Google said Tuesday that the company will alert its users when it thinks they may be the target of a state-sponsored cyberattack.
In a company blog post Tuesday, Eric Grosse, Google’s vice president of security engineering, said Google will display a warning when it detects a suspected attack on a user’s account. Such attacks, the company said, could take the form of malicious software or of deceptive “phishing” e-mails that trick users into giving up their user names and passwords.
The message will read, “Warning: we believe state-sponsored attackers may be attempting to compromise your account or computer. Protect yourself now."
Security experts see Google’s move as a smart, natural step for e-mail and Internet service providers.
“It’s the new reality of operating these cloud-based e-mail services when you have millions of customers,” said Matt Devost, president of Fusion X, a cybersecurity firm. Google already does a good job of filtering out spam or junk e-mail, he said. “Why wouldn’t they apply that expertise to filtering out malware?”
Google also sees immense amounts of data flowing across its servers and, like many large and sophisticated information technology companies, has the capability to detect signs of malicious activity from foreign adversaries.
“This is the inevitable maturity of alert services” for such companies, Devost said. “It’s a very natural progression. I’d love to see more of it.”
Google would not say how it detects that the attacks are state-sponsored, only that its analysis, combined with reports from victims of the attacks, “strongly suggest” when a group has state backing.
Grosse said that users who see the alert haven’t necessarily been targeted but that as a precaution they should update their passwords, Internet browsers and operating systems when they see it.
“We believe it is our duty to be proactive in notifying users about attacks or potential attacks so that they can take action to protect their information,” Grosse wrote. “And we will continue to update these notifications based on the latest information.”