Don’t miss the latest developments in business and finance.

All global tech giants follow a warning policy for state sponsored hacking

Opposition MPs have accused the government of spying on them, an allegation that has been denied though it has prompted the government to start an inquiry

hacking, cyberfraud, cyber threat, security, privacy, phone tapping, surveillance
Surajeet Das Gupta New Delhi
3 min read Last Updated : Nov 03 2023 | 10:59 PM IST
Apple has been in the headlines for its notification to 20 Opposition leaders and journalists that their phones might have been the target of a ‘government-sponsored’ attack  but a similar policy is  also followed by Google, Meta and Microsoft.  

Opposition MPs have accused the government of spying on them, an allegation that has been denied though it has prompted the government to start an inquiry.

In meetings with officials of the tech giants over the past few days, the government has been told by stakeholders that all big tech companies protect their users against possible state-sponsored cyber attacks.

But the companies did not provide a formal statement on the issue, nor explain how they distinguish state sponsored attackers from private actors.  

On its website, Apple says ‘threat notifications’ are designed to inform and assist users who may have been targeted because of who they are or what they do. It says state sponsored attacks are highly complex, cost millions of dollars, and are  very short in duration, making it all the harder to detect them. 

Google’s policy on this goes back to 2012 when it started alerting users that government-backed attackers might have been trying to steal their  password or compromise their account or computer over a period of a month or so.

Also, the administrator of an organisation will receive an alert if a user is detected as a possible victim of a government-backed attack to access the person’s account.  Cyber attacks  happen to fewer than 0.1 per cent of all Google Account users.  

Google concedes that some notifications could be false alarms. “But we believe we detected activities that government-backed attackers use to try to steal passwords or other personal information. Such activity includes users getting a harmful attachment, links to malicious software downloads, or links to fake websites,” says Google.

It refuses to reveal who ‘tipped us off’ because attackers will notice and change tactics.

In 2015, Meta (formerly Facebook) also followed Google’s example and its then chief security officer Alex Stamos explained why in a blog.

“While we have always taken steps to secure accounts that we believe to have been compromised, we decided to show this additional warning if we have a strong suspicion that an attack could be government sponsored,” he wrote.

He added that the warnings were necessary given that these types of attacks tended to be more advanced and dangerous than others.   

Since 2015, Microsoft has followed a similar policy of notifying users if it believes that an account has been targeted or compromised by an individual or group working on behalf of a nation state.


Topics :Apple IncFacebookMicrosoftTech companiessmartphone pin hacking

Next Story