Google is planning to offer new, optional security controls for its cloud-based accounts starting this month that it intends to market to politicians, executives and other high-profile figures at risk from hacking and data breaches, according to a report.
The move follows a surge in politically linked hacking that accompanied last year’s US presidential elections, during which the Democratic National Committee (DNC) and John Podesta, Hillary Clinton’s campaign manager, were both targeted by attackers who publicly released stolen data.
Podesta’s Gmail account was accessed by attackers who, ironically, targeted him with a fake warning message imitating the security alerts Google sends to users it believes are at risk from security issues. According to investigators, attackers gained access to the account after Podesta clicked a shortened link contained in the message.
Google is now planning to make it more difficult for attackers to fraudulently access accounts by giving users the option of using a physical key in addition to the USB security key it currently offers, according to a report by Bloomberg, which cited two unnamed sources familiar with the plan.
Google allows users to activate various levels of security, such as the use of a one-time code sent to a mobile device and the USB Security Key device introduced in 2014.
The new offering would still require the USB Security Key but would add a second physical key that would be required for users to log into their accounts, according to the report.
Google declined to comment.
The company offers various other security protections and alerts to account holders, including messages that warn when it believes a user has been targeted by a hacking attempt backed by a nation state.
In March, after a number of journalists received such warnings, Google published a message “reassuring” users that the messages are sent “out of an abundance of caution”.
Data breaches and inadvertent leaks have become an increasingly common occurrence as the use of cloud-based communications and storage services becomes routine.
In recent months a number of high-profile organisations, including a contractor for the Republican National Committee (RNC), have been hit by breaches involving data left on unsecured Amazon S3 cloud storage repositories. The RNC-linked breach was the US’ largest-ever leak of personal data on voters, affecting 198 million citizens, or about 61 percent of the country’s population.
The incidents prompted Amazon to introduce an optional automated service called Macie that warns users when it finds unsecured cloud data.
How well do you know the cloud? Try our quiz!
US finalises $4.7bn award to Samsung Electronics, $1.6bn to Texas Instruments to boost domestic chip…
OpenAI begins safety testing of new model o3 that uses 'reasoning' process to ensure reliability…
US Commerce Department reportedly adding China's Sophgo to trade blacklist after TSMC-manufactured part found in…
Amazon staff in seven cities across US go on strike after company fails to negotiate,…
Two US senators ask president Joe Biden to delay TikTok ban by 90 days after…
Reporters Without Borders calls on Apple to remove AI notification summaries feature after it generates…