Google To Warn Users About State-Sponsored Attacks

From Tuesday, users of Google services who are believed to be the target of state-sponsored cyber-attacks will be receiving notifications about possible threats and suggestions on how to improve security.

Google will issue these alerts based on “specific intelligence” coming from its laboratories and user reports.

Cold cyber-war

In the last few years, the idea that nation states will use malware to wage wars has crossed from the realm of Sci-Fi and into reality. The UK, US and Japan are building their own cyber-weapon stockpiles, while Eugene Kaspersky has warned that world governments need a cyber-weapons convention like those for chemical and nuclear arms.

China has been both accused of, and a alleged victim of a number of high profile hacker attacks, while a recent book claimed Stuxnet was a joint project between US and Israel. Nation states were also blamed for the creation of Flame, described as “the most sophisticated cyber weapon yet unleashed”.

Google has decided to take steps to inform users when a suspected state-sponsored cyber-attack is taking place. When the “intelligence” suggests foul play, the following message will appear at the top of the page: “Warning: We believe state-sponsored attackers may be attempting to compromise your account or computer. Protect yourself now.” It will be accompanied by a link, leading to a list of measures users can take to secure their account.

Seeing this warning does not necessarily mean that the user’s account has been compromised by Chinese hackers, but it suggests a phishing or malware attack might be in progress, and to remain safe, it wouldn’t hurt to take additional precautions.

If a user sees the notification, Google also recommends creating a new, more secure password, enabling two-step verification and making sure their browser, operating system, plugins and document editors are all up to date.

The tech giant also warned about websites masquerading as Google sign-in pages in order to steal login details, noting that any legitimate page would include https://accounts.google.com/ in the address bar.

“You might ask how we know this activity is state-sponsored. We can’t go into the details without giving away information that would be helpful to these bad actors, but our detailed analysis – as well as victim reports – strongly suggest the involvement of states or groups that are state-sponsored,” said Eric Grosse, vice president of security engineering at Google.

Do you know Google’s secrets? To find out, take our quiz!

Max Smolaks

Max 'Beast from the East' Smolaks covers open source, public sector, startups and technology of the future at TechWeekEurope. If you find him looking lost on the streets of London, feed him coffee and sugar.

Recent Posts

X’s Community Notes Fails To Stem US Election Misinformation – Report

Hate speech non-profit that defeated Elon Musk's lawsuit, warns X's Community Notes is failing to…

1 day ago

Google Fined More Than World’s GDP By Russia

Good luck. Russia demands Google pay a fine worth more than the world's total GDP,…

1 day ago

Spotify, Paramount Sign Up To Use Google Cloud ARM Chips

Google Cloud signs up Spotify, Paramount Global as early customers of its first ARM-based cloud…

2 days ago

Meta Warns Of Accelerating AI Infrastructure Costs

Facebook parent Meta warns of 'significant acceleration' in expenditures on AI infrastructure as revenue, profits…

2 days ago

AI Helps Boost Microsoft Cloud Revenues By 33 Percent

Microsoft says Azure cloud revenues up 33 percent for September quarter as capital expenditures surge…

2 days ago