Google is planning to offer new, optional security controls for its cloud-based accounts starting this month that it intends to market to politicians, executives and other high-profile figures at risk from hacking and data breaches, according to a report.
The move follows a surge in politically linked hacking that accompanied last year’s US presidential elections, during which the Democratic National Committee (DNC) and John Podesta, Hillary Clinton’s campaign manager, were both targeted by attackers who publicly released stolen data.
Podesta’s Gmail account was accessed by attackers who, ironically, targeted him with a fake warning message imitating the security alerts Google sends to users it believes are at risk from security issues. According to investigators, attackers gained access to the account after Podesta clicked a shortened link contained in the message.
Google is now planning to make it more difficult for attackers to fraudulently access accounts by giving users the option of using a physical key in addition to the USB security key it currently offers, according to a report by Bloomberg, which cited two unnamed sources familiar with the plan.
Google allows users to activate various levels of security, such as the use of a one-time code sent to a mobile device and the USB Security Key device introduced in 2014.
The new offering would still require the USB Security Key but would add a second physical key that would be required for users to log into their accounts, according to the report.
Google declined to comment.
The company offers various other security protections and alerts to account holders, including messages that warn when it believes a user has been targeted by a hacking attempt backed by a nation state.
In March, after a number of journalists received such warnings, Google published a message “reassuring” users that the messages are sent “out of an abundance of caution”.
Data breaches and inadvertent leaks have become an increasingly common occurrence as the use of cloud-based communications and storage services becomes routine.
In recent months a number of high-profile organisations, including a contractor for the Republican National Committee (RNC), have been hit by breaches involving data left on unsecured Amazon S3 cloud storage repositories. The RNC-linked breach was the US’ largest-ever leak of personal data on voters, affecting 198 million citizens, or about 61 percent of the country’s population.
The incidents prompted Amazon to introduce an optional automated service called Macie that warns users when it finds unsecured cloud data.
How well do you know the cloud? Try our quiz!
German foreign minister warns Russia will face consequences for “absolutely intolerable” cyberattack on ruling party,…
Google is reportedly laying off at least 200 staff from its “Core” organisation, including key…
Investor appeasement? Apple unveils huge $110 billion share buyback program, as sales of iPhone decline…
Tesla retreats from pioneering gigacasting manufacturing process, amid cost cutting and challenges at EV giant
No skynet please. After the US, UK and France pledge human only control of nuclear…
Microsoft's AI investments continue in south east Asia, after investments in Japan, Malaysia, Indonesia, as…