Google to Alert Users of 'State-Sponsored Attacks' on Gmail
Google has begun warning users if their accounts may be compromised by state-sponsored cyber attacks, in order to help customers protect personal data, Agence France-Presse (AFP) reported.
“We are constantly on the lookout for malicious activity on our systems, in particular attempts by third parties to log into users’ accounts unauthorized,” Google’s Vice President of Security Engineering Eric Grosse said in a blog post on Tuesday.
“When we have specific intelligence — either directly from users or from our own monitoring efforts — we show clear warning signs and put in place extra roadblocks to thwart these bad actors.”
Grosse said the new step includes a specific warning, with a pink message bar and blue letters, to be issued in cases where users might be targeted.
“You might ask how we know this activity is state-sponsored,” he said. “We can’t go into the details without giving away information that would be helpful to these bad actors, but our detailed analysis — as well as victim reports — strongly suggest the involvement of states or groups that are state-sponsored.”
The warnings do not necessarily mean that the account has been hijacked, but indicates that it may be a target of malware.
The move comes amid growing concerns about malware from the so-called Flame virus and other indications of cyber warfare.
Google said users who receive the warning should create “a unique password that has a good mix of capital and lowercase letters, as well punctuation marks and numbers” and take other measures, including two-step verification, as additional security.
“Attackers often send links to fake sign-in pages to try to steal your password, so be careful about where you sign in to Google,” Grosse said.
“We believe it is our duty to be proactive in notifying users about attacks or potential attacks so that they can take action to protect their information,” he added. “And we will continue to update these notifications based on the latest information.”