Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Google to Warn Users of State-sponsored Attacks

On Tuesday, Google said that it will begin notifying an unnamed subset of users, which could equate to anywhere from thousands to millions of people daily, if it is believed they are the target of a state-sponsored attack.

Google already has the systems in place to monitor for malicious activity, especially attempts by unknown third parties to monitor users via unauthorized access. Now, Google said, when there is specific intelligence (from either users or their own monitoring mechanisms) that someone is at risk a warning will be displayed.

On Tuesday, Google said that it will begin notifying an unnamed subset of users, which could equate to anywhere from thousands to millions of people daily, if it is believed they are the target of a state-sponsored attack.

Google already has the systems in place to monitor for malicious activity, especially attempts by unknown third parties to monitor users via unauthorized access. Now, Google said, when there is specific intelligence (from either users or their own monitoring mechanisms) that someone is at risk a warning will be displayed.

“If you see this warning it does not necessarily mean that your account has been hijacked. It just means that we believe you may be a target, of phishing or malware for example, and that you should take immediate steps to secure your account,” Eric Grosse, vice president of security engineering at Google noted in a blog post.

“You might ask how we know this activity is state-sponsored. We can’t go into the details without giving away information that would be helpful to these bad actors, but our detailed analysis—as well as victim reports—strongly suggest the involvement of states or groups that are state-sponsored,” he added.

The post goes on to explain that Google feels that it is their duty to be proactive, and warn users about potential attacks and active attacks. As the process develops, the warnings will continue to be updated based on the latest information.

Google Warning Users of State Sponsored Attacks

A few questions remain unanswered.

Will the warnings be displayed if the unauthorized third-party is an EU or U.S. government agency? Google won’t say.

“We’re going to decline to comment on the make-up of the countries that are involved,” a Google spokesperson said in a statement to that very question, when asked by Information Week.

The reasoning, the statement added, is because the goal is to warn users and encourage strong account security practices, “these warnings are not a response to any particular attack or campaign.”

Written By

Click to comment

Expert Insights

Related Content

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Cybercrime

A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...

Cybercrime

CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.

Cybercrime

Video games developer Riot Games says source code was stolen from its development environment in a ransomware attack

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...