Google issues warnings regarding state-sponsored cyberattacks
Tens of thousands of users recently received a message on their Gmail accounts, Google homepages or Chrome browsers warning that they may be at risk of a state-sponsored account, the New York Times Bits blog reported.
Tens of thousands of users recently received a message on their Gmail accounts, Google homepages or Chrome browsers warning that they may be at risk of a state-sponsored account, the New York Times Bits blog reported.
“We believe that state-sponsored attackers may be attempting to compromise your account or computer,” the message cautioned users. Some individuals first received such a warning in June, the Times said, but an investigation by Google revealed new intelligence that prompted the company to alert many more people that they may be targeted.
Google information security manager Mike Wiacek told the Times that Google had witnessed an increase in state-sponsored threats coming from the Middle East, specifically. He said that the source of such activity was in “a slew of different countries.” The Times also recently reported on the expanded use of spyware by countries such as Turkmenistan and Bahrain to monitor civilians abroad, and reporters noted that a series of recent attacks on banks originated from hackers claiming ties to the Middle East as well.
Since June, Google has investigated attacks on its users and turned up more instances of what appear to be state-sponsored Internet security threats. Wiacek told the Times that Google users may want to take advantage of its products security features and other measures to protect themselves.
Steps for protection
Wiacek specifically advised users, particularly those who had received the warning message, to change their account passwords, to enable Google’s two-step authentication service and to keep all software versions updated on their computer. Users may want to adopt certain password security measures recommended by experts. A prior New York Times Bits post pointed out a few basic measures that will improve data security, which echoed the advice to change passwords frequently. Other tips involve not reusing passwords, choosing security questions without answers that someone can find online and avoiding regular dictionary words.
A recent study showed that as many as six in 10 users reuse the same few passwords, largely out of the convenience of not having to remember too many different phrases. The Times cautioned against this, also emphasizing that users should not store passwords in their email inbox.
Instead, individuals can use password manager software such as LastPass or DirectPass. These programs can store users’ passwords, or even automatically generate a different secure combination for each individual site, all under control of a single master password.
Security News from SimplySecurity.com by Trend Micro
Spotlight
Cloud Computing
- Cloud security group develops third-party certification program
- US makes large investment in cyber weaponry
- Wall Street has data security concerns over Bloomberg reporting
- Security in backups means more than just encryption
Virtualization
- Virtualization-specific challenges could threaten data security
- Evolving threats put security skills in high demand
- Virtualization security requires education, access control management
- Tips for launching effective virtual security tools
Internet Safety
- Virtualization-specific challenges could threaten data security
- Evolving threats put security skills in high demand
- Virtualization security requires education, access control management
- Tips for launching effective virtual security tools
Vulnerabilities & Exploits
CTO Insights
First Line of Defense
Newsletter
Stay up to date with the latest news and information on online threats.
Recent News
- Twitter now offers two-factor authentication
- DHS needs better sharing plan, experts say
- Cloud security group develops third-party certification program
- US makes large investment in cyber weaponry
Tag Cloud
cloud cloud computing cloud computing security Cloud Security Compliance & Regulations Consumerization Current News cybercrime Data Privacy data security Encryption Government Policy Internet Protection Internet Safety Internet Safety - DO NOT USE Internet Security Malware Mobile Security Mobility Policy Policy - DO NOT USE Privacy Privacy & Policy Private Cloud Public Cloud Reports Research Spotlight threat intelligence threat research Trend Labs Underground Economy virtualization Vulnerabilities Vulnerabilities - DO NOT USE web security web threats
Comments
No comments yet