If you’re using a Google product and the company detects that your computer has been compromised by a suspected state-sponsored attack, it will start showing you a warning at the top of the screen.
The move, announced by the company today, is an effort to keep its users safe and secure, as well as in the know about their computing environment.
Here’s what Google had to say on the matter today:
We are constantly on the lookout for malicious activity on our systems, in particular attempts by third parties to log into users’ accounts unauthorized. When we have specific intelligence—either directly from users or from our own monitoring efforts—we show clear warning signs and put in place extra roadblocks to thwart these bad actors.
Today, we’re taking that a step further for a subset of our users, who we believe may be the target of state-sponsored attacks. You can see what this new warning looks like here:
If you see this warning, it doesn’t necessarily mean that you’ve been compromised, but something in Google’s secret sauce is telling you that you could be a target of phishing or malware and how to keep your information secure. As far as what goes into that sauce? Well, it’s secret of course:
You might ask how we know this activity is state-sponsored. We can’t go into the details without giving away information that would be helpful to these bad actors, but our detailed analysis—as well as victim reports—strongly suggest the involvement of states or groups that are state-sponsored.
Don’t freak out though, Google gives some suggestions on what to do if you see the warning:
Here are some things you should do immediately: create a unique password that has a good mix of capital and lowercase letters, as well punctuation marks and numbers; enable 2-step verification as additional security; and update your browser, operating system, plugins, and document editors
We’ve reached out to Google for specifics on this campaign, and will let you know when we hear more.
UPDATE: Some of you have asked questions about this, so here are some points to help clarify this new feature:
- The warnings that you get are entirely focused on individuals and their potential compromise and has nothing to do with Google as a whole.
- If you have questions about Google products, check out the “Good To Know” site.
- As Google mentioned in its original blog post, the company is trying to take a proactive approach that will hopefully benefit its users in the rare case that they’re targeted.