Hackers Target Thousands of GMails


For four years, Google has been notifying Gmail customers when they come under attack from hackers who may be working for foreign governments. The company has long remained vague about the way it detects and identifies these hackers, “we can’t reveal the tip-off,” the company tells users, and about the number of notifications it routinely sends. Until now.

When these warnings were introduced, they appeared as thin red bars tacked to the top of users’ inboxes. But just a few months ago, Google redesigned the notifications to be considerably more in-your-face: Now, they take up the entire screen, announcing themselves with an angry red flag. “Government-backed hackers may be trying to steal your password,” the alert reads, advising users to enable two-factor authentication.

The new alert says that fewer than one in a thousand Gmail users are targeted by foreign hackers—but for a product with more than a billion active users, that could still be a really big number. (0.1 percent of 1 billion is 1 million.)

Recently Google provided its most precise estimate ever of the number of cyberattacks it detects that target Gmail users. Speaking at Fortune’s Brainstorm Tech conference in Aspen, Colorado, Google Senior Vice President Diane Greene said the company notifies 4,000 users each month of state-sponsored cyber-attacks, Reuters reported.

Google began delivering notifications about state-sponsored hacking attempts long before its peers, but starting last year, Microsoft, Twitter, Facebook, and Yahoo said they would send similar notifications to their compromised users as well.

Intelligence officials have repeatedly identified state-sponsored hacking as one of the foremost threats to the US in speeches and congressional hearings. In a “worldwide threat assessment” delivered to the Senate Armed Services Committee last year, James Clapper, the director of national intelligence, said that cyberattacks are “increasing in frequency, scale, sophistication and severity of impact.”

The Justice Department has aggressively brought charges against several groups of state-sponsored hackers this year, adding two Syrians and seven Iranians to the FBI’s most wanted list for cybercrime in the span of weeks. With its campaign to “name and shame” the hackers, the FBI says it wants to hold countries that support hackers accountable.

Google’s notifications, like those of its peers, don’t name the country where the suspected cyberattacks come from. But if the notifications get recipients to change passwords and activate two-factor authentication, the hackers behind them could find their jobs getting a little harder.

NextGov:

« Retail Banks Will be Dead Within A Decade
Industrialisation Of Cybercrime Is Disrupting Business »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

CloudEndure

CloudEndure

CloudEndure offers Disaster Recovery and Continuous Replication for the Cloud.

Veracode

Veracode

Veracode delivers the most widely used cloud-based platform for securing web, mobile, legacy and third-party enterprise applications.

Commissum

Commissum

Commissum specialise in information assurance and security testing services.

SecurePay

SecurePay

SecurePay is Australia's premier payment gateway, with a range of secure online payment solutions for online retailers, SMEs and enterprise businesses.

Secure-NOK

Secure-NOK

Secure-NOK provides products and solutions that detect and remove security attacks and harmful events in industrial networks and control systems.

Hypersecu Information Systems

Hypersecu Information Systems

Hypersecu Information Systems, Inc. is a solution provider dedicated to multi-factor authentication, public key infrastructure and software copyright protection.

Computer Network Defence (CND)

Computer Network Defence (CND)

Computer Network Defence (CND) are a Broad-Spectrum Cyber Security Consultancy and Recruitment Agency.

Solidified

Solidified

Solidified is the largest audit platform for smart contracts. Our community has the highest concentration of top Blockchain security specialists and best-in-class code auditors.

Prove Identity

Prove Identity

Prove (formerly Payfone) is a leader in mobile & digital identity authentication for the connected world.

StartupXseed Ventures

StartupXseed Ventures

StartupXseed Ventures is a smart capital provider for Deep Tech, B2B, Early Stage Startups. We support, NextGen Tech Entrepreneurs, who have potential to deliver the outsized growth.

Sentrium Security

Sentrium Security

Sentrium is committed to helping organisations protect their technology, information and people. Our range of bespoke services provide solutions to tackle a broad range of cyber security challenges.

Eureka Security

Eureka Security

Eureka help organizations securely use any cloud data storage technology they need without having to compromise on security.

Telit Cinterion

Telit Cinterion

Telit Cinterion is a global enabler of the intelligent edge providing highly secure IoT solutions, modules and services.

Security Risk Advisors (SRA)

Security Risk Advisors (SRA)

Security Risk Advisors deliver cybersecurity services to leading companies in the Financial Services, Healthcare, Pharmaceuticals, Technology and Retail industries.

Start-Up Chile (SUP)

Start-Up Chile (SUP)

Start-Up Chile is a business accelerator program created by the Chilean Government for high-potential tech entrepreneurs.

Sola Security

Sola Security

Sola Security is a cyber security startup company currently in Stealth mode.