Google: Cybercrime now a national security threat, enabling state-backed attacks

Google’s report highlights the growing intersection between cybercrime and state-backed cyber operations, noting that cybercriminal networks provide tools, services, and recruitment opportunities for government-linked actors, necessitating distinct but coordinated responses.
Google’s AI Mode now lets users upload photos alongside text queries, offering deeper and more detailed search responses instead of basic reverse image results.

A new report from Google states that cybercrime continues to expand, intersecting with state-backed cyber operations. Released ahead of the Munich Security Conference, research from Google’s Threat Intelligence Group and Mandiant outlines findings from their investigations in 2024 and trends observed over the past four years.

In 2024, Mandiant consultants responded to nearly four times as many incidents involving financially motivated actors compared to state-backed intrusions. However, the report notes that state-affiliated groups are increasingly leveraging cybercriminal tools and services, and at the same time ‘cybercrime receives much less attention from national security practitioners than the threat from state-backed groups‘.

According to Google, financially motivated and state-backed cyber activities are becoming more interconnected. Cybercriminal ecosystems facilitate the acquisition of malware, vulnerabilities, and operational support, offering lower-cost alternatives to state-developed capabilities.

The report emphasises that while cybercrime and state-backed cyber operations increasingly overlap, responses to these threats require distinct strategies. Cybercrime often involves networks operating across jurisdictions, necessitating international collaboration to address its impact effectively.

For more information on these topics, visit diplomacy.edu.