Google announced today that it will begin issuing a specialize warning to Gmail users it suspects have been hit by “state-sponsored” cyberattacks.
Those who Google believes have been targeted by governments or government-sposored groups will see the following alert at the top of their Gmail inbox: “Warning: We believe state-sponsored attackers may be attempting to compromise your account or computer.”
Even if you see this warning, writes Eric Grosse, Google’s vice president of security engineering, in a blog post, “it does not necessarily mean your account has been hijacked.” Instead, he writes, “it just means that we believe you may be a target, of phishing or malware for example, and that you should take immediate steps to secure your account.” For users confronted with the warning, Grosse suggests they create a “unique password that has a good mix of capital and lowercase letters, as well punctuation marks and numbers; enable 2-step verification as additional security; and update your browser, operating system, plugins, and document editors.”
“You might ask how we know this activity is state-sponsored,” writes Grosse “We can’t go into the details without giving away information that would be helpful to these bad actors, but our detailed analysis — as well as victim reports — strongly suggest the involvement of states or groups that are state-sponsored.”
Grosse says that Google has “specific intelligence” gathered from users and its own “monitoring efforts” that allow the company to “show clear warning signs and put in place extra roadblocks to thwart these bad actors.”
While Grosse is careful not to mention a single suspect of attacks, one country is on the tip of everyone’s tongue: China. In 2010, Google stop censoring certain terms in its search, and moved the majority of its operations out of mainland China to Hong Kong due to the Chinese government’s overwhelming restrictions on Web users. And in both 2010 and March of last year, hackers believed to be backed by the Chinese government tampered with Gmail in an apparent attempt to gather information about political dissidents in the country.
Late last week, Google announced that it has begun to alert search users in China anytime the company is forced to censor content due to government-imposed constraints. This move follows comments by Google co-founder and CEO Sergey Brin named governments as one of the primary actors threatening the Internet as we know it.
“I am more worried than I have been in the past,” he told the Guardian in an interview. “It’s scary.”