Two years ago, Google took the unusual move of going public with information that its network had been hacked and that the intruders were interested in getting into the Gmail accounts of political activists.
Now the company has taken the unprecedented move of providing online security warnings for users who might be the target of state-sponsored spying.
In a blog post published Tuesday, the company said that for a “subset” of users who the company believes may be the target of state-sponsored attacks, they would be providing a message, in black type on a pink background, that will appear at the top of the user’s account page.
“We are constantly on the lookout for malicious activity on our systems, in particular attempts by third parties to log into users’ accounts unauthorized,” writes Eric Grosse, vice president of security engineering in the post. “When we have specific intelligence—either directly from users or from our own monitoring efforts—we show clear warning signs and put in place extra roadblocks to thwart these bad actors.”
This raises the obvious question, of course–how Google can determine that the activity is state-sponsored. Google anticipated the question:
“We can’t go into the details without giving away information that would be helpful to these bad actors, but our detailed analysis—as well as victim reports—strongly suggest the involvement of states or groups that are state-sponsored.”
The company said that if you receive a warning message like this in your account, it doesn’t necessarily mean your account has been hijacked.
“It just means that we believe you may be a target, of phishing or malware for example, and that you should take immediate steps to secure your account,” Grosse writes. “These warnings are not being shown because Google’s internal systems have been compromised or because of a particular attack.”
No word on whether Google will still notify users if it has reason to believe the state doing the spying is the US.