Google Offers G Suite Alerts for State-Sponsored Attacks
3.8.18 securityweek Attack
Google this week announced that it can now alert G Suite admins when it believes users have been targeted by government-backed attackers.
The search company has been notifying users on what it believes might be state-sponsored attacks for over six years, and reaffirmed its commitment to continue alerting users on such incidents last year.
The Internet giant is now providing G Suite admins with the option to receive alerts whenever attacks appearing to be coming from a state-sponsored actor are targeting their users. The feature will show up in the G Suite Admin console as soon as it becomes available.
“If an admin chooses to turn the feature on, an email alert (to admins) is triggered when we believe a government-backed attacker has likely attempted to access a user’s account or computer through phishing, malware, or another method,” Google explains.
As usual, such alerts don’t necessarily imply that the account has been compromised or that the organization has been hit with a larger attack.
The new feature is turned off by default, but admins can easily enable or disable it in Admin Console > Reports > Manage Alerts > Government backed attack.
The feature also allows admins to set who is being notified when such attacks are detected (by default, super admins receive the notification via email).
Once an attack has been detected, admins can choose to secure the account suspected to have been targeted, and can also opt to alert the user on both the attack and the security measures taken.
The feature is set to gradually roll out to all G Suite editions and should be available for all admins within the next 15 days, Google said.
Companies such as Microsoft, Facebook, and Twitter are also warning users when detecting attacks believed to have been performed by a government-backed actor.