Google is reportedly preparing to take a more proactive role in defending itself—and potentially other American organizations, U.S. infrastructure, etc.—from hackers.
CyberScoop reported that Google Threat Intelligence Group vice president Sandra Joyce recently revealed that the company is planning to form a "disruption unit" in the coming months. “What we’re doing in the Google Threat Intelligence Group is intelligence-led proactive identification of opportunities where we can actually take down some type of campaign or operation,” Joyce said. "We have to get from a reactive position to a proactive one … if we’re going to make a difference right now.”
Joyce's revelation arrived at an event hosted by the Center for Cybersecurity Policy and Law, which published a report titled "To Hack Back, or Not Hack Back? That is the Question … or is it?" in May. Unfortunately the report doesn't offer many answers of its own—it merely asks if the U.S. government should allow the private sector to engage in offensive cyber operations, if non-cyber retaliation would better deter the country's adversaries, and if the focus should instead be on improving cyber defenses.
It's clear in what direction the U.S. government is leaning: the "One Big Beautiful Bill Act" passed in July earmarked $1 billion for offensive cyber operations even as the Trump administration enacted policies that undermined defensive efforts overseen by the likes of the U.S. Cyber and Infrastructure Security Agency. That wouldn't necessarily allow companies like Google to contribute to offensive cyber operations, but it does show that such activity is a priority for this administration, at least.
The "One Big Beautiful Bill Act" was followed by the Aug. 15 proposal of the "Scam Farms Marque and Reprisal Authorization Act of 2025," which, if passed, would "authorize the President of the United States to issue letters of marque and reprisal with respect to acts of aggression against the United States a member of a criminal enterprise or any conspirator associated with an enterprise involved in cybercrimes." (The full text of the bill is available on the official Congress.gov website.)
Modern technology is no stranger to nautical metaphors — illegally procuring digital media is broadly known as "piracy," after all, and we still refer to products as being "flagship." But the Scam Farms Marque and Reprisal Authorization Act would rely on a practice that is quite literally from the "Age of Sail," as Wikipedia puts it, in an effort to discourage international cybercriminals from targeting American organizations. The only thing missing is a provision allowing the use of muskets and cutlasses.
That doesn't necessarily mean that being more proactive in cyber defense (whether or not that includes participation from the private sector) would be ill-advised. The current approach clearly isn't working; cybercriminals regularly target U.S. organizations with ransomware, steal their intellectual property, and in some cases siphon off money used to fund weapons programs. Other nations, meanwhile, frequently target various aspects of America's critical infrastructure.
It seems the U.S. government is ready to change its approach to deterring those attacks, and now it's clear that companies like Google are prepared to support that shift, too. Good idea? Bad idea? We'll see. But either way this is a massive change from the status quo, and if I were the one behind the hopefully metaphorical Guy Fawkes mask, I wouldn't be keen to find out what it looks like when the U.S. government and the companies it's been telling not to "hack back" finally decide to let loose.
Follow Tom's Hardware on Google News to get our up-to-date news, analysis, and reviews in your feeds. Make sure to click the Follow button.
