"ZERO DAY" GOOGLE VULNERABILITY & THE GLOBAL COMPLACENCY

Written by: Lennard Gettz & Jordan Pimental

4/16/2023- I woke up this morning with headlines warning "3 Billion Chrome users that Google Chrome is compromised with the ZERO DAY hack". Top-liners in my newsfeeds about "losing my bank account" certainly caught my attention!   Oh Joy- another horrible thing from our modern world. This is our unfortunate reality as part of our "new normal"-- including a global pandemic, threat of nuclear Armageddon, domestic mass shootings and getting your life exposed in the dark web by hackers- all can happen at any given moment.

System security advisors like Adam Karp of KL Tech identifies a global rise in data breaches and victim rates.  He attributes the public complacency and decline in security proactivity in the private sector in part "to the disaster fatigue from our mainstream news... After a while, people just tune off to the news and hope THEY are not to be a statistic". 

"EVERYONE ELSE BUT ME"
The Covid-19 pandemic was a hot time to get attacked! Reports showed a spike of over 30% in attacks to businesses and personal systems [7]. Admittedly, until a few years ago, I was part of this global elite (which translates to complacent and lazy) who counted on the sheer luck and hopes of having enough internet security, ignoring headlines of current cyber threats to many off my own Apps. I never updated my malwarebytes, ignored popups about updating browsers and haphazardly opened unknown eamils.  My last virus attack was back in 2015-- leading me to think "so why should I get one now?"  But after 6 of my friends and clients have actually been victimized by cybercrimes during the pandemic, I witnessed firsthand the true terror and destruction that this inflicts on one's actual LIFE.  This made it all REAL for me! The last thing I would ever do again is ignore such warnings - especially from Google themselves.

Google’s Threat Analysis Group (TAG) tracks actors involved in information operations (IO), government backed attacks and financially motivated abuse. For years, TAG has been tracking the activities of commercial spyware vendors to protect users. [1]

Today's headlines about GOOGLE CHROME being compromised made me stop in my tracks to step up and "FIX" my browsers myself. Where most business owners will push this off to their I.T. people, my tech consultants offer me sage advice to be more HANDS-ON with the essentials - simple stuff like BLOCKING unknown emails and UPDATING your browsers.

GOOD NEWS
The public confidence for Google products remains high because of their due diligence and major investment in maintaining their security. As such, an emergency update fix has already been created (otherwise known as a PATCH) and can be installed by updating your Chrome browser. [2]

Before logging into any of your favorite apps or websites, you can find over 9M search results worth of headlines reporting on this hack. [GOOGLE SEARCH LINK: "GOOGLE CHROME>ZERO DAY HACK>2023"] By clicking on ANY of the headlines about this ZERO DAY HACK, many of the articles also include instructions on how to protect yourself, simply by UPDATING YOUR BROWSER.

How do you update Google Chrome browser?

Get a Chrome update when available

¡ On your desktop, touch the 3 dots on the top right of the browser

¡ Select HELP > About Google Chrome

¡ The center screen should automatically UPDATE Chrome to the most current setting

¡ To make sure, type "UPDATE' in the search box

We all look at the mighty Google to be a tech giant, investing millions upon millions in resources and security  to keep their users safe and happy. But guess what? Dozens of tech news has reported Google's security to be at constant attack. One of the first and most highly publicized Breach of Google started back in 2010 which sent alarms throughout the global community about the company's tracking surveillance requests from law enforcement[3]. Internet news recently highlights the TIMELINE of Google's Data Breach History, showing the tech giant to be a favorite target for data breaching with malicious cybercriminals. [4][5] 

CYBER-SAFETY CHECKLIST  First rule in security (home, bank, business or national)- NEVER LET YOUR GUARD DOWN. Attacks can come from anywhere at any time. No security protocol is fail-safe!  According to the Professional Alliance of Medical Data Protection, here are 15 suggested ways to protect your practice and your network from potential attacks. These are common, sensible and proven safety protocols to protect your network or system from being infiltrated by "the bad guys".  Click this thumbnail to enlarge and download.

REFS:

1) THREAT ANALYSIS GROUP | "Spyware vendors use 0-days and n-days against popular platforms" by Clement Lecigne/ 3/29/23- https://blog.google/threat-analysis-group/spyware-vendors-use-0-days-and-n-days-against-popular-platforms/

2) Google Chrome emergency update fixes first zero-day of 2023- By Sergiu Gatlan  (4/14/2023) | Bleeping Computer | https://www.bleepingcomputer.com/news/security/google-chrome-emergency-update-fixes-first-zero-day-of-2023/

3) Hackers Who Breached Google in 2010 Accessed Company's Surveillance Database - by Kim Zetter: https://www.wired.com/2013/05/google-surveillance-database/

4) GOOGLE DATA BREACHES HISTORY & FULL TIMELINE UP TO 2023- by T. McGovern. EarthWeb: https://earthweb.com/google-data-breaches/ https://earthweb.com/google-data-breaches/

5) Firewall Times - "Google Data Breaches: Full Timeline Through 2023" | By Michael X. Heiligenstein - https://firewalltimes.com/google-data-breach-timeline/

6) https://www.statista.com/statistics/1258261/covid-19-increase-in-cyber-attacks/

7) "Impact of COVID-19 on Cybersecurity" -  https://www2.deloitte.com/ch/en/pages/risk/articles/impact-covid-cybersecurity.html