Google (and other organizations) collecting and securing such vast troves of information -- and building the technology to analyze it quickly -- obviously makes them hugely valuable to attackers and defenders alike, since the data they are storing is the very information that attackers/defenders try to keep from each other.
Encrypting it and securing it very well at a technology level means that the human element (I'd argue) becomes the easiest way to get access to it - i.e. someone with sysadmin access, DB access, or just working on a project where the APIs and/or tools available can produce valuable information. This is true even if the 'player' (with system access) has to be 'recruited' by the attacking or defending team some time after taking up the job.
Couple this with the fact that even the security agencies themselves are prone to corruption, malfeasance, human error, (no-one is perfect), and insiders, and you could easily end up with a confusing mess. Bear in mind that everyone wants their agents to operate and be able to communicate back without detection, again regardless of which team.
Compartmentalization must also come into conflict with inter-agency sharing rules -- at some level, people need to know what is going on and make decisions -- and trust must be a big issue for many of these groups - they probably spend a ton of time watching themselves and others, and watching for information leaks / canaries / spread of misinformation.
I'm certain there'll be some fascinating stories eventually from all of this - it all continues to make me believe that concentration of power and information (which I think are continuing as a trend) only end up in creating dangerous situations, and that decentralization is ultimately the preferable way to go (in that it prevents a small number of people from having too much power/influence/control, and equally protects those same people from being targets themselves).
I'm not aware of much successful recruiting. Most moles turn on their own. The game for the intel guys is like baseball: a lot of waiting and then serious hustle to make sure a fresh mole gets trained, vetted, rendered effective without getting caught.
Depressingly makes it sound like an everyday thing which is just monitored for - makes sense I suppose given how many information sinks there are nowadays.
Encrypting it and securing it very well at a technology level means that the human element (I'd argue) becomes the easiest way to get access to it - i.e. someone with sysadmin access, DB access, or just working on a project where the APIs and/or tools available can produce valuable information. This is true even if the 'player' (with system access) has to be 'recruited' by the attacking or defending team some time after taking up the job.
Couple this with the fact that even the security agencies themselves are prone to corruption, malfeasance, human error, (no-one is perfect), and insiders, and you could easily end up with a confusing mess. Bear in mind that everyone wants their agents to operate and be able to communicate back without detection, again regardless of which team.
Compartmentalization must also come into conflict with inter-agency sharing rules -- at some level, people need to know what is going on and make decisions -- and trust must be a big issue for many of these groups - they probably spend a ton of time watching themselves and others, and watching for information leaks / canaries / spread of misinformation.
I'm certain there'll be some fascinating stories eventually from all of this - it all continues to make me believe that concentration of power and information (which I think are continuing as a trend) only end up in creating dangerous situations, and that decentralization is ultimately the preferable way to go (in that it prevents a small number of people from having too much power/influence/control, and equally protects those same people from being targets themselves).