In a move that’s likely to escalate the enmity between the world’s largest search engine and the government of the world’s largest nation, Google today warned many China-based gmail users that “State-sponsored attackers” may be attempting to compromise their computers. In a post explaining the move, Google does not mention China specifically, so it’s possible that users in other locations are seeing a similar warning as well. Additionally, some Chinese users in the US are reporting seeing the same message.
Google has also made it clear that the warning does not indicate anyone’s account has actually been compromised yet. Rather, it is a warning that users affected should take additional steps to secure their accounts.
As far as how, exactly, Google is aware that these attacks are State-sponsored, the company is playing its cards close to the vest:
You might ask how we know this activity is state-sponsored. We can’t go into the details without giving away information that would be helpful to these bad actors, but our detailed analysis—as well as victim reports—strongly suggest the involvement of states or groups that are state-sponsored.
Perhaps this is just my own case of China tunnel vision, but it’s difficult not to see this as a reference to Chinese government hacking attempts, especially given that Google took a shot at China’s censorship system just last week. It’s clear the company has no interest in playing along with the Chinese government, and given that many China-based gmail users — including me — have already experienced hacks and other attacks with apparently political motivations, it’s not much of a stretch to assume Google is talking about China here.
Anyway, if there was any doubt before that you should enable extra security measures like two-step authentication for your Google accounts in China, there shouldn’t be now. Check yo self before you wreck yo self, people.
[hat tip to @TomLasseter for mentioning this on Twitter]