Google has announced that it will be adding a feature to G Suite that will let businesses / organisations know if their users are being targeted by a government-backed cyber attack.

What Is G Suite?

G Suite is the package of cloud-based services designed to aid collaborative working, formerly known as Google Apps for Work. It was introduced in 2006, and has since been expanded to include apps like Gmail, Hangouts, Calendar, Google+; Drive, Docs, Sheets, Slides, Forms, and the digital interactive whiteboard Jamboard.

The New Alert Feature

The new feature, which will be added to the Admin console, will mean that Admins can choose to receive an email alert when Google detects a state-sponsored / government-backed attack attempt on a user’s account or computer e.g. via phishing, malware, or any other known method.

The alert feature will be turned off by default, but Admins can choose to turn the alerts on via Admin Console > Reports > Manage Alerts > Government backed attack.

If Admins choose to turn the feature on and make the alerts the default, they can decide who gets notified when attacks are suspected. In the first instance, alerts will be sent by email to Super Admins, but this can be changed to share the information with others via the same Console link.

Also, the feature allows Admins to choose what actions they want to take to secure an account on receiving the alert, and Admins can let the user know about the alert and any actions they have taken.

The launch of the new feature will go to both Rapid Release and Scheduled Release, will be available to all G Suite editions, and will be introduced in a gradual rollout (up to 15 days for feature visibility).

Warnings Since 2012

Even though this is a newly designed feature, Google has been warning users of any suspected targeting of their accounts by government-backed attackers since 2012.

Why The New Feature?

Google has introduced this feature for a number of reasons, the main one being that high-level nation-state cyber threats have become much more of a problem for organisations in recent times, either directly or indirectly through cyber-crime groups acting as state proxies.

GCHQ, for example, has reported seeing a crossover between nation states and criminal groups acting on their behalf, often with the same people working on nation-state cyber activities by day and criminal activities by night.

Also, Google wants to increase business confidence in its cloud-based services, and protect its business users from hacking.
Another influence that has prompted the introduction of the new feature is that competitors are offering something similar e.g. Microsoft’s new AccountGuard pilot program (currently only available for accounts from political organisations), introduced as part of its ‘Election Defence Technologies’ and offered by invitation only.

Being able to announce some good news about its security / privacy services for business clients has also been helpful at a time when Google has been criticised by The US Department of Homeland Security for potential problems with Gmail’s new confidentiality mode.

What Does This Mean For Your Business?

This crossover between nation states and criminal groups acting on their behalf has blurred the threat lines in the world of online security and necessitated the addition of this kind of feature. The fact that it has been designed to protect and reassure business users is clearly good news for G Suite users everywhere.

State-sponsored cyber attacks can cause huge damage and disruption to businesses that are directly or indirectly hit, and this can also have a negative knock-on effect on the wider economy too. It is good news, therefore, that businesses / organisations can now receive and manage alerts about potentially serious attacks, and this will add another layer of defence in an environment of evolving worldwide threats.