Application security, Threat Management, Threat Management, Threat Intelligence, Malware, Phishing

Google shuts down nation-state activity, thwarts phishing, names Iran

In recent months Google has spurned phishing attacks and thwarted and terminated untoward activity by nation-states aimed to influence the political stage and attributed suspicious activities on some accounts to actors working on behalf of the Islamic Republic of Iran Broadcasting (IRIB).

On the latter, Google worked with FireEye to ferret out malicious activity and bad actors. Noting that Google couldn't reveal all the technical details of the probe without making itself vulnerable to attack, company Senior Vice President of Global Affairs Kent Walker wrote in a blog post that the companies found technical and IP information related to the IRIB. 

“Account metadata and subscriber information associated with these actors is strongly linked to the corresponding information associated with the IRIB, indicating common ownership and control,” Walker wrote. “These facts, taken together with other technical signals and analysis, indicate that this effort was carried out as part of the overall operations of the IRIB organization, since at least January 2017.”

Google took aim at accounts and individuals tied to Iran, shutting down 39 YouTube channels, six blogs on Blogger and 13 Google+ accounts.

Rick Moy, chief marketing officer (CMO) at Acalvio, praised Google for its “efforts to track and terminate deceptive campaigns of influence run by inauthentic nation-state actors,” calling them “a step in the right direction.”

Noting that “deception is one of the most effective and pernicious cyber threats facing Americans and democracy today,” Moy said, “This coordinated action with other security organizations should be welcomed.  While some may characterize this as censorship, the evidence presented in the reports is transparent and open to vetting and analysis by the broader community.”  

But Joseph Kucic, CSO at Cavirin said while “Everyone appreciates any action taken to prevent any inference with the US political process...we must be careful that private actions done outside of the appropriate legal framework can result in exactly the opposite results that those actions were trying to protect against.”

Kucic called for a governmental process, “similar to a FISA court, where appropriate oversight is in place prior to private companies taken actions against perceived bad actors (individuals and/or companies).”

Otherwise, he said, “bad actors will purposely target individuals that they want to damage and cause these positive actions to become tools to be used against innocent people.”

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.