Eric Grosse, vice president of security engineering for Google, said today that Google will share its intelligence on targeted, state-sponsored attacks by posting a warning banner atop the user's account: "Warning: We believe state-sponsored attackers may be attempting to compromise your account or computer" with a hyperlink on how to protect the account.
"We are constantly on the lookout for malicious activity on our systems, in particular attempts by third parties to log into users' accounts unauthorized. When we have specific intelligence -- either directly from users or from our own monitoring efforts -- we show clear warning signs and put in place extra roadblocks to thwart these bad actors," Grosse said in a blog post. "Today, we’re taking that a step further for a subset of our users, who we believe may be the target of state-sponsored attacks."
So how does Google know whether an attack was nation-state-sponsored? Here's how Grosse explained it: "We can't go into the details without giving away information that would be helpful to these bad actors, but our detailed analysis -- as well as victim reports -- strongly suggest the involvement of states or groups that are state-sponsored."
But users who get the new Google warning notice haven't necessarily suffered an email or other Google account breach, he said. "It just means that we believe you may be a target, of phishing or malware for example, and that you should take immediate steps to secure your account," Grosse said.
Google recommends creating strong passwords with a mix of uppercase and lowercase letters, punctuation marks, and numbers, as well as two-factor authentication and keeping software updated. "Attackers often send links to fake sign-in pages to try to steal your password, so be careful about where you sign in to Google and look for https://accounts.google.com/ in your browser bar," Grosse said.
Have a comment on this story? Please click "Add Your Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message.