants with Google Titan Keys alongside the Advanced Protection Program Team has allowed us to improve our participant's cyber hygiene with a more secure method for protecting and authenticating their accounts," said Dr. Stephen Boyce, senior global advisory for election technology and cybersecurity at IFES.  

Google said it will continue offering consultations on online safety and security workshops to UN Women and the many chapters worldwide that support women who are at higher risk of online attacks, including journalists, activists, politicians and executives. According to the blog, workshop attendees are trained on tools to protect better their organizations and the high-risk women they support.

Titan Security Keys were also provided by Google to more than 180 eligible federal campaigns during the 2020 US election season through DDC. They are now working with DDC to provide further protection for state-level campaigns and political parties, committees, and related organizations, including workshops and training on protecting against cyberattacks. 

By the 2022 US midterm elections, Google said the DDC will have already worked on cybersecurity trainings for members of both political parties in every state in the country. 

Michael Kaiser, CEO of DDC, said candidates, their family members and close associates, campaign staffers and volunteers, state party staff, vendors to campaigns and virtually anyone who works in the political space are at greater risk for being attacked than most computer users.

"DDC's collaboration with Google around the provision of Titan Keys and training is designed to address the most significant and likely vector of compromise: people's accounts," Kaiser said. 

"The number one recommendation DDC has for any campaign is to use security keys. We know that when a campaign uses security keys and turns on Google's Advanced Protection Program, they have greatly enhanced their cybersecurity and at the same time  protecting our Democracy."

The DDC has already trained hundreds of local campaign workers, state party staff members, and people who work at related political organizations across 21 states. Google also noted that it partnered with the DDC to deploy a publicly available cybersecurity Knowledge Base to help campaigns and political organizations with cybersecurity information.

"The Knowledge Base includes step-by-step instructions for turning on better security protections including APP. Through the Knowledge Base and direct work with eligible campaigns, DDC provides hands-on assistance for getting cybersecurity tools implemented," Google explained.

The announcements come hours after Shane Huntley, director of Google's Threat Analysis Group, wrote a thread on Twitter warning that it blocked attempts by Russian-government backed groups to attack thousands of high-profile people. 

"The warning really mostly tells people you are a potential target for the next attack so, now may be a good time to take some security actions. If you are an activist/journalist/government official or work in NatSec, this warning honestly shouldn't be a surprise. At some point, some govt backed entity probably will try to send you something," Huntley said

"What we see over and over again is that much of the initial targeting of government-backed threats is blockable with good security basics like security keys, patching and awareness, so that's why we warn."

Editorial standards