August 22nd, 2019
Protecting our users and the integrity of our platforms is essential to Google’s mission. My team works with others across Google to detect phishing and hacking attempts, identify influence operations and protect users from digital attacks.
When identifying and preventing threats, we exchange information with industry partners and law enforcement, and also apply our own internal investigative tools as well as intelligence from third parties.
Earlier this week, as part of our ongoing efforts to combat coordinated influence operations, we disabled 210 channels on YouTube when we discovered channels in this network behaved in a coordinated manner while uploading videos related to the ongoing protests in Hong Kong. This discovery was consistent with recent observations and actions related to China announced by Facebook and Twitter.
We found the use of VPNs and other methods to disguise the origin of these accounts and other activity commonly associated with coordinated influence operations.
Separately, we are continuing our work to protect users against online security threats. This week, Google announced that we have taken action to protect users in Kazakhstan after credible reports that its citizens were required to download and install a government-issued certificate on all devices and in every browser. This certificate enabled the government to decrypt and read anything a user types or posts, including intercepting their account information and passwords.
These actions are part of our continuing efforts to protect the integrity of our platforms and the security and privacy of our users. Each month, our Threat Analysis Group sends more than 4,000 warnings to our users about attempts by government-backed attackers or other illicit actors to infiltrate their accounts. This is the warning we send if we detect such an attempt:
In addition to identifying and detecting the source of threats, we also integrate the most advanced security measures into all of our products so that users are protected automatically. To that end, this month we announced an expansion of the Advanced Protection Program to Chrome to provide extra security for that program’s users when they’re downloading files online. We also just introduced that program as a beta for enterprise customers. Our improving technology has also enabled us to significantly decrease the volume of phishing email, and we’ve rolled out significant protections in Gmail that detect and block over 99.8 percent of attachment malware.
Our teams will continue to identify bad actors, terminate their accounts, and share relevant information with law enforcement and others in the industry.