Building a secure world

The following is adapted from remarks delivered by Royal Hansen, Vice President of Engineering for Privacy, Safety and Security during his keynote United in Cyberpower: The Role of Companies in Building a Cybersecure World at Cybersec Europe 2022 in Katowice, Poland.

I believe cybersecurity is one of the top issues facing the world today and I’d like to share a bit about why it’s so important for companies, countries, and communities of all sizes to work together.

This is particularly true right here in Central and Eastern Europe where the Russian invasion of Ukraine has brought these issues into sharp focus. I’m honored to be here today and to get to meet with so many of you who are working on this day in and day out.

As governments in this region and elsewhere in the world tackle this issue we want to ensure we are doing everything we can to support those efforts. Google’s mission has always been about organizing the world's information and making it universally accessible and useful. The work we’re doing to ensure people can get access to quality information — and do so safely — has never been more important than it is today.

Securing users in Ukraine and the broader region

As the Russian invasion of Ukraine unfolded, Google mobilized to help the people of Ukraine and protect the security of our users and services – an area where we are uniquely positioned to help in this conflict.

We have our own specialized teams dedicated to identifying, tracking, and countering threats from government-backed actors.

Russia-backed hacking and influence operations are not new to us; we’ve been tracking and taking action against them for years. To put this into perspective, we’ve seen and worked to disrupt Russian operations targeting the U.S. elections in 2016 and 2017 and campaigns targeting the 2018 Olympic games. In October, we blocked a Russian campaign targeting 14,000 Google users.

And we’ve seen first hand the targeting of Ukraine by Russia. It has been ongoing for years with both espionage and occasional cyber attacks tracked by our teams. As the war intensified, we also saw Russian threat actors shift focus to targets elsewhere in Eastern Europe.

Our Threat Analysis Group (TAG), regularly publishes details on campaigns it detects, and disrupts these efforts to help governments and private sector companies better defend their systems.

We’ve seen threat actors beyond Russia shift their focus and targeting, including a growing number of threat actors using the war as a lure in phishing and malware campaigns. This includes government-backed actors from China, Iran, North Korea, Belarus and financially-motivated, criminal actors using current events as a means for targeting users.

For example, we’ve seen one cyber crime group impersonating military personnel to extort money for rescuing relatives in Ukraine.

In addition to disrupting threats, we are doing everything we can to increase protections for high risk users and organizations in Ukraine. We’ve redoubled our efforts to offer free tools to help – including protecting hundreds of high risk users on the ground with our Advanced Protection Program, and expanding eligibility of Project Shield to include the Ukraine government. Shield is currently protecting over 200 websites in Ukraine from distributed denial of service attacks.

It is in this spirit of action that we are expanding our partnerships and investment in the broader region on cybersecurity.

In fact, this week a delegation of our top security engineers and leaders are on the ground across Eastern Europe to provide hands-on training to high risk groups, deliver security keys and support local businesses as they look to improve their security posture.

To share what we know about the threat, we are engaging in technical exchanges with governments in the region.

We’re providing free tools and expertise to democratic institutions and civil society, such as the Protect Your Democracy Toolkit — which we launched today in partnership with our Jigsaw team.

We’re also investing in, and shaping, the next generation of cybersecurity professionals. For example, Google has committed to provide scholarships for 150,000 people in Europe, the Middle East and Africa through the new Google Career Certificate training.

We’re also helping governments and businesses stay ahead of the threat, including helping government agencies, companies and utilities who rely on outdated hardware and software to replace old systems with better foundations and we are here to build up businesses and governments’ confidence to embrace digital transformation securely.

Google’s approach to security

We believe we are uniquely positioned to help users, organizations, and governments in this region because of our approach to security.

First, we focus on the basics. We bake in security from the beginning instead of bolting it on as an afterthought and we design helpful products that are secure by default for our users. In fact, we are the first consumer tech company to automatically turn on 2 step verification, our version of multifactor authentication, or MFA, for our users. We recommend businesses and governments focus on these fundamentals as well.

Second, we take an open and interoperable approach to security, and we invest to ensure this model of the Internet as a whole is protected. In today’s interconnected environment, our collective security is only as strong as the weakest link. Our business cannot thrive if people don’t feel safe online. That’s why we design solutions that eliminate entire classes of threats from being effective both on our platforms, and across the Internet as a whole.

Finally, and perhaps most importantly – we are looking at the future of cybersecurity and investing in advanced, state-of-the-art capabilities. We know that cyber threats evolve quickly – as soon as a new technology is introduced or adopted, there are threat actors and cyber criminals looking for ways to exploit it. That’s why it’s not enough to just stay a few steps ahead of the threat.

We need to invest in the future of technology, from cutting-edge artificial intelligence capabilities, to advanced cryptography, to quantum computing – our teams are already working on the future of cybersecurity. And we see it as part of our mission to ensure that we open source and share these findings so that organizations and governments can stay ahead of the latest cyber threats.

Security-proofing our tech policies

Our approach enables us to weather online security threats. But advanced capabilities are not enough if government policies inadvertently undermine our ability to protect users.

I support smart tech regulation, which can fuel the vitality of the Internet and ensure technology is meeting society's needs. Unfortunately, some technology regulation is not adequately considering the impact to safety and security efforts online.

For example, some policies seek to limit sharing of data between different services on platforms’ like ours, but overly-broad bans on cross-platform data sharing also have significant implications for the threat intelligence work I mentioned earlier.

The ability to share intelligence on threat actors and their technical signatures helps identify and stop the work of threat actors and cybercriminals. It protects not just one company or two companies, but the Internet as a whole.

To realize the full benefits of technology to society, society must be able to trust that the technology they are using is safe and secure. By ensuring security has a seat at the table in these policy discussions, we can strike this balance and unlock technology’s full potential. Today’s conflict and challenges point to a need for better cooperation and giving technical experts a seat at the table in these policy discussions.

We applaud the Declaration for the Future of the Internet, which calls on governments and industry to protect a future for the Internet that is open, free, global, interoperable, reliable, and secure.

At our core, Google is an Internet company, and our fate is tied to the Internet remaining true to these principles. The internet itself is a multi-stakeholder system, and protecting users and citizens online requires cooperation among us, governments and businesses.

It’s never been more urgent, and our ability to make a difference is greater than anyone anticipated. We all must work together to protect this future, whether that means combating cyber threats, building safe technologies that unlock society’s full potential, or developing responsible technology policies.

We stand ready to partner with governments, businesses, and individual users to see this future secured.