Hackers Target Thousands of GMails

Uploaded on 2016-07-20 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms


For four years, Google has been notifying Gmail customers when they come under attack from hackers who may be working for foreign governments. The company has long remained vague about the way it detects and identifies these hackers, “we can’t reveal the tip-off,” the company tells users, and about the number of notifications it routinely sends. Until now.

When these warnings were introduced, they appeared as thin red bars tacked to the top of users’ inboxes. But just a few months ago, Google redesigned the notifications to be considerably more in-your-face: Now, they take up the entire screen, announcing themselves with an angry red flag. “Government-backed hackers may be trying to steal your password,” the alert reads, advising users to enable two-factor authentication.

The new alert says that fewer than one in a thousand Gmail users are targeted by foreign hackers—but for a product with more than a billion active users, that could still be a really big number. (0.1 percent of 1 billion is 1 million.)

Recently Google provided its most precise estimate ever of the number of cyberattacks it detects that target Gmail users. Speaking at Fortune’s Brainstorm Tech conference in Aspen, Colorado, Google Senior Vice President Diane Greene said the company notifies 4,000 users each month of state-sponsored cyber-attacks, Reuters reported.

Google began delivering notifications about state-sponsored hacking attempts long before its peers, but starting last year, Microsoft, Twitter, Facebook, and Yahoo said they would send similar notifications to their compromised users as well.

Intelligence officials have repeatedly identified state-sponsored hacking as one of the foremost threats to the US in speeches and congressional hearings. In a “worldwide threat assessment” delivered to the Senate Armed Services Committee last year, James Clapper, the director of national intelligence, said that cyberattacks are “increasing in frequency, scale, sophistication and severity of impact.”

The Justice Department has aggressively brought charges against several groups of state-sponsored hackers this year, adding two Syrians and seven Iranians to the FBI’s most wanted list for cybercrime in the span of weeks. With its campaign to “name and shame” the hackers, the FBI says it wants to hold countries that support hackers accountable.

Google’s notifications, like those of its peers, don’t name the country where the suspected cyberattacks come from. But if the notifications get recipients to change passwords and activate two-factor authentication, the hackers behind them could find their jobs getting a little harder.

NextGov:

« Retail Banks Will be Dead Within A Decade
Industrialisation Of Cybercrime Is Disrupting Business »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Certes

Certes

Certes is a pioneer in delivering cutting-edge security technology solutions, with a specific focus on Data Protection Risk Mitigation (DPRM).

Citicus

Citicus

Citicus provides world-class security, risk and compliance management software, plus supporting services.

OpenText

OpenText

OpenText is a leader in Enterprise Information Management software and a portfolio of related solutions for Information Governance, Compliance, Information Security and Privacy.

Center for Long-Term Cybersecurity (CLTC)

Center for Long-Term Cybersecurity (CLTC)

The Center for Long-Term Cybersecurity is developing and shaping cybersecurity research and practice based on a long-term vision of the internet and its future.

Innovasec

Innovasec

Innovasec provide information security consulting and training services.

NETRIO

NETRIO

If you are looking for a highly mature, exceptionally competent Managed Service Provider, NETRIO has solutions to keep your business running at warp speed with zero disruptions.

NOW Insurance

NOW Insurance

NOW Insurance provides small business owners and other professional classes with a seamless purchasing experience for general liability, professional liability, and cybersecurity insurance coverage.

Chartered Institute of Information Security (CIISec)

Chartered Institute of Information Security (CIISec)

CIISec is dedicated to helping individuals and organisations develop capability and competency in cyber security.

Abertay cyberQuarter

Abertay cyberQuarter

The Abertay cyberQuarter is a cybersecurity research and development centre housed within Abertay University.

Vaultree

Vaultree

We believe in an encrypted tomorrow. Vaultree technology enables a foundational change in how we communicate with each other: Safely!

Primary Guard

Primary Guard

Primary Guard provides IT solutions and computing technologies that help minimize impact from cyber threats, improve business efficiency and maintain essential functions during or after a disaster.

CryptoNext Security

CryptoNext Security

CryptoNext provides optimal end-to-end post-quantum cybersecurity remediation tools and solutions for IT/OT infrastructures & applications.

Centric Consulting

Centric Consulting

Centric Consulting is an international management consulting firm with unmatched expertise in business transformation, AI strategy, cyber risk management, technology implementation and adoption. 

Judy Security

Judy Security

Judy (formerly AaDya Security) provides smart, simple, effective, all-in-one cybersecurity for SMBs. Get the 24/7 protection and support you deserve, at a price you can afford.

Capzul

Capzul

Capzul are transforming the network security landscape with a new approach; creating virtually impenetrable networks, precluding cybercriminal attacks on your network ecosystem.

Nexio

Nexio

We are Nexio. We help organisations take every NEXT step toward their accelerated digital transformation.