Hackers Target Thousands of GMails

Uploaded on 2016-07-20 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms


For four years, Google has been notifying Gmail customers when they come under attack from hackers who may be working for foreign governments. The company has long remained vague about the way it detects and identifies these hackers, “we can’t reveal the tip-off,” the company tells users, and about the number of notifications it routinely sends. Until now.

When these warnings were introduced, they appeared as thin red bars tacked to the top of users’ inboxes. But just a few months ago, Google redesigned the notifications to be considerably more in-your-face: Now, they take up the entire screen, announcing themselves with an angry red flag. “Government-backed hackers may be trying to steal your password,” the alert reads, advising users to enable two-factor authentication.

The new alert says that fewer than one in a thousand Gmail users are targeted by foreign hackers—but for a product with more than a billion active users, that could still be a really big number. (0.1 percent of 1 billion is 1 million.)

Recently Google provided its most precise estimate ever of the number of cyberattacks it detects that target Gmail users. Speaking at Fortune’s Brainstorm Tech conference in Aspen, Colorado, Google Senior Vice President Diane Greene said the company notifies 4,000 users each month of state-sponsored cyber-attacks, Reuters reported.

Google began delivering notifications about state-sponsored hacking attempts long before its peers, but starting last year, Microsoft, Twitter, Facebook, and Yahoo said they would send similar notifications to their compromised users as well.

Intelligence officials have repeatedly identified state-sponsored hacking as one of the foremost threats to the US in speeches and congressional hearings. In a “worldwide threat assessment” delivered to the Senate Armed Services Committee last year, James Clapper, the director of national intelligence, said that cyberattacks are “increasing in frequency, scale, sophistication and severity of impact.”

The Justice Department has aggressively brought charges against several groups of state-sponsored hackers this year, adding two Syrians and seven Iranians to the FBI’s most wanted list for cybercrime in the span of weeks. With its campaign to “name and shame” the hackers, the FBI says it wants to hold countries that support hackers accountable.

Google’s notifications, like those of its peers, don’t name the country where the suspected cyberattacks come from. But if the notifications get recipients to change passwords and activate two-factor authentication, the hackers behind them could find their jobs getting a little harder.

NextGov:

« Retail Banks Will be Dead Within A Decade
Industrialisation Of Cybercrime Is Disrupting Business »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

International Organization for Standardization (ISO)

International Organization for Standardization (ISO)

ISO is an independent, non-governmental international standards organization. The ISO/IEC 27001 is the standard for information security management systems.

Detack

Detack

Detack is an independent supplier of IT security auditing and consulting services.

Conceptivity +360 Cybersecurity

Conceptivity +360 Cybersecurity

Conceptivity +360 Security addresses advanced cybersecurity and supply chain security issues in policy, regulatory, legislation, standardisation, compliance and project management areas.

Namogoo

Namogoo

Namogoo’s disruptive technology identifies and blocks unauthorized product ads that are injected into customer web sessions by client-side Digital Malware.

e-Lock

e-Lock

e-Lock services include IT security consulting and training, security systems integration, managed security and technical support.

CRI4DATA

CRI4DATA

CRI4DATA's mission is to help organizations build their resilience to cyber risk.

Envelop Risk

Envelop Risk

Envelop Risk is a global specialty cyber insurance firm, combining decades of insurance industry expertise with sophisticated cyber and artificial intelligence-based analytics.

Cognyte

Cognyte

Cognyte is a global leader in investigative analytics software that empowers a variety of government and other organizations with Actionable Intelligence for a Safer World.

Packetlabs

Packetlabs

Packetlabs specializes in penetration testing services and application security.

ID North

ID North

ID North is a Nordic service provider offering identity security to its customers by providing world class expertise and best-in-class solutions and services.

Web3fied

Web3fied

Web3fied is a seed stage company building the future of decentralized digital identity and credentials management.

Sitehop

Sitehop

Sitehop is a cybersecurity technology company developing and supplying FPGA hardware-enforced cyber security solutions for networks.

Confidencial

Confidencial

Confidencial is a provider of solutions that help organizations secure their most sensitive information, regardless if that information exists inside or is shared outside the organization.

Iron Mountain

Iron Mountain

Iron Mountain Incorporated is a global business dedicated to storing, protecting and managing, information and assets.

Breathe Technology

Breathe Technology

Breathe Technology has been providing Managed IT Support/ Service Desk, Cloud Services, Cyber Security & Communications to businesses and schools since 2003.

Neqst

Neqst

Neqst is an investment firm specialising in profitable growth companies within the Nordic software and IT-services sectors.