How Does Google Protect Itself from Cyberattacks?

How Does Google Protect Itself from Cyberattacks

Google has chosen Siemplify to safeguard its cybersecurity. But is Siemplify competent enough?

On January 11, 2022, Google announced that its cloud division had bought Israeli cybersecurity startup Siemplify. While financial details of the agreement were not disclosed to the public, a source said Google paid a total of US$500 million for Siemplify.

Founded in 2015 in Tel Aviv, Siemplify’s mission is to re-envision security operations. It has developed a Security, Orchestration, Automation Response (SOAR) platform with multiple software capabilities—threat and vulnerability management, security incident response and security operations automation. SOAR allows companies to collect threat-related data from various sources, with which they can then automate and prioritize responses to the threats.

Why did Google choose Siemplify?

Some companies still manually detect threats. However, this archaic method is prone to errors, wastes time and resources and slows down response times due to the lack of standardized response capabilities. By using SOAR technology offered by security vendors, such as Siemplify, companies can minimize the impact of all types of security threats, centralize asset monitoring and consolidate the technology and experience of cybersecurity experts.

Before Google Cloud’s acquisition, Siemplify’s SOAR platform was behind security teams of companies, such as FedEx and Societe Generale. Siemplify is responsible for improving the efficiency of the companies’ Security Operations Centers (SOC) and delivering improved case management, investigation, integrated threat intelligence and crisis management.

Google’s partnership with Siemplify signals its commitment to advancing invisible security and countering cyberattacks that are “rapidly growing in both frequency and sophistication”. 

Some believe this collaboration will “further realize Google Cloud’s vision of a modern threat management stack” and enable “better detection and response at the speed and scale of modern environments”.

The chaotic outbreak

Indeed, Google and Google Cloud have been susceptible to many substantial security threats, including data breaches, credential and access management issues and identity protection.

In September 2021, Google Chrome was found to have a bug exploited by hackers before Google could find and fix it. It was marked as a “zero-day vulnerability”, meaning that hackers had a head start over the security analysis and had already exploited it on a large scale. Google mentioned that the loophole was a “Use-After-Free” vulnerability, typically arising from the incorrect use of dynamic memory during program operation. Google Chrome users can only protect themselves by downloading their browser updates and reinstalling Chrome to apply the security fix.

In November 2021, hackers exploited loopholes in the Google Cloud Platform to download cryptocurrency mining software, install ransomware, send spam, stage phishing campaigns and generate traffic to YouTube videos to manipulate the view count.

In one instance, Russian government-backed hackers sent an email blast to over 14,000 Gmail account users from the United States, the United Kingdom, India, Canada and the European Union nations, explicitly targeting journalists, think tanks and non-governmental organizations (NGO) employees. In another instance, a North Korean hacker group breached loopholes in computers running Google’s Chrome internet browser. They posed as computer security bloggers, using fake accounts on social media to interact and steal information from security researchers worldwide. Several of the targeted researchers were affected by the virus after following a link to a blog set up by the hackers. And all these incidents occurred in just a single year. 

Learning the lesson

The digital world grows every day as additional users gain access to it. Big companies, like Google, must take responsibility as the industry’s leaders and protect their users. Hopefully, the joint collaboration between Siemplify and Google Cloud can reduce security risks and better safeguard their customers’ and operations systems’ safety and privacy. 

As we move towards the age of Web 3.0, people must become more informed and educated about cybersecurity. While Web 3.0 provides greater control of your digital identity, it comes with greater responsibilities. People must be more cognizant of their safety in the digital world or pay an even heavier toll when the age of Web 3.0 begins.

Also read:

Header image courtesy of Unsplash


Share on facebook
Share on twitter
Share on linkedin
Share on email


Is Using AI for Academic Writing Cheating?

Is Using AI for Academic Writing Cheating?

From films written and directed by ChatGPT to Kindle authors writing books with artificial intelligence (AI), we are seeing more and more reportage on AI writing tools these days. While writing with an AI may seem harmless and possibly helps improve work efficiency, the use of these tools in the sphere of academic writing has generated serious concern. Teachers are worried that the use of AI writing tools is equivalent to plagiarism or cheating.

7 Creative Ways to Reward Employees without a Salary Raise

7 Creative Ways to Reward Employees without a Salary Raise

Giving your employees a raise is a significant way to show your employees that you value their work and compensate them appropriately for their contributions. Failing to acknowledge the work of your employees can be ‌costly for startups. A OnePoll survey of 2,000 workers found that almost half of ‌American workers (46%) have quit a job due to feeling unrecognized

The Pros and Cons of Human Cloning

The Pros and Cons of Human Cloning

Clones, human or otherwise, are genetically identical copies of a living organism produced artificially in a laboratory. Over the years, many animals have been cloned. Starting from the cloning of a tadpole in 1952 to the cloning of a sheep named Dolly from adult mammal cells in 1996, cloning has come a long way.

Reform of Hong Kong's Offshore Tax System

Reform of Hong Kong’s Offshore Tax System

Further to the introduction of the proposed Hong Kong’s new Foreign-Source Income Exemption (FSIE) regime as discussed in our article A Challenge to Hong Kong’s Long-Established Offshore Tax System in October 2022, the relevant legislation has been enacted and became effective on January 1, 2023.

Mark Cuban’s Tips on How to Get Rich

Mark Cuban’s Tips on How to Get Rich

A popular adage suggests, money makes the world go round. People are always looking to do better financially so that their lives can be more secure. To make that happen, some seek out the advice of millionaires—the ones who have been there, done that.

What India's EdTech Industry Must Prioritize in 2023?

What India’s EdTech Industry Must Prioritize in 2023?

2022 was a tough year for the majority of education technology (EdTech) in India, with the “Tracxn Geo Annual Report: India Tech 2022” reporting a 39 per cent decrease in funding during the January-November period compared to 2021. To overcome this, many businesses, including industry-leading players like BYJU’S, Unacademy and Vedantu, had to resort to job cuts.