Google: "State-sponsored attackers may be attempting to compromise your account"

Filed Under: Featured, Google, Google Chrome, Malware, Privacy

Google has said that it will start to proactively warn internet users when it suspects that "state-sponsored attackers" have attempted to break into accounts.

In an official blog entry, Google says how it will display the warning to users of Chrome, Gmail and its search engine when it believes the users have been the target of state-sponsored attacks.

State-sponsored attackers may be attempting to compromise your account

The message reads:

Warning: We believe state-sponsored attackers may be attempting to compromise your account or computer. Protect yourself now

(Click the image above for a larger version)

The obvious question to ask is.. how does Google determine if an attack is state-sponsored or not? The problem of attribution has always been a significant one for those investigating cybercrime - as it's often extremely difficult to tell the difference between a hack conducted under the orders of an army general and one perpetrated by a lone wolf in his back bedroom.

That's a question which Google is reluctant to answer. From their blog entry:

You might ask how we know this activity is state-sponsored. We can’t go into the details without giving away information that would be helpful to these bad actors, but our detailed analysis—as well as victim reports—strongly suggest the involvement of states or groups that are state-sponsored.

That's a shame. You can imagine how anyone who sees the warning from Google of a state-sponsored attack might well get the heebie-jeebies. If a little more light was shed as to why they were warning a particular user, it might be more helpful.

As Google, points out - there's more you can do than just having a hard-to-crack password. Even if hackers who broke into your Gmail account no longer know your password, there are still things they could have done *while* they had access to your email which will allow them to continue to monitor your communications.

For instance, it's possible for someone to have tampered with your Gmail account to silently forward all messages that you receive to another account.

Gmail forwarding

Similarly, it's a good idea to check that no-one has been unexpectedly authorised to read and send email from your account.

Gmail delegation

And if you're the sort of person who might be considered a target for a state-sponsored hacking attack, what are you doing using Gmail for your sensitive communications anyway? Shouldn't you at the very least be using some form of two factor authentication to better protect your account?

This isn't, of course, the first time that Google has warned of state-sponsored attacks. Last year, it advised every Google user in Iran to check if their accounts had been hacked and - most famously - the company made headlines in early 2010, claiming that Chinese human rights activists had been targeted in an attack dubbed "Operation Aurora".

Further reading: Check out my much more detailed article about "How to stop your Gmail account being hacked".

, , ,

You might like

9 Responses to Google: "State-sponsored attackers may be attempting to compromise your account"

  1. I am quite sure this happens daily under the current administration...comrades. If people don't wake up and vote differently this year, it'll be like 1984 come November. Enjoy your freedoms while you still have them!

    • Srsly... · 1224 days ago

      Seriously - shut up. The internet needs an idiot filter for people like you. It happens with *every* administration; it always has, and always will. State-based espionage is a regular practice for every modernized nation.

      But if you really insist on turning the conversation all polarizing-political-right-winger-tea-partying-government-is-too-big-but-we-make-an-exception-for-women's-bodies-because-religion-supersedes-hypocrisy on us (okay, to be fair, most of that didn't apply to what you said, but I suspected you were thinking it so it seemed relevant), you should at least have to defend your party's alternative approach: passing a law that makes it *legal* to spy on you (via phone-tapping)..... comrade. Hold on to your tin-foil hat, because the polls say it's close so far. Jerk.

  2. Vito · 1224 days ago


    I'm not fan of the current thugs in power, but your premise that electing different thugs is going to make any difference is simply a delusion. The American Revolution was founded on the principles articulated in the Declaration of Independence, not on the system of elected thuggery that the Constitution subsequently established --- a system that has undermined the very spirit of the Declaration of Independence. The revolutionary idea was that we don't need ANY thugs telling us what to do.

    Get it? Replacing the lone thug in Buckingham Palace with one in the White House and a mess of others on Capitol Hill has just made the mess more complicated. In fact, it has made it much easier to maintain the delusion that we are "free" because we get to choose our tyrants. What rubbish.

    If you're serious about freedom, you're going to have to disabuse yourself of the delusion that the only way to get it is by giving someone else the power to take it away from you.

    • Dai · 1223 days ago

      Is this a blog about states hacking into accounts, servers etc. or is it a public venue for various political factions? Surely the point is that if the state makes laws that ban hacking and then hack themselves, it leaves it wide open for anyone else to get into hacking - without being persecuted. In the end it is a free for all, or one law for them and one for the 99% (that's me). The latter is hypocrisy the former will kill the internet for normal users

  3. Freida Gray · 1224 days ago

    So...if Google doesn't think the attack is state-sponsored it won't warn you? this a generic warning that Google uses for all attacks?

  4. Robert · 1223 days ago

    Will Google warn us when the U.S. conducts this type of activity?

  5. Jack · 1222 days ago

    As was stated, any government will look internally for problems, it's cheap and makes sense. However if we don't send a message to our elected officials that data is personal and needs protection, we will all get run over by persons 'thinking they are doing right' by sifting through our data items and making good assumptions about where and what you have been up to. One of the worst is probably religious presumptions. The US has always stated that there is a "separation between church and state", but even the 'blue' laws are still in effect in some areas. The 'blue' laws prevent you from purchasing items because you should be going to church! . Like can't buy alcohol, tennis shoes or other items.Some of the major camera retailers in NY are not available on Saturday because that's their day of rest, so it doesn't apply to all. Then there's Google, I can't even find the the 'settings' option and it is not mentioned in any useful way in the help section of Google. Another example is that of Medical Marijuana. Many states have OK'd the use if for medical applications, but our government wants to override this and prosecute some very sick people. Even though a large number of the people want this, the US government won't even let it be acceptable to be investigated by science groups. Only groups that seem to denounce it are acceptable to the US even though our neighbor Canada uses it and had little trouble with it.

  6. Internaut · 1215 days ago

    The seven previous responses went all the way from bigotry to marijuana with a lot of verbal vomit in between.

    Come on guys - the blame lay with the hackers, not party-backers, priests, or pot-heads.

  7. Paul · 1103 days ago

    To me, I know it clearly, that the Chinese Communist Party is attaching me. It is state-sponsored.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog at, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Follow him on Twitter at @gcluley