BOAC

Without diving too deeply into the news, it appears that those handling 'sensitive' information in US government arenas use G email accounts??

The Nr Fairy

I don't think the US Government would use Google Apps for day to day use

It's talking about spear phishing - targeting specific individuals who may have access to data the attacker wants. If you use Gmail on your work laptop then it's a possible avenue to other places, although from what I've seen it's about getting login credentials for private Gmail accounts then working out through the network of contacts from there. Intelligence gathering, if you like.

mixture

I think Nr Fairy hit it on the head. The adversary are merely trying to "get a food in the door", like the proverbial doorstop salesman. From there, they can seek out more weak links in the chain to get them closer to their goal.

I suspect that in these post-Wikileaks days, the importance of security of electronic government data has been further rammed down employees throats, especially in the US ! So I doubt there is any protectively marked information on Google servers.

BOAC

Ok - no mention of 'Google Apps' anywhere there. The observation was to express surprise at the laxness of security/lack of 'intelligence' in allowing these folk to access 'external' email accounts from work. A complete no-brainer and asking for that 'food in the door'

The Nr Fairy

From what little I know of US Government IT security, they do take stuff like this seriously. And I wasn't being entirely serious (hence the ) about Google Apps.

One person in the US State Department I know of has to use a completely separate PC in a separate part of the building, on a separate network, for personal use.

And I've seen nothing in the press / articles / stuff going on in the company I work for to indicate that people *were* accessing their mail accounts from computer systems which shouldn't really be connected to public networks.