Google today unveiled the impressive features of its Advanced Protection Program (APP), revealing that no users who have signed up for the program have been written so far, even though they have been repeatedly targeted.
The Advanced Protection Program (APP) is a special program provided by Google that includes additional security protections that are not available to regular Gmail users.
The program was launched in the fall of 2017 and was initially made available to high-risk users, such as politicians, journalists, activists or known entrepreneurs.
Since its launch, the program has been widely available and any Google user can sign up for the app today. The only condition is that users have a modern smartphone or hardware security key, which Google will enroll in their APP program and use to authenticate and authenticate all sign-in operations cryptographically.
For the past three years, this enhanced security feature has prevented hackers from accessing any Google Account protected by APP.
In this way, APP has been a feature enabled for Google users, who are advanced phishing targets, such as those developed by state-sponsored hackers.
Toni Gidwani, chief of security engineering for Google’s hacker unit, Threat Analysis Group (TAG), said that the APP has been very successful at stopping these advanced. Subsequent fishing attempts and account commitments.
Google sent alerts of 20 kilometers for state-sponsored attacks
Summarizing last year’s state-sponsored hacking operations, Gidwani said that Google has sent more than 40,000 alerts to users in 2019 about state-sponsored hackers targeted to their accounts with malware or phishing links.
Current warning format for attacks received by the government
Gidwani said the number was down 25% from 2018, but that attacks are now using more sophisticated techniques to target users, opting instead for the trap instead of bulk operations.
The trick that saw a significant increase in detections was what state-sponsored hackers posed as media and journalists to get victims out of their guard. Of the 270 Google TAG government-sponsored piracy groups in more than 50 countries, the Iranian and North Korean pirates were the ones who particularly liked this.
But Gidwani said Google TAG not only tracked phishing attempts. They also tracked zero-day-old malware – bugs unknown to their vendor and no patches.
For the TAG team, 2019 was a busy year, with its members finding zero-day state-sponsored groups affecting Android, Chrome, iOS, Internet Explorer and Windows.
Of all the state-sponsored groups, one in particular was more capable of the rest, blowing up five zero days while attacking North Korean targets or people working on North Korea matters.