Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Google to Warn Users of State-sponsored Attacks

On Tuesday, Google said that it will begin notifying an unnamed subset of users, which could equate to anywhere from thousands to millions of people daily, if it is believed they are the target of a state-sponsored attack.

Google already has the systems in place to monitor for malicious activity, especially attempts by unknown third parties to monitor users via unauthorized access. Now, Google said, when there is specific intelligence (from either users or their own monitoring mechanisms) that someone is at risk a warning will be displayed.

On Tuesday, Google said that it will begin notifying an unnamed subset of users, which could equate to anywhere from thousands to millions of people daily, if it is believed they are the target of a state-sponsored attack.

Google already has the systems in place to monitor for malicious activity, especially attempts by unknown third parties to monitor users via unauthorized access. Now, Google said, when there is specific intelligence (from either users or their own monitoring mechanisms) that someone is at risk a warning will be displayed.

“If you see this warning it does not necessarily mean that your account has been hijacked. It just means that we believe you may be a target, of phishing or malware for example, and that you should take immediate steps to secure your account,” Eric Grosse, vice president of security engineering at Google noted in a blog post.

“You might ask how we know this activity is state-sponsored. We can’t go into the details without giving away information that would be helpful to these bad actors, but our detailed analysis—as well as victim reports—strongly suggest the involvement of states or groups that are state-sponsored,” he added.

The post goes on to explain that Google feels that it is their duty to be proactive, and warn users about potential attacks and active attacks. As the process develops, the warnings will continue to be updated based on the latest information.

Google Warning Users of State Sponsored Attacks

A few questions remain unanswered.

Will the warnings be displayed if the unauthorized third-party is an EU or U.S. government agency? Google won’t say.

“We’re going to decline to comment on the make-up of the countries that are involved,” a Google spokesperson said in a statement to that very question, when asked by Information Week.

Advertisement. Scroll to continue reading.

The reasoning, the statement added, is because the goal is to warn users and encourage strong account security practices, “these warnings are not a response to any particular attack or campaign.”

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cybercrime

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

Cybercrime

Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.

Artificial Intelligence

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cybercrime

Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.