Google to warn users targeted by state-sponsored attacks

Discussion in 'Anti-Virus' started by Virus Guy, Jun 6, 2012.

  1. Virus Guy

    Virus Guy Guest

    http://thecable.foreignpolicy.com/posts/2012/06/05/google_to_warn_users_targeted_by_state_sponsored_attacks

    Google to warn users targeted by state-sponsored attacks
    Tuesday, June 5, 2012

    ==========
    UPDATE: A senior Senate aide confirmed that this evening he received a
    warning on his Gmail account that Google suspected he had been the
    target of a state-sponsored cyber attack.
    ===========

    Web giant Google is about to announce a new warning informing Gmail
    users when a specific type of attacker is trying to hijack their
    accounts -- governments and their proxies.

    Later today, the company will announce a new warning system that will
    alert Gmail users when Google believes their accounts are being targeted
    by state-sponsored attacks. The new system isn't a response to a
    specific event or directed at any one country, but is part and parcel of
    Google's recent set of policy changes meant to allow users to protect
    themselves from malicious activity brought on by state actors. It also
    has the effect of making it more difficult for authoritarian regimes to
    target political and social activists by hacking their private
    communications.

    "We are constantly on the lookout for malicious activity on our systems,
    in particular attempts by third parties to log into users' accounts
    unauthorized. When we have specific intelligence-either directly from
    users or from our own monitoring efforts-we show clear warning signs and
    put in place extra roadblocks to thwart these bad actors," reads a note
    to users by Eric Grosse, Google's vice president for security
    engineering, to be posted later today on Google's Online Security blog,
    obtained in advance by The Cable. "Today, we're taking that a step
    further for a subset of our users, who we believe may be the target of
    state-sponsored attacks."

    When Google's internal systems monitoring suspicious internet activity,
    such as suspicious log-in attempts, conclude that such activities
    include the involvement of states or state-backed initiatives, the user
    will now receive the specialized, more prominent warning pictured above.
    The warning doesn't necessarily mean that a user's account has been
    hijacked, but is meant to alert users that Google believes a state
    sponsored attack has been attempted so they can increase their security
    vigilance.

    Google wants to be clear they are not singling out any one government
    for criticism and that the effort is about giving users transparency
    about what is going on with their accounts, not about highlighting the
    malicious actions of foreign states.

    "If you see this warning it does not necessarily mean that your account
    has been hijacked. It just means that we believe you may be a target, of
    phishing or malware for example, and that you should take immediate
    steps to secure your account," Grosse writes. "You might ask how we know
    this activity is state-sponsored. We can't go into the details without
    giving away information that would be helpful to these bad actors, but
    our detailed analysis-as well as victim reports-strongly suggest the
    involvement of states or groups that are state-sponsored."

    Google insiders told The Cable that Google will not be giving out
    information on which governments it sees as the most egregious violators
    of web privacy. For Google, the new initiative is not an effort against
    governments but a way to help its users help defend and protect
    themselves.

    Users who click through the new warning message will be directed to a
    page that outlines commonly seen security threats and suggests ways
    users can immediately raise their level of security on Gmail.

    "We're constantly working to prevent harmful activity on our services,
    especially attempts to compromise our users' information," the insider
    said. "The primary message is: we believe that you're a target so you
    should take immediate steps to protect your account."

    The new announcement comes only days after the company said they would
    alert users in mainland China when they use search terms that are likely
    to be censored by the Chinese government. According to another of
    Google's official blogs, that move was meant to improve the search
    experience for Chinese users by allowing them to avoid terms that would
    result in stalls or breaks in their search experience due to government
    filters.

    For example, Google said that Chinese users searching the character for
    "river," which is "jiang" in Chinese, causes technical problems. The
    same character is also used in the search for former Chinese President
    Jiang Zemin.

    Google didn't specifically mention Chinese censorship in its notice
    about Chinese search terms, apparently in an effort not to antagonize
    the Chinese government any more than necessary. Google and Beijing have
    been at odds since 2010, when the company announced it would no longer
    censor search terms on the Google.cn and moved the bulk of its Chinese
    operations to Hong Kong.

    That move followed a series of Gmail attacks in 2010, directed at
    Chinese human rights activists, which were widely suspected to be linked
    to the Chinese government. Following those attacks, the
    government-controlled People's Daily publicly accused Google of being an
    agent for U.S. intelligence agencies.

    While last week's announcement and this week's announcement are both
    being presented by Google as user based initiatives not directed at
    foreign governments, Google CEO Eric Schmidt has been speaking out
    publicly and forcefully in recent months about the potential negative
    role governments can play in circumventing internet freedom.

    "While threats come from individuals and even groups of people, the
    biggest problem will be activities stemming from nations that seek to do
    harm," he said in London last month.
     
    Virus Guy, Jun 6, 2012
    #1
    1. Advertisements

  2. Virus Guy

    Shadow Guest

    Off topic here. Stories about wolves and Sheep ---> veterinary
    groups ..

    :)
     
    Shadow, Jun 8, 2012
    #2
    1. Advertisements

  3. Virus Guy

    G. Morgan Guest

    They also just enabled mutifactor authentication. Gmail users
    should have got that email a few days ago.
     
    G. Morgan, Jun 9, 2012
    #3
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.