Google said it had thwarted an operation by a hacker group it said was linked to China that had compromised at least 53 organizations in 42 countries. This hacker group is tracked in the security industry as UNC2814, also known as "Gallium". It has been targeting government agencies and telecom operators in various countries for the past ten years.

John Hutquist, chief analyst of Google's threat intelligence team, said that this is a large-scale surveillance system used to conduct espionage activities against individuals and organizations around the world. Google said it has worked with unnamed partners to terminate the Google Cloud project controlled by the organization, identify and shut down the Internet infrastructure used by it, and disable the accounts used by hackers to access services such as Google Drive Sheets. Google emphasized that attackers used Google Sheets to disguise themselves as normal network traffic to avoid security monitoring. This incident does not mean that the relevant Google products themselves have been compromised.

Charlie Snyder, senior manager of Google's threat intelligence team, said that it has been confirmed that the organization has successfully accessed 53 entities in 42 countries, and targets in at least 22 countries may be at potential risk. For security and confidentiality reasons, Google did not disclose the names of the organizations that were attacked. In one case, hackers implanted a backdoor program called "GRIDTIDE" by Google into a system that holds a large amount of sensitive citizens' personal information, including names, phone numbers, dates and places of birth, as well as voter ID and national ID numbers. Google pointed out that this type of attack is highly consistent with the purpose of identifying and tracking specific target objects. Similar actions have been used in the past to steal call records, monitor the content of text messages, and even implement more detailed monitoring of specific individuals through the legal monitoring capabilities of telecom operators.

In response to relevant accusations, Liu Pengyu, spokesperson of the Chinese Embassy in the United States, said in a statement that cyber security is a common challenge faced by all countries and should be addressed through dialogue and cooperation. The statement stated that China has always opposed and cracked down on hacker activities in accordance with the law, and at the same time firmly opposed using network security issues to smear or slander China.

Google also pointed out that this operation is different from another high-profile China-related hacking activity that also targeted the telecommunications industry. The latter, known as "Salt Typhoon" in the security community, has been linked to China by the U.S. government in an operation that has targeted hundreds of U.S. agencies and several prominent figures in U.S. politics.