The biggest question on everyone’s mind is: “how in the world is Google going to tell the difference?”

Google’s response is something of a smoke screen though with them saying coyly;

“You might ask how we know this activity is state-sponsored. We can’t go into the details without giving away information that would be helpful to these bad actors, but our detailed analysis—as well as victim reports—strongly suggest the involvement of states or groups that are state-sponsored.”

The new warning seem to be aimed at spreading fear more than anything else as many security researchers are wondering what could be in Gmail accounts that are so sensitive anyway? If you have the type of data that is that sensitive you probably should not be putting it in a Gmail account (or any other cloud based email service for that matter). Still there are a few things to remember about any cloud service, they are ALL vulnerable to intrusion and this is beyond the typical “weak password” issue that is the source of many breaches.

We really are not sure what Google hopes to accomplish with these “proactive” warnings, but to warn someone after the fact instead of perhaps working to add additional security into your own systems is not being proactive. Google could (and perhaps should) require two factor authentication for their Gmail users, require complex passwords with expiration cycles and more. The down side of this is that all of these things cost money to implement and most users do not want the hassle. Remember ease of use often means lack of security… Something to think about the next time you sign up for a cloud based service regardless of what it is.

Discuss this in our Forum