Connect with us

Hi, what are you looking for?


Incident Response

Google Offers G Suite Alerts for State-Sponsored Attacks

Google this week announced that it can now alert G Suite admins when it believes users have been targeted by government-backed attackers.

Google this week announced that it can now alert G Suite admins when it believes users have been targeted by government-backed attackers.

The search company has been notifying users on what it believes might be state-sponsored attacks for over six years, and reaffirmed its commitment to continue alerting users on such incidents last year.

The Internet giant is now providing G Suite admins with the option to receive alerts whenever attacks appearing to be coming from a state-sponsored actor are targeting their users. The feature will show up in the G Suite Admin console as soon as it becomes available.

“If an admin chooses to turn the feature on, an email alert (to admins) is triggered when we believe a government-backed attacker has likely attempted to access a user’s account or computer through phishing, malware, or another method,” Google explains.

As usual, such alerts don’t necessarily imply that the account has been compromised or that the organization has been hit with a larger attack.

The new feature is turned off by default, but admins can easily enable or disable it in Admin Console > Reports > Manage Alerts > Government backed attack.

The feature also allows admins to set who is being notified when such attacks are detected (by default, super admins receive the notification via email).

Advertisement. Scroll to continue reading.

Once an attack has been detected, admins can choose to secure the account suspected to have been targeted, and can also opt to alert the user on both the attack and the security measures taken.

The feature is set to gradually roll out to all G Suite editions and should be available for all admins within the next 15 days, Google said.

Companies such as Microsoft, Facebook, and Twitter are also warning users when detecting attacks believed to have been performed by a government-backed actor.

Related: Beyond Nation-states: The Disappearing Line Between Attacker Capabilities

Related: Rise in State-sponsored Cyber Espionage: The Tipping Point of Cyber Warfare?

Related: Line Between Nation-State, Criminal Hackers Increasingly Blurred: Report

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...

Application Security

GitHub this week announced the revocation of three certificates used for the GitHub Desktop and Atom applications.

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.

Incident Response

Microsoft has rolled out a preview version of Security Copilot, a ChatGPT-powered tool to help organizations automate cybersecurity tasks.

Incident Response

Meta has developed a ten-phase cyber kill chain model that it believes will be more inclusive and more effective than the existing range of...

Artificial Intelligence

Two new surveys stress the need for automation and AI – but one survey raises the additional specter of the growing use of bring...

Application Security

Password management firm LastPass says the hackers behind an August data breach stole a massive stash of customer data, including password vault data that...