Google Disrupts Chinese-Linked Hacker Group That Breached Dozens of Global Organizations

Google Disrupts Hacker Group Operations

According to Главком: Google has announced the disruption of a China-linked hacker group that compromised dozens of organizations worldwide by exploiting Google services for espionage. Known as UNC2814 and Gallium, this group operated for nearly a decade, infiltrating government bodies and telecommunications companies across multiple nations.

According to Google's Threat Intelligence Group, the hackers had confirmed access to 53 organizations in 42 countries. Potential intrusion attempts may have occurred in at least 22 additional states. The group's tactics included using Google Sheets to disguise its network traffic as ordinary activity, complicating detection efforts.

Google took action by terminating the Google Cloud projects the hackers controlled, identifying and disabling their internet infrastructure, and blocking associated accounts. This incident highlights the ongoing challenge tech giants face in securing their platforms against sophisticated state-aligned actors.

Cyber Threats and International Cooperation

In one attack, the group installed a backdoor called GRIDTIDE on a system containing personal data. This system held full names, phone numbers, dates of birth, and identification numbers.

Chinese embassy spokesperson Liu Pengyu commented on the situation, stating that 'cybersecurity is a common challenge for all countries and should be addressed through dialogue and cooperation.'

Furthermore, German Chancellor Friedrich Merz held talks in Beijing with Chinese President Xi Jinping and Premier Li Qiang, underscoring the importance of international collaboration on cybersecurity matters.

This case illustrates the escalating global threat of cybercrime, particularly from organized, state-affiliated groups. Google's response demonstrates the active role technology companies are taking in combating cyber threats, while also highlighting the necessity for international cooperation to ensure digital security. The statements from Chinese and German officials point to the critical need for diplomatic dialogue to address shared cybersecurity challenges.