The Rest Is Classified - EXCLUSIVE: Google's President of Global Affairs on AI, Cyber Attacks and Silicon Valley
Episode Date: October 9, 2025*Declassified Club exclusive: SUBSCRIBE to listen to the full interview* This week Gordon and David are joined by Kent Walker, Google's President of Global Affairs, to discuss the Aurora cyber ...attacks, his thoughts on the future of Artificial Intelligence, and what it was like to grow up in Silicon Valley before it became the world's technology hub. ------------------- Join The Declassified Club: Start your free trial at therestisclassified.com - go deeper into the world of espionage with exclusive Q&As, interviews with top intelligence insiders, quarterly livestreams, ad-free listening, early access to episodes and live show tickets, and weekly deep dives into original spy stories. Members also get curated reading lists, special book discounts, prize draws, and access to our private chat community. To sign up to the free newsletter, go to: https://mailchi.mp/goalhanger.com/tric-free-newsletter-sign-up ------------------- Order a signed edition of Gordon's latest book, The Spy in the Archive, via this link. Order a signed edition of David's latest book, The Seventh Floor, via this link. ------------------- Email: classified@goalhanger.com Twitter: @triclassified Video Editor: Nathan Copelin Social Producer: Emma Jackson Producer: Becki Hills Senior Producer: Dom Johnson Exec Producer: Tony Pastor Learn more about your ad choices. Visit podcastchoices.com/adchoices
Transcript
Discussion (0)
For exclusive interviews, bonus episodes, ad-free listening, early access to series,
first look at live show tickets, a weekly newsletter, and discounted books,
join the Declassified Club at the Rest is Classified.com.
Okay, welcome everybody, welcome club members to this bonus episode.
know David here this time. It's far too busy promoting his new book in America, the Persian.
Not sure if he's mentioned, he's had a book coming out, but there we go. Actually, that's not
the real reason. He's not here. We're doing something a bit different anyway this episode. Hopefully
you've heard the two-part series we've just done this week on the events around Aurora,
the cyber hack of Google, linked to China back in 2009, 2010. Well, I'm actually currently in
Google's London headquarters. I've walked past a Dalek on my way in from the Doctor Who series,
which is very impressive, as well as some other kind of features which tell you you're in a tech
company. I think I'm in a room called Beech Root as well, which is a kind of interesting name.
But most importantly, with me is Kent Walker, who's president of global affairs at Alphabet,
which is now, of course, the parent company of Google. Welcome, Kent.
Delight to be with you.
And thanks for taking the time to talk to us about the kind of not just what happened in the past,
but the world we're in today, some of the security issues, including around AI and things like that,
and how they look from a big tech company. Now, Kent, you start?
he didn't Google back in 2006.
That's right.
So you were there when Aurora happened.
What did you remember of it?
Was it a big deal at the time?
It was indeed.
We went on 24-7 round-the-clock focus on this.
It was a building that was really just concentrated
on identifying exactly what was happening
and getting on top of it.
And then ultimately, warning other companies
that had also been affected.
Senior managers there, Sergey Brin,
others were very focused on understanding this in a deep way.
And it also then set the framework
for a lot of our cybersecurity work for the decade to come.
We really pivoted in a pretty dramatic way,
recognizing that the Internet has incredible possibilities,
but also vulnerabilities, and you need to be on the lookout.
Because at that time, I guess it sounds as if Google had experienced,
obviously, you know, hackers trying to get into the company
and things like that before, but nothing quite of that scale of sophistication.
That's right.
I mean, as a large website, we take pride in the fact that today
we keep more people safe than any other company in the world.
That's in part because our experience of being hacked as much as any company in the world,
or at least people have attempted to hack our services.
They attack us.
We have derived from Aurora and from other learnings a whole shift in the way we go at cyber defense.
It's no longer back in the day the notion was we were crunchy on the outside, chewy in the middle.
Once you got over the high outside wall, there was a lot of access internally
because engineers wanted to have access to lots of different code repositories and the like.
we've learned that even in an open environment like the internet, you can still have defense in depth,
you can have what's called zero trust approaches to security, where you have to validate who you are
at every step of the process. Now, the key, of course, is to do that easily with a touch of a button
or a fingertip, so it's not burdensome for people working through the system. But as a result of that,
we think we offer remarkable levels of security across the cloud, across the internet,
while maintaining this openness.
And just back on Aurora, the decision to go public,
was that a kind of difficult decision?
Because at that time, very few companies went public
about being hacked.
And actually, Google was saying,
we've been hacked and we're going to point the finger.
So I had been a federal prosecutor in the United States
specializing in technology crime.
And one of the challenges we had
was getting companies to go public.
From their perspective,
they didn't want to publicize their vulnerabilities.
They didn't want to let the outside world know
that they had an incident.
So it was a little bit like pulling teeth.
We wanted to remind people that security is a team sport,
that were all only as secure as the least secure vendor
or the person in your ecosystem.
So when we discovered there had been scores of other companies
that had also been infiltrated...
As part of the same campaign.
Part of the same campaign.
Government actors, commercial actors, et cetera,
we felt a little of an obligation
to notify them, to work with their security teams,
and to publicly disclose that we have been act.
And it did lead to Google effectively pulling out of China at that time.
There were challenges around that because we had, for years, been engaged with China
and had made the decision ultimately as a result of this
to move our consumer-oriented products outside of the Chinese firewall.
Because some of the issues of censorship were just too difficult.
It was a constellation of issues around cybersecurity, censorship, et cetera.
But we continue to operate our advertising business in China
and think we operate now a very secure system outside of China
serving the rest of the world. So you said you started as a prosecutor.
Early days of cybersecurity, I guess. Was it even called cybersecurity? I grew up in the
Silicon Valley. I was working the San Francisco Federal Prosecutor's Office.
I and a fellow down in the San Jose office co-founded what was called the high-tech crime
task force, even the sound. Yeah, high-tech crime. It comes across, you know, 1980s,
vintage. We were at that time looking at things like the hacking of software, which was back on
discs or in the counterfeiting of some of these materials. But we also had cases like Kevin
Mittnick, who was very famous hacker. He was well known for a number of different exploits.
This was slightly after the days of phone freaking, where people were using codes and whistles
to be able to make phone calls anywhere in the world. And they had graduated to doing things
like being able to access government databases, the California's Department of Motor Vehicles,
to find out information about people, or being the hundred and third caller to,
a radio call-in show where the 103 caller won a prize by diverting the first 102 calls.
Nice. That's quite clever.
It was quite clever.
This is the world of kind of war games, I'm imagining.
This is kind of 80s, 90s, kind of bedroom hackers playing games.
Yes. Although there were some serious and real criminal attributes here because there was
a theft of intellectual property. There was unauthorized access to online communities
and like. America back in the day had a show called America's Most Wanted profiles of criminals.
who had done a variety of different things.
At the end of the show,
they would run a toll-free call-in line for three hours.
When they did an episode about Kevin Mittnick,
for the first and only time in the history of the show,
the toll-free line went dead for three hours.
He took down the...
Well, you assume so?
Yeah, it's a good guess.
You never know.