Do you have a Gmail account? Google is loudly warning users about “suspected state sponsored attacks.”
When the Mountain View, Calif., company believes a particular account is under assault, it has begun flashing on that user’s screen: “Warning: We believe state-sponsored attackers may be attempting to compromise your account or computer.”
Google's warning about suspected Gmail attacks.
Google vice president Eric Grosse wrote in a blog post:
If you see this warning it does not necessarily mean that your account has been hijacked. It just means that we believe you may be a target, of phishing or malware for example, and that you should take immediate steps to secure your account…
You might ask how we know this activity is state-sponsored. We can’t go into the details without giving away information that would be helpful to these bad actors, but our detailed analysis -- as well as victim reports -- strongly suggest the involvement of states or groups that are state-sponsored.
All eyes immediately turned to China. Google did not name any nations in its announcement, but just a few days ago, it did announce announced its intent to help Chinese users sidestep censorship. When a Chinese user conducts a search that Google believes may produce censored results, it notes the possibility of censorship and suggests alternative terms that may yield better, unfiltered results.
China’s newest move in this long-running tit-for-tat with Google seems to be a step it has taken in the past: targeting Gmail.
A year ago, South Korean officials, human rights activists, and others may have had their Gmail accounts compromised by Chinese hackers, according to press reports at the time. This time, the attacks may be way beyond academic. Foreign Policy reported on Tuesday: “A senior Senate aide confirmed that this evening he received a warning on his Gmail account that Google suspected he had been the target of a state-sponsored cyber attack.”
It is a big deal when Google tells an inside-the-Beltway power broker that foreign governments are attempting to infiltrate his email account.
The Cable, a blog on Foreign Policy, elaborated on the matter:
Google insiders told The Cable that Google will not be giving out information on which governments it sees as the most egregious violators of web privacy…
“We’re constantly working to prevent harmful activity on our services, especially attempts to compromise our users' information,” the insider said. “The primary message is: we believe that you're a target so you should take immediate steps to protect your account.”
The security researcher Christopher Soghoian put up a tantalizing Tweet: “If the NSA, as part of its relationship with Google, shared foreign state attacker info, would Google reveal NSA was the source? Doubtful.” In a Tweeted response to a question that I asked, Soghoian wrote: “There is no way to know the source of Google's state attacker warnings. Could be NSA, could be google's own security team.”
In the meantime, Marc Ambinder, a journalist on the security beat, posted to his Twitter account: “Google sends me this message: ‘...state-sponsored attackers may be attempting to compromise your account or computer.’ Thanks, China.” That Tweet may mean China is attempting to infiltrate journalists’ accounts. Ambinder had not responded to a request for elaboration at the time of this writing.
What triggered the loud Google announcement? The Wall Street Journal reported that the US government may be behind Google’s warning: “Google and other U.S. technology companies... have been under increasing pressure from the U.S. government to push back.” That means against attempts not just by China, but also by governments in the Middle East and Asia, to monitor Internet traffic, according to the paper.
Twitter users across Asia apparently have been posting that they have received the Gmail warning. However, according to the WSJ, “some users were disappointed not to have received a warning, taking it as a sign their activist chops weren't up to snuff.”
China’s government has not responded to press inquiries about its possible role in attempts to hack Gmail accounts, but it rarely responds directly to such questions.
— Robert McGarvey has been online and writing about the Internet for nearly 25 years.