Google Lets You Know When You’re Being Targeted By State-Sponsored Attacks
Google announced that will start showing new warnings when it believes users’ accounts may be the target of state-sponsored attacks.
Google says it will show the warnings when it has specific intelligence, though the company won’t share what that intelligence is. The company announced this in a blog post today.
“You might ask how we know this activity is state-sponsored,” writes Google VP Security Engineering, Eric Grosse. “We can’t go into the details without giving away information that would be helpful to these bad actors, but our detailed analysis—as well as victim reports—strongly suggest the involvement of states or groups that are state-sponsored.”
“We believe it is our duty to be proactive in notifying users about attacks or potential attacks so that they can take action to protect their information,” adds Grosse. “And we will continue to update these notifications based on the latest information.”
Here’s what the warnings look like:
As you may recall, Google experienced some hacking incidents a couple of years ago, related to China, before Google ultimately pulled its search engine out of the country. Google also switched to default Https encryption for Gmail following the attacks. It later implemented this as default for signed in users on search as well.
Forbes writer Andy Greenberg writes today:
The company has been especially aware of the ongoing epidemic of state-sponsored espionage since it experienced its own major hacking incident in January of 2010, which was implied at the time to have been carried out by the Chinese government, a notion further confirmed by WikiLeaks’ leaked State Department cables. In March of that year, Google began showing users warnings when it detected suspicious behavior on their accounts. A Google spokesperson tells me those warnings will continue, and that the new “state-sponsored” attack warnings will be added as a separate alert.
Google notes that just because you see the new warning, doesn’t mean that your account has been hijacked. It just means it believes you are a target. If you see the warning, Google says you should: “create a unique password that has a good mix of capital and lowercase letters, as well punctuation marks and numbers; enable 2-step verification as additional security; and update your browser, operating system, plugins, and document editors.”
Google also says the warnings are not shown because its own systems have been compromised or because of a particular attack.