Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Google warns users of 'state-sponsored' hacks

Gregg Keizer | June 6, 2012
Google began warning users today of its Gmail online email services when it suspects they may be targets of "state-sponsored" attacks.

Grosse did not explain what event, if any, sparked Google to roll out today's warning.

But sophisticated cyber-weapons believed to be state-backed have been in the news of late.

Last week, security researchers announced they had found a sophisticated espionage tool, which they called "Flame" (and in some cases, "Flamer"). Flame pilfered vast amounts of data from Middle Eastern computers, most of them located in either Iran or Palestine.

Some experts believe that because of its size and complexity, as well as the need to digest the huge amount of data is hoovers, Flame is probably state-sponsored.

And just last Friday, the New York Times reported that President Barack Obama had ordered cyberattacks against Iran -- using the Stuxnet worm -- in an attempt to disrupt or delay that nation's nuclear fuel enrichment program.

Gmail-specific warnings are also not new. Since March 2010, Google has notified Gmail users when it suspects account hacking attempts. Google triggers that alert in part on the Internet Protocol (IP) address of each successful log-on.

Google's state-sponsored warning includes a link to a page on Google's Help website, where the company hinted at why it issued the alert.

"It's likely that you received emails containing malicious attachments, links to malicious software downloads, or links to fake websites that are designed to steal your passwords or other personal information," the help page states.

That page also repeated some of what Grosse had written.

"It's important to note that Google's internal systems are not compromised and that this message does not refer to one specific campaign," the page read. "We routinely receive abuse reports from users, as well as from our internal systems that monitor for suspicious login attempts and other activity."

Google urged users who receive the warning to update their software, including their browsers, operating systems and browser plug-ins; ensure they're logging onto the legitimate Gmail website of; and use Gmail's two-factor authentication.

The latter sends a second password to the user's pre-defined phone number before allowing log-on.


Previous Page  1  2 

Sign up for CIO Asia eNewsletters.