Home Google Warns Users of Government Hacker Attacks

Google Warns Users of Government Hacker Attacks

Never mind Stuxnet’s infiltration of Iranian nuclear facilities – national governments are carrying out Internet attacks against private citizens, often their own. Now Google has stepped into the breach. If it detects an attack, the search giant says, it will warn the victim and block the perpetrator.

Diplomatic cables leaked by WikiLeaks implicated the Chinese government in hacking into alleged dissidents’ Google accounts. This incident led to Google pulling its business out of China, although since then it has inched its way back. Google wants to serve the huge Chinese user base, but it will implement new security measures to protect those who might come under attack by prying governments.

Google’s New Warning

Google announced yesterday that it will show a warning message to its users who “may be the target of state-sponsored attacks.” Moreover, it will attempt to stop third parties from maliciously logging into its users’ accounts.

“When we have specific intelligence – either directly from our users or from our own monitoring efforts – we show clear warning signs and put in place extra roadblocks to thwart these bad actors,” wrote Eric Grosse, Google’s VP of security engineering.

The new warning against state-sponsored hacking reads, “Warning: We believe state-sponsored attackers may be attempting to compromise your account or computer.” The message is followed by a link to “protect yourself now.” Google won’t provide the URL for the linked page, and the text does not retrieve any Google search results. However, a Google staffer shared some of the copy with Andy Greenberg at Forbes:

It’s likely that you received emails containing malicious attachments, links to malicious software downloads, or links to fake websites that are designed to steal your passwords or other personal information. For example, attackers have often been known to send PDF files, Office documents, or RAR files with malicious contents. We strongly recommend that you avoid clicking links or attachments in suspicious messages.

Google aims to protect its users from spoofing, phishing or malware attacks that would let these state actors gain access to the user’s private data. Unfortunately, the most vulnerable link in Google’s security is the human user. Malicious sites can appear to be Google sites asking for your password, but they could come from another domain and steal your login info. To counter such tricks, Google recommends creating a unique password with a mixture of capital and lowercase letters, numbers and punctuation marks, activating Google’s two-step authentication for login, and making sure your software is up to date.

But in the event that a state actor takes additional measures to attack a Google user, the company will display its warning message.

How Does Google Know an Attack is State-Sponsored?

Google spokespeople will not comment on the announcement beyond what is written therein. But Grosse anticipated the question of how Google knows an attack is state-sponsored:

“We can’t go into the details without giving away information that would be helpful to these bad actors,” he wrote, “but our detailed analysis – as well as victim reports – strongly suggest the involvement of states or groups that are state-sponsored.”

Google has a unique vantage point on worldwide network traffic, so it’s possible that any large operation would be visible to its security team. But it doesn’t want to show its hand to malicious hackers trying to attack its users through the back door.

What does Google do when governments knock on the front door (legally speaking) and ask for user data? That’s another story.

About ReadWrite’s Editorial Process

The ReadWrite Editorial policy involves closely monitoring the tech industry for major developments, new product launches, AI breakthroughs, video game releases and other newsworthy events. Editors assign relevant stories to staff writers or freelance contributors with expertise in each particular topic area. Before publication, articles go through a rigorous round of editing for accuracy, clarity, and to ensure adherence to ReadWrite's style guidelines.

Get the biggest tech headlines of the day delivered to your inbox

    By signing up, you agree to our Terms and Privacy Policy. Unsubscribe anytime.

    Tech News

    Explore the latest in tech with our Tech News. We cut through the noise for concise, relevant updates, keeping you informed about the rapidly evolving tech landscape with curated content that separates signal from noise.

    In-Depth Tech Stories

    Explore tech impact in In-Depth Stories. Narrative data journalism offers comprehensive analyses, revealing stories behind data. Understand industry trends for a deeper perspective on tech's intricate relationships with society.

    Expert Reviews

    Empower decisions with Expert Reviews, merging industry expertise and insightful analysis. Delve into tech intricacies, get the best deals, and stay ahead with our trustworthy guide to navigating the ever-changing tech market.