image
Google has registered a significant drop in government-backed cyberattacks against its properties and the people who use its products. Google sends out warnings if it detects that an account is a target of government-backed phishing or malware attempts. For 2019, the internet giant sent almost 40,000 warnings – which, while a large number, is still a nearly 25 percent drop from the year before. Nation-State Trends In terms of trends amongst the warnings, the analysis showed that main targets included, perhaps unsurprisingly, geopolitical rivals, government officials, journalists, dissidents and activists. In 2019, about 20 percent of accounts that received a warning were targeted multiple times by attackers. Google also uncovered that phishing and zero-day exploits continue to be APT weapons of choice. On the former front, Google researchers saw a growing trend emerge towards impersonating news outlets and journalists, especially when it comes to attackers from Iran and North Korea. “For example, attackers impersonate a journalist to seed false stories with other reporters to spread disinformation,” explained Toni Gidwani, security engineering manager at the company’s Threat Analysis Group (TAG), writing in an overview of nation-state trends, published last week. “In other cases, attackers will send several benign emails to build a rapport with a journalist or foreign-policy expert before sending a malicious attachment in a follow up email.” On the zero-day front, TAG…

Source