Building a secure world
Securing users in Ukraine and the broader region
As the Russian invasion of Ukraine unfolded, Google mobilized to help the people of Ukraine and protect the security of our users and services – an area where we are uniquely positioned to help in this conflict.
We have our own specialized teams dedicated to identifying, tracking, and countering threats from government-backed actors.
Russia-backed hacking and influence operations are not new to us; we’ve been tracking and taking action against them for years. To put this into perspective, we’ve seen and worked to disrupt Russian operations targeting the U.S. elections in 2016 and 2017 and campaigns targeting the 2018 Olympic games. In October, we blocked a Russian campaign targeting 14,000 Google users.
And we’ve seen first hand the targeting of Ukraine by Russia. It has been ongoing for years with both espionage and occasional cyber attacks tracked by our teams. As the war intensified, we also saw Russian threat actors shift focus to targets elsewhere in Eastern Europe.
Our Threat Analysis Group (TAG), regularly publishes details on campaigns it detects, and disrupts these efforts to help governments and private sector companies better defend their systems.
We’ve seen threat actors beyond Russia shift their focus and targeting, including a growing number of threat actors using the war as a lure in phishing and malware campaigns. This includes government-backed actors from China, Iran, North Korea, Belarus and financially-motivated, criminal actors using current events as a means for targeting users.
For example, we’ve seen one cyber crime group impersonating military personnel to extort money for rescuing relatives in Ukraine.
In addition to disrupting threats, we are doing everything we can to increase protections for high risk users and organizations in Ukraine. We’ve redoubled our efforts to offer free tools to help – including protecting hundreds of high risk users on the ground with our Advanced Protection Program, and expanding eligibility of Project Shield to include the Ukraine government. Shield is currently protecting over 200 websites in Ukraine from distributed denial of service attacks.
It is in this spirit of action that we are expanding our partnerships and investment in the broader region on cybersecurity.
In fact, this week a delegation of our top security engineers and leaders are on the ground across Eastern Europe to provide hands-on training to high risk groups, deliver security keys and support local businesses as they look to improve their security posture.
To share what we know about the threat, we are engaging in technical exchanges with governments in the region.
We’re providing free tools and expertise to democratic institutions and civil society, such as the Protect Your Democracy Toolkit — which we launched today in partnership with our Jigsaw team.
We’re also investing in, and shaping, the next generation of cybersecurity professionals. For example, Google has committed to provide scholarships for 150,000 people in Europe, the Middle East and Africa through the new Google Career Certificate training.
We’re also helping governments and businesses stay ahead of the threat, including helping government agencies, companies and utilities who rely on outdated hardware and software to replace old systems with better foundations and we are here to build up businesses and governments’ confidence to embrace digital transformation securely.