Google has posted a note on its security blog informing users that there will now be a banner warning you if Google believes that a state-sponsored cyber attacker is trying to compromise your account or computer.
Eric Grosse, Google’s Vice President of Security Engineering, wrote on googleonlinesecurity.blogspot.com, “When we have specific intelligence — either directly from users or from our own monitoring efforts — we show clear warning signs and put in place extra roadblocks to thwart these bad actors.”
The warning seen below will state: “Warning: We believe state-sponsored attackers may be attempting to compromise your account or computer. Protect yourself now.”
“If you see this warning it does not necessarily mean that your account has been hijacked. It just means that we believe you may be a target, of phishing or malware for example, and that you should take immediate steps to secure your account.” Grosse wrote in the blog posting.
The unusual security notice by Google may make users wonder how Google knows their accounts are potentially being probed.
“You might ask how we know this activity is state-sponsored. We can’t go into the details without giving away information that would be helpful to these bad actors, but our detailed analysis — as well as victim reports — strongly suggest the involvement of states or groups that are state-sponsored,” Grosse said in the blog posting.
In 2009 China tried to gain access to the Gmail accounts of dozens of Chinese dissidents and human rights activists. It was part of a larger state-sponsored cyber attack targeting as many as 30 U.S. companies including Yahoo, Adobe, Rackspace and Northrop Grumman. U.S. officials believe China was attempting to gain access to these firms’ networks to obtain intellectual property and source code information. Google disclosed the attack in January 2010.
Google, in its posting, advises users to have strong, unique, passwords, update their internet browsers and software, and avoid clicking on attachments that could contain malware. Google says the banner may stay up on a user’s page for several days to remind users to take the necessary security steps.
“We believe it is our duty to be proactive in notifying users about attacks or potential attacks so that they can take action to protect their information. And we will continue to update these notifications based on the latest information,” Grosse wrote in the blog posting.