• United States



john_mello jr

Google to Warn Users About Being the Victim of Nation-State Cyber Attacks

Jun 06, 20122 mins
Computers and PeripheralsCybercrimeGoogle

If a nation-state targets your PC, Google will let you know.

If your Google account comes under cyber attack from a nation-state, you can expect to see this warning in your browser: Warning: We believe state-sponsored attackers may be attempting to compromise your account or computer.

“If you see this warning it does not necessarily mean that your account has been hijacked,” Google Vice President Eric Grosse explained in a blog Tuesday. “It just means that we believe you may be a target of phishing or malware….”

Grosse wouldn’t explain how Google knows when you’re under attack. “We can’t go into the details without giving away information that would be helpful to these bad actors, but our detailed analysis–as well as victim reports–strongly suggests the involvement of states or groups that are state-sponsored,” he wrote.

What should you do if you’re attacked by a nation-state? Google recommends:

  • Create a unique password that has a good mix of capital and lowercase letters, as well as punctuation marks and numbers;
  • Update your browser, operating system, plug-ins, and document editors; and
  • Enable two-step verification as additional security.

What is Two-Step Verification?

Two-step verification involves the use of a cellphone to verify your identity. While in many cases it’s a secure method of authentication, some security experts believe it’s a method ripe for hacker exploitation.

For example, users can be lured to a website with the promise of free gift cards or some such. During the registration process, users can be asked for their email address and their verification code. With those two pieces of information, anyone can break into the user’s account and engage in all sorts of mischief.

Google has been sensitive to attacks by nation-states on its systems. In December 2010, for instance, a number of Gmail accounts belonging to Chinese dissidents were hacked. Six months later, Google again said China was the culprit behind an attack on Gmail, this time through a spear phishing campaign that included a number of high-ranking U.S. government officials.

Follow freelance technology writer John P. Mello Jr. and Today@PCWorld on Twitter.