The banner reads, “Warning: We believe state-sponsored attackers may be attempting to compromise your account or computer. Protect yourself now.” This follows two years after the company announced that it had been hacked by intruders attempting to access the Gmail accounts of political activists, and a few days after the New York Times specifically linked Stuxnet to the US administration (a project begun in the Bush era and code-named Olympic Games). Google clearly believes that state-sponsored attacks are increasing.
“We can’t go into the details without giving away information that would be helpful to these bad actors,” said Grosse, “but our detailed analysis – as well as victim reports – strongly suggest the involvement of states or groups that are state-sponsored.” He makes the point that any such warning would not indicate that Google itself has been breached, only that “we believe you may be a target, of phishing or malware for example, and that you should take immediate steps to secure your account.”
What Google doesn’t make clear is whether this warning will or will not apply to all states. If the New York Times is correct about Stuxnet being a US/Israeli project, and suspicions that Flame Might be part of the same Olympic Games are true, will Google warn Chinese or Middle-East users about Stuxnet, Duqu or Flame-related phishing attempts? This is a question that Google should answer. Without clarity, while the move will improve security for many, it could lead to a dangerously false sense of security for others.