Google has begun warning Gmail users when it suspects they may be targets of state-sponsored email cyberattacks, much like the one Google itself faced two years ago.
The alert will appear as a pop-up below the Google navigation bar in a user's Gmail account page and read, "We believe state-sponsored attackers may be attempting to compromise your account or computer," Google announced in an Online Security blog post yesterday (June 5).
"If you see this warning, it does not necessarily mean that your account has been hijacked," Google's vice president of security engineering, Eric Grosse, wrote. "It just means that we believe you may be a target, or phishing or malware for example, and that you should take immediate steps to secure your account."
In 2009, hackers widely assumed to be working for the Chinese government hit Google, Morgan Stanley, DuPont and about 200 other targets in the "Aurora" cyberattack designed to steal confidential information from major American companies. State-sponsored attacks differ from those backed by Eastern European cybercriminals, which traditionally are deployed to steal money rather than information.
Grosse said Google "can't go into the details" of how it knows which email attacks are state-sponsored "without giving away information that would be helpful to these bad actors."
If you receive the warning, Google suggests you immediately change your password to something more secure, enable two-step verification, and update your browser, plugins and operating system. Google also warned users to be on the lookout for spoofed sign-in pages trying to steal passwords.
Yesterday's warning is Google's second such proactive security measure taken in the past few weeks. On May 22, Google announced that it would alert Internet users if their computers or home routers were still infected with the DNSChanger Trojan, a sophisticated piece of malware that has landed on 500,000 computers.