© 2024 Blaze Media LLC. All rights reserved.
What Should You Do If Google Warns Your Account Was Compromised in a State-Sponsored Attack?

What Should You Do If Google Warns Your Account Was Compromised in a State-Sponsored Attack?

"It just means that we believe you may be a target, of phishing or malware for example..."

BEIJING (The Blaze/AP) -- "Warning: We believe state-sponsored attackers may be trying to compromise your account or computer."

This is the message you will see from Google from now on should your account ever become compromised. The company announced that it added this feature Tuesday as a precaution for users. Although Google didn't specify a specific government, it did closed its search engine in China in 2010 after saying it no longer wanted to cooperate with Beijing's Internet censorship following hacking attacks traced to China.

In a blog post, Vice President of Security Engineering Eric Grosse wrote:

If you see this warning it does not necessarily mean that your account has been hijacked. It just means that we believe you may be a target, of phishing or malware for example, and that you should take immediate steps to secure your account. [...] These warnings are not being shown because Google’s internal systems have been compromised or because of a particular attack.

Google cannot say how it knows activity is state-sponsored without giving information that would help attackers, Grosse wrote. But detailed analysis and victim reports "strongly suggest the involvement of states or groups that are state-sponsored," he wrote.

Here are a couple things Grosse suggests you do if you see this message:

  • Create a new, unique password. Be sure to make it a mix of capital and lowercase letters with punctuation marks and numbers.
  • Enable "2-step verification"
  • Update your browser and operating system.
  • Be wary of fake sign-in pages. When signing into Google, you should see "https://accounts.google.com/"

PC World explains 2-step verification is a function that uses your cellphone to confirm identity:

While in many cases it's a secure method of authentication, some security experts believe it's a method ripe for hacker exploitation.

For example, users can be lured to a website with the promise of free gift cards or some such. During the registration process, users can be asked for their email address and their verification code. With those two pieces of information, anyone can break into the user's account and engage in all sorts of mischief.

Check out this quick Google video for more tips on setting a safe password:

A report in November by U.S. intelligence agencies said Chinese and Russian intelligence services and companies with state ties systematically break into American computer systems to steal commercial information.

(Related: Security Company: China linked to cyber attacks on 48 chemical and defense companies)

Western security experts say China's military is a leader in cyberwarfare research.

Beijing has rejected suggestions by Western security experts that its military or government agencies were involved in the Google hacking. But it has not responded publicly to appeals by U.S. Secretary of State Hillary Rodham Clinton and other officials to help investigate hacking attacks.

Google's latest move comes after the company added a feature to its Chinese-language search engine in Hong Kong last week that warns users in China who enter search keywords that might produce blocked results. It highlights which terms might trigger filters, challenging official Chinese efforts to conceal censorship.

Google's 2010 announcement that it was closing its search engine in China said email accounts of human rights activists critical of China had been hacked. The company said some of its intellectual property also was stolen in a separate attack that targeted at least 20 other large companies.

Last year, Google said computer hackers in China broke into the personal Gmail accounts of several hundred people, including senior U.S. government officials, military personnel and political activists. That intrusion was based on less sophisticated trickery used to obtain passwords and other information.

Grosse ended his post writing "We believe it is our duty to be proactive in notifying users about attacks or potential attacks so that they can take action to protect their information."

Featured image via Shutterstock. 

Want to leave a tip?

We answer to you. Help keep our content free of advertisers and big tech censorship by leaving a tip today.
Want to join the conversation?
Already a subscriber?