In a significant cybersecurity action, Google has disrupted a hacking group known as UNC2814 or “Gallium,” which infiltrated organizations across 42 countries. This group has been linked to Chinese entities and has reportedly targeted government and telecom sectors for nearly a decade, according to findings shared with Reuters.
Google and its partners successfully shut down various Google Cloud projects that the hackers controlled, dismantled their internet infrastructure, and deactivated accounts that were utilized for accessing Google Sheets. These measures were critical as the hackers used Google Sheets to evade detection by blending into ordinary network traffic.
At the time of the disruption, the hackers had access to 53 unnamed entities and potential access to at least 22 additional targets. Google’s Threat Intelligence Group emphasized the scale of the operation, describing it as a substantial surveillance system aimed at spying on global entities.
In response, a spokesperson from the Chinese Embassy, Liu Pengyu, remarked on the importance of international dialogue to address cybersecurity challenges, asserting China’s commitment to combatting hacking activities legally while rejecting any attempts to tarnish its image regarding cyber issues.