Google will begin notifying Gmail users when it thinks that their accounts are being cyber attacked by state-sponsored entities, the company announced on its online security blog on Tuesday.
The new alert, which will appear as a pink band at the top of affected users’ accounts, reads: “We believe state-sponsored attackers may be attempting to compromise your account or computer. Protect yourself now.”
Google’s VP of security engineering, Eric Grosse, further clarified the alert in the blog post, writing:
If you see this warning it does not necessarily mean that your account has been hijacked. It just means that we believe you may be a target, of phishing or malware for example, and that you should take immediate steps to secure your account…
These warnings are not being shown because Google’s internal systems have been compromised or because of a particular attack.
You might ask how we know this activity is state-sponsored. We can’t go into the details without giving away information that would be helpful to these bad actors, but our detailed analysis—as well as victim reports—strongly suggest the involvement of states or groups that are state-sponsored.
Google further advised Gmail users to use passwords with a mix of capital and lowercase letters, along with numbers, as well as enabling 2-step verificaiton in the Gmail settings.
The new alert isn’t the result of any specific set of attacks, according to Foreign Policy’s The Cable blog, which first broke the news of the changes on Tuesday.
