07 June 2012

Google Online Security Blog: Security warnings for suspected state-sponsored attacks

We are constantly on the lookout for malicious activity on our systems, in particular attempts by third parties to log into users’ accounts unauthorized. When we have specific intelligence—either directly from users or from our own monitoring efforts—we show clear warning signs and put in place extra roadblocks to thwart these bad actors.

Today, we’re taking that a step further for a subset of our users, who we believe may be the target of state-sponsored attacks. You can see what this new warning looks like here:





If you see this warning it does not necessarily mean that your account has been hijacked. It just means that we believe you may be a target, of phishing or malware for example, and that you should take immediate steps to secure your account. Here are some things you should do immediately: create a unique password that has a good mix of capital and lowercase letters, as well punctuation marks and numbers; enable 2-step verification as additional security; and update your browser, operating system, plugins, and document editors. Attackers often send links to fake sign-in pages to try to steal your password, so be careful about where you sign in to Google and look for https://accounts.google.com/ in your browser bar. These warnings are not being shown because Google’s internal systems have been compromised or because of a particular attack.

You might ask how we know this activity is state-sponsored. We can’t go into the details without giving away information that would be helpful to these bad actors, but our detailed analysis—as well as victim reports—strongly suggest the involvement of states or groups that are state-sponsored.

We believe it is our duty to be proactive in notifying users about attacks or potential attacks so that they can take action to protect their information. And we will continue to update these notifications based on the latest information.

Google Online Security Blog: Security warnings for suspected state-sponsored attacks

Sadly, the US is just as responsible for those sort of actions as foreign actors. Stuxnet was built for this offensive purpose before there was a threat worth speaking about publicly. Now that it has become all but admitted to being an American attack, the fallout and backlash is not unexpected. State-sponsored terrorism starts here as an act of aggression, rather than abroad. The US can't play the victim card this time. Rather  than taking a defensive position, the US seems bent on preemptive attack. How's that for Hope and Change™? The more things change...

Cheat Sheet: Behind the U.S. Cyberattacks on Iran

No comments:

Post a Comment