We
are constantly on the lookout for malicious activity on our systems, in
particular attempts by third parties to log into users’ accounts
unauthorized. When we have specific intelligence—either directly from
users or from our own monitoring efforts—we show clear warning signs and
put in place extra roadblocks to thwart these bad actors.
Today, we’re taking that a step further for a subset of our users, who we believe may be the target of state-sponsored attacks. You can see what this new warning looks like here:
If you see this warning it does not necessarily mean that your account has been hijacked. It just means that we believe you may be a target, of phishing or malware for example, and that you should take immediate steps to secure your account. Here are some things you should do immediately: create a unique password that has a good mix of capital and lowercase letters, as well punctuation marks and numbers; enable 2-step verification as additional security; and update your browser, operating system, plugins, and document editors. Attackers often send links to fake sign-in pages to try to steal your password, so be careful about where you sign in to Google and look for https://accounts.google.com/ in your browser bar. These warnings are not being shown because Google’s internal systems have been compromised or because of a particular attack.
You might ask how we know this activity is state-sponsored. We can’t go into the details without giving away information that would be helpful to these bad actors, but our detailed analysis—as well as victim reports—strongly suggest the involvement of states or groups that are state-sponsored.
We believe it is our duty to be proactive in notifying users about attacks or potential attacks so that they can take action to protect their information. And we will continue to update these notifications based on the latest information. The comments you read here belong only to the person who posted them. We do, however, reserve the right to remove off-topic comments.
Today, we’re taking that a step further for a subset of our users, who we believe may be the target of state-sponsored attacks. You can see what this new warning looks like here:
If you see this warning it does not necessarily mean that your account has been hijacked. It just means that we believe you may be a target, of phishing or malware for example, and that you should take immediate steps to secure your account. Here are some things you should do immediately: create a unique password that has a good mix of capital and lowercase letters, as well punctuation marks and numbers; enable 2-step verification as additional security; and update your browser, operating system, plugins, and document editors. Attackers often send links to fake sign-in pages to try to steal your password, so be careful about where you sign in to Google and look for https://accounts.google.com/ in your browser bar. These warnings are not being shown because Google’s internal systems have been compromised or because of a particular attack.
You might ask how we know this activity is state-sponsored. We can’t go into the details without giving away information that would be helpful to these bad actors, but our detailed analysis—as well as victim reports—strongly suggest the involvement of states or groups that are state-sponsored.
We believe it is our duty to be proactive in notifying users about attacks or potential attacks so that they can take action to protect their information. And we will continue to update these notifications based on the latest information. The comments you read here belong only to the person who posted them. We do, however, reserve the right to remove off-topic comments.
It is hard enough for us to get the message across in the west, in places where state sanctioned violence is commonplace, say Syria for example, then this initiative by Google is invaluable.
It does in my book keep you above Microsoft.
I had this happen a few months ago. I got a rather worthless message after the fact (I did have a secondary email registered for such reasons) stating that my account had been compromised and I was alerted that there were current sessions open (in the Eastern block of Europe - I'm in Canada).
What boggles my mind is that Google's "crack security team" here had really nothing to offer other than "close the sessions" and change the password.
What Google and you are telling the entire world is that Google's security team is lazy; rather than just detect and log the incident, how about block/ignore/redirect brute force requests/logins?
Seriously, you guys want us to trust you with something like Google+ and this is what you have to offer for security? Fail!
People Republic of China
Well, you are not being evil, after all.
regards
www.diaryfolio.com
For example i'm infected with some type of rootkit, which added my PC to botnet. My AV system doesn't alerts me - do Google system will alert me?
@eroei1021: given that Stuxnet, Duqu, Flame do not, to the best of my knowledge, rely on phishing emails as a delivery vector, this would not apply to them.
What steps can we take to insure that authorities and majorities are not able to trample on our rights to life, liberty, and property?
Oh, and could you please get one of your writers to pick a dictionary and use a slightly more specific qualifier than 'bad' for the actors? What is 'bad' anyway? Sure Google is a young high tech company, but dismissing 2000 years of research into human morality by using such childish language : 'the good guys vs. the bad guys' is way below the level of maturity we've come to expect out of google.
Eric Grosse