G Suite government hack alerts

Google announced today that administrators of G Suite accounts can now enable and configure a special alert when a government-backed cyber-espionage group is trying to hack into one of their company’s user accounts.

This new alert is available via the “Admin Console > Reports > Manage Alerts > Government backed attack” option available through the standard G Suite super admin account.

The feature isn’t new. Google has been warning Gmail users of government-backed attacks since 2012, an alert system it revamped and redesigned in 2017.

Old Gmail government hack alert

New Gmail government hack alert

Google usually sends alerts for government-backed attacks when it detects phishing attempts, malware-laden attachments, or brute-force attacks carried out from the infrastructure of known government-linked cyber-espionage groups —also known as APT (advanced persistent threats).

Alert system helps admins secure accounts before a breach

The feature added to the G Suite backend today lets admins control what happens inside an organization’s G Suite account when a government-backed attack happens.

For example, G Suite super admins can enable this type of alert and receive notification of an ongoing government-backed attack and what user account was targeted.

In addition, G Suite super admins can also configure automated actions to be taken when an attack takes places, such as resetting the user’s account password to prevent any intrusion from the attacker.

Last but not least, the new G Suite alert system lets admins send a copy of the alert to the user, as well, similarly to the warnings they usually receive in Gmail.

G Suite accounts as sought after as Office 365 accounts

G Suite is a for-enterprise Google productivity suite, similar to Office 365, made up of the commercial versions of several Google services such as Gmail, Docs, Sheets, Sites, Slides, Drive, and more.

Access to a G Suite account lets attackers access all these services at once, allowing them an easy way to harvest large swaths of data.

Today, Bleeping Computer also reported that Microsoft launched a new service called AccountGuard, which it has been making available to organizations involved with the US 2018 midterm election. This new service, Microsoft says, will add extra protection for the Microsoft accounts of those involved with the upcoming election, some of which have been targeted by Russian hackers already.

Article by Catalin Cimpanu, Bleeping Computer