rvlsoft - Fotolia

Google to alert firms of state-sponsored attacks on G Suite users

As cyber security increasingly becomes a market differentiator, Google has announced that businesses using G Suite cloud-based software can opt in to cyber attack alerts

Google has announced that it is adding a feature to the G Suite admin console that can alert administrators if a user’s account is targeted by a government-backed attack.

The announcement coincides with researcher reports of a cyber attack group that switches frequently between nation state-style targeted attacks and cyber crime, often using the same infrastructure and attack tools.

Disabled by default, admins can choose to turn the service on to receive an email alert when Google believes a government-backed attacker has attempted to access a user’s account or computer through phishing, malware, or another method.

According to Google, the alerts will not necessarily mean the account has been compromised or that there was a widespread attack on an organisation, but it will enable admins to choose whether to share information about the alert with others and help secure the user’s account.

To enable the alerts, G Suite administrators can navigate to the Admin Console, click on Reports, select Manage Alerts, and go to the Government-backed hack option.

Admins can alert the user, share more details about the hacking attempts with the user, secure the user account, and manage alerts within the administrator dashboard.

In June, Robert Hannigan, former director general of GCHQ, said high-level nation-state cyber threats are a problem for all organisations either directly or indirectly through cyber crime groups acting as state proxies.

“We are seeing a crossover between nation states and criminal groups acting on their behalf, sometimes with the same people working on nation state cyber activities by day and criminal activities by night,” he told Infosecurity Europe 2018 in London.

Read more about cyber crime

The G Suite innovation is the latest by Google to increase business confidence in its cloud-based services, and adds to the fact that the company has been alerting users of suspected government-backed attacks since 2012.

These notices reflect Google’s assessment that a government-backed attacker is likely to have attempted to access the user’s account or computer when Google detects phishing emails, attachments with malware, or brute-force attacks.

The announcement about the alert option of G Suite admins comes after criticism of Gmail’s new confidentiality mode. The US Department of Homeland Security expressed concern that protected email links may have the unintended consequence of leading to more phishing victims.

Read more on Cloud security