Tens of thousands of users recently received a message on their Gmail accounts, Google homepages or Chrome browsers warning that they may be at risk of a state-sponsored account, the New York Times Bits blog reported.
“We believe that state-sponsored attackers may be attempting to compromise your account or computer,” the message cautioned users. Some individuals first received such a warning in June, the Times said, but an investigation by Google revealed new intelligence that prompted the company to alert many more people that they may be targeted.
Google information security manager Mike Wiacek told the Times that Google had witnessed an increase in state-sponsored threats coming from the Middle East, specifically. He said that the source of such activity was in “a slew of different countries.” The Times also recently reported on the expanded use of spyware by countries such as Turkmenistan and Bahrain to monitor civilians abroad, and reporters noted that a series of recent attacks on banks originated from hackers claiming ties to the Middle East as well.
Since June, Google has investigated attacks on its users and turned up more instances of what appear to be state-sponsored Internet security threats. Wiacek told the Times that Google users may want to take advantage of its products security features and other measures to protect themselves.
Steps for protection
Wiacek specifically advised users, particularly those who had received the warning message, to change their account passwords, to enable Google’s two-step authentication service and to keep all software versions updated on their computer. Users may want to adopt certain password security measures recommended by experts. A prior New York Times Bits post pointed out a few basic measures that will improve data security, which echoed the advice to change passwords frequently. Other tips involve not reusing passwords, choosing security questions without answers that someone can find online and avoiding regular dictionary words.
A recent study showed that as many as six in 10 users reuse the same few passwords, largely out of the convenience of not having to remember too many different phrases. The Times cautioned against this, also emphasizing that users should not store passwords in their email inbox.
Instead, individuals can use password manager software such as LastPass or DirectPass. These programs can store users’ passwords, or even automatically generate a different secure combination for each individual site, all under control of a single master password.
Security News from SimplySecurity.com by Trend Micro