Google’s new feature will now alert G-Suite Admins about state-sponsored attacks

  • These alerts are by default in ‘OFF’ state and a user can enable it by heading to the Admin Console.
  • G-Suite super admin users can also prevent any intrusion by customizing the automated actions.

Google has added a new feature to G-Suite that will alert administrators when the tech giant suspects their account has been targeted by a government-backed threat actor. G-Suite’s new feature was introduced just a few days after the launch of Titan Security Key, which was launched to enhance users’ online security.

However, G-Suite’s feature isn’t entirely new and is more of an added security layer in Google’s admin console.

“We’re adding a feature in the Admin console that can alert admins if we believe a user’s account has been targeted by a government-backed attack,” the company wrote in a blog post.

“If an admin chooses to turn the feature on, an email alert (to admins) is triggered when we believe a government-backed attacker has likely attempted to access a user’s account or computer through phishing, malware, or another method.”

Government-based attack detection

Since 2012, Google has been warning its users against these highly sophisticated government-backed attacks. In 2017, Google revamped its alert system to improve the detection of these attacks, which Google’s security experts discovered, were aimed at stealing passwords and accessing users’ data.

Google usually sends out an alert to users when it detects any phishing attempts, suspicious attachments or brute-force attacks carried out by advanced persistent threat (APT) groups.

The tech giant clarified that receiving an alert does not “necessarily mean that the account has been compromised or that there was a widespread attack on an organization.”

Google’s alerts are, by default, in “OFF” state and a user can enable it by heading to the Admin Console. By leveraging the new G-Suite feature, administrators can receive alerts about ongoing state-sponsored attacks targeted at their organizations and also receive information about which user accounts were targeted.

In addition, G-Suite super admin users can prevent any intrusion by customizing automated actions, such as resetting the user’s account password. The new G-Suite alert system lets admins send a copy of the alerts to users, which they can use to set up required preventive security measures.

Cyware Publisher