Google Warning of More State-Sponsored Cyber-Attacks

Google is sending out tens of thousands of messages to users that their Gmail accounts may have been targeted by state-sponsored cyber-criminals.

Google officials are sending out tens of thousands of new messages to Gmail users that their accounts may be targets of state-sponsored cyber-attacks, citing a growth in the number of threats coming out from other parts of the world, particularly the Middle East.

The warnings, which Google security officials began sending out Oct. 2, are coming after Google security officials gleaned new information about cyber-attacks and their perpetrators, according to a report in The New York Times. In an interview with the newspaper, Mike Wiacek, a manager in Google’s information security group, said that after seeing the new intelligence about the threats, the search engine giant decided to send out the warnings.

The newest round of messages comes four months after Google alerted users that the company was going to begin warning them of attacks on their Gmail accounts that officials believe were coming from state-sponsored groups, in such forms as malware and phishing attacks.

In a June 5 blog post, Eric Grosse, vice president of security engineering from Google, told users of the company’s plans to issue alerts.

“If you see this warning it does not necessarily mean that your account has been hijacked,” Grosse wrote. “It just means that we believe you may be a target, of phishing or malware for example, and that you should take immediate steps to secure your account. … You might ask how we know this activity is state-sponsored. We can’t go into the details without giving away information that would be helpful to these bad actors, but our detailed analysis—as well as victim reports—strongly suggest the involvement of states or groups that are state-sponsored.”

The Times identified several people who have received Google’s warning message, including journalists and security researchers.

China has been the country that in the past has been a chief suspect of much of the state-sponsored attacks seen in the world, but Google’s Wiacek told the Times that the company had seen a jump in state-sponsored attacks coming out of the Middle East. He declined to name specific countries, adding instead that they were coming from “a slew of different countries” in the region, which has seen some of its countries wracked by turmoil following the Arab Spring and the civil war in Syria.

The Times report said Google’s findings jibe with what security analysts have seen in some Middle East countries—including Iran, Qatar, the United Emirates and Bahrain—which have used spyware to track citizens both within their borders and overseas.

Google officials have outlined several steps users who get the warning message can take to protect themselves and their information, including creating a new unique password with a mix of lower-case and capital letters, punctuation and numbers.

In addition, users should use two-step verification, and update their browsers, operating systems, plug-ins and document editors, according to Google.

In addition, according to Google’s Grosse: “Attackers often send links to fake sign-in pages to try to steal your password, so be careful about where you sign in to Google and look for in your browser bar. These warnings are not being shown because Google’s internal systems have been compromised or because of a particular attack.”