Google to alert users about state-sponsored cyberattacks

Google said Tuesday that the company will alert its users when it thinks they may be the target of a state-sponsored cyberattack.

In a company blog post Tuesday, Eric Grosse, Google’s vice president of security engineering, said Google will display a warning when it detects a suspected attack on a user’s account. Such attacks, the company said, could take the form of malicious software or of deceptive “phishing” e-mails that trick users into giving up their user names and passwords.

More tech stories

Parking doesn’t have to be a hassle

Parking doesn’t have to be a hassle

Meet the man who wants to make parking in a garage as fun as riding in an Uber.

Big data: A double-edged sword

Big data: A double-edged sword

New information will improve our health and prevent crimes, but uncover skeletons and hurt privacy.

White House updating online privacy policy

White House updating online privacy policy

A new Obama administration privacy policy explains how the government will gather the user data of online visitors to, mobile apps and social media sites, and it clarifies that online comments, whether tirades or tributes, are in the open domain.

The message will read, “Warning: we believe state-sponsored attackers may be attempting to compromise your account or computer. Protect yourself now."

Security experts see Google’s move as a smart, natural step for e-mail and Internet service providers.

“It’s the new reality of operating these cloud-based e-mail services when you have millions of customers,” said Matt Devost, president of Fusion X, a cyber­security firm. Google already does a good job of filtering out spam or junk e-mail, he said. “Why wouldn’t they apply that expertise to filtering out malware?”

Google also sees immense amounts of data flowing across its servers and, like many large and sophisticated information technology companies, has the capability to detect signs of malicious activity from foreign adversaries.

  “This is the inevitable maturity of alert services” for such companies, Devost said. “It’s a very natural progression. I’d love to see more of it.”

Google would not say how it detects that the attacks are state-sponsored, only that its analysis, combined with reports from victims of the attacks, “strongly suggest” when a group has state backing.

Grosse said that users who see the alert haven’t necessarily been targeted but that as a precaution they should update their passwords, Internet browsers and operating systems when they see it.

“We believe it is our duty to be proactive in notifying users about attacks or potential attacks so that they can take action to protect their information,” Grosse wrote. “And we will continue to update these notifications based on the latest information.”

Read what others are saying