Google Alerting Users to Suspected Hacks

Focus on State-Sponsored Attacks Culled from Intel, Victims
Google Alerting Users to Suspected Hacks

With an increase in state-sponsored hacking, Google says it will alert a select subset of its Gmail e-mail users when it believes their accounts may have been targeted.

See Also: Identity Security & The Quest for Zero Trust

"When we have specific intelligence - either directly from users or from our own monitoring efforts - we show clear warning signs and put in place extra roadblocks to thwart these bad actors," Eric Grosse, Google vice president of security engineering, writes in the company's security blog.

Users to be alerted are those Google says it believes may be the target of state-sponsored attacks.

A warning doesn't necessarily mean hackers hijacked an account, but that Google believes it might be a target of phishing or malware attacks. Grosse offers the following steps users can take to protect their accounts:

  • Create a unique password that has a good mix of uppercase and lowercase letters as well punctuation marks and numbers;
  • Enable two-step authentication as additional security; and
  • Update your browser, operating system, plug-ins and document editors.

"You might ask how we know this activity is state-sponsored?" Gross writes. "We can't go into the details without giving away information that would be helpful to these bad actors, but our detailed analysis - as well as victim reports - strongly suggests the involvement of states or groups that are state-sponsored."

Here's what the warning looks like:

About the Author

Information Security Media Group

Information Security Media Group (ISMG) is the world's largest media company devoted to information security and risk management. Each of its 37 media sites provides relevant education, research and news that is specifically tailored to key vertical sectors including banking, healthcare and the public sector; geographies from North America to Southeast Asia; and topics such as data breach prevention, cyber risk assessment and fraud. Its yearly global summit series connects senior security professionals with industry thought leaders to find actionable solutions for pressing cybersecurity challenges.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.