Google’s cybersecurity battles

Google’s gmail users targeted in sophisticated phishing attacks

Google has confirmed yet another wave of attacks targeting Gmail users, demonstrating the persistent threat of social engineering. Attackers are exploiting platform vulnerabilities to take over user email accounts, often sending emails that appear to originate from legitimate Google services. These emails typically urge users to click on a link to take action, which can result in the user being locked out of their account.

While Google has been proactive in patching the security holes exploited in these attacks, the cat-and-mouse game with hackers continues. As soon as one vulnerability is addressed, attackers find new ways to infiltrate the system.

Google’s advice to users is clear and straightforward: Google will never contact you to request that you reset your password or troubleshoot account issues. Users should be highly suspicious of any unsolicited messages, whether via email or phone call, claiming to be from Google’s technical support. These messages are likely attacks aimed at compromising accounts, finances, and data across various platforms. This warning extends beyond Google to other major tech companies like Microsoft, Apple, and Meta, as well as to law enforcement agencies like the FBI, which have also been impersonated in scams.

New malware “LOSTKEYS” linked to Russian hacking group cold river

Google’s Threat Intelligence Group has identified new malware called “LOSTKEYS,” which is tied to the Russia-based hacking group Cold River. This malware can steal files and send system information to attackers, marking a new development in Cold River’s toolkit.

Cold River, previously linked to Russia’s Federal Security Service, is known for stealing login credentials from high-profile targets, including those within NATO governments, non-governmental organizations, and former intelligence and diplomatic officers. The group’s primary goal is intelligence collection in support of Russian strategic interests.

Recent targets observed in January, March, and April 2025 include current and former advisors to Western governments and militaries, journalists, think tanks, NGOs, and individuals connected to Ukraine. Past campaigns attributed to Cold River include targeting nuclear research laboratories in the U.S. and publishing private emails of prominent individuals.

Scrutiny over data privacy practices

Google has agreed to pay the state of Texas $1.375 billion to settle two lawsuits accusing the company of tracking users’ personal location and maintaining their facial recognition data without consent. This settlement is notable for its size, dwarfing previous fines paid by Google in similar lawsuits.

The lawsuits, originally filed in 2022, alleged that Google unlawfully tracked and collected user data related to geolocation, incognito searches, and biometric data. Specifically, Google was accused of tracking users’ whereabouts even when the Location History setting was disabled and collecting biometric data without informed consent.

Texas Attorney General Ken Paxton emphasized the importance of the settlement in protecting Texans’ privacy, stating that it sends a message to companies that they will be held accountable for abusing user trust.

While Google did not admit to any wrongdoing, the company stated that the settlement addresses “old claims” and that it has since updated its product policies. This development occurs amidst increasing regulatory scrutiny of Google and other tech giants on both sides of the Atlantic, with growing calls to address both privacy violations and antitrust concerns.

Investment in AI and cloud security

Despite the challenges related to cybersecurity threats and privacy concerns, Google continues to invest heavily in its cloud computing division and AI development. In the first quarter of 2025, Google’s cloud profits more than doubled year-over-year, driven by increased demand for cloud compute services. The company’s capital expenditures reached $17.2 billion, primarily allocated to servers and data centers to support consumer and enterprise products, cloud services, and AI research.

Google plans to increase capital expenditures by more than 40% to approximately $75 billion this year, compared to $52.5 billion in 2024. This significant investment underscores the company’s focus on expanding its cloud infrastructure to meet customer needs and demands, particularly in the rapidly growing field of AI.

AI is a major driver behind the massive capital investments by Google, AWS, and Microsoft. The technology is shaping the infrastructure used to train and deploy large language models, fueling a new wave of data center spending. Google recently announced a $3 billion commitment to build out facilities in Virginia and Indiana, along with a $75 million AI training fund and an AI fundamentals training course.

Furthermore, Google is enhancing its cloud protection portfolio. It acquired Wiz for $32 billion. This acquisition aims to provide organizations with more comprehensive and efficient security across all major clouds, addressing the growing security concerns associated with autonomous AI tools and the increasing reliance on generative AI.

The cybersecurity landscape remains dynamic and challenging, particularly for the financial sector. Organizations must stay vigilant against evolving threats, including phishing attacks, state-sponsored hacking, and data privacy violations. Google’s recent experiences highlight the ongoing need for robust security measures, user education, and proactive responses to emerging threats. As technology advances, especially in areas like cloud computing and AI, continued investment in security and privacy protection is essential to maintain trust and ensure the stability of the financial ecosystem.