Facebook has announced it will begin giving its users a warning when the company suspects an account has been targeted or compromised by a cyber spying attack from a nation-state or state-sponsored actor, reports Mashable.
In a post on Facebook’s official privacy page, Facebook chief security officer Alex Stamos wrote, “Starting today, we will notify you if we believe your account has been targeted or compromised by an attacker suspected of working on behalf of a nation-state.”
“While we have always taken steps to secure accounts that we believe to have been compromised, we decided to show this additional warning if we have a strong suspicion that an attack could be government-sponsored. We do this because these types of attacks tend to be more advanced and dangerous than others, and we strongly encourage affected people to take the actions necessary to secure all of their online accounts.”
Alex Stamos, Facebook
Facebook will warn users of potential spying through boxed pop-up messages, and encourage them to secure accounts by way of a two step authentication. The warning message will contain a link directing Facebook users to a page where they can activate an existing feature, that adds an extra layer of security to their Facebook account. Facebook will then send users a verification code to their mobile phone, which will then need to be entered, in combination with a password.
The move sees Facebook follow in the footsteps of Google, who started doing the same thing in 2012, notifying users when it suspected they were being attacked by spying, state-sponsored hackers.
At the time, Google made a very similar statement which read “our detailed analysis — as well as victim reports strongly suggest the involvement of states or groups that are state-sponsored.
“You might ask how we know this activity is state-sponsored. We can’t go into the details without giving away information that would be helpful to these bad actors”
Just like Google, Facebook won’t offer any details as to why it suspects a user’s account has been compromised, and will not identify which state or government is culpable for cyber spying.
“To protect the integrity of our methods and processes, we often won’t be able to explain how we attribute certain attacks to suspected attackers. That said, we plan to use this warning only in situations where the evidence strongly supports our conclusion.”
The warning doesn’t relate to the compromise of the Facebook platform itself, but a Facebook account being compromised may indicate a computer or mobile device has been infected with spying malware. Stamos also advised that Facebook users who have been attacked should “rebuild or replace” their computer system, as it is highly likely to be infected with spying software.
There are a number of spying malware programs believed to have been created by government-backed hackers, such as the Stuxnet, thought to have been built by the U.S., Duqu, DarkSeoul, supposedly from North Korea, China’s ShadyRAT and Russia’s The Dukes malware, reports ZDnet.
In the statement, Facebook also underlines its commitment to protecting the security of users, affirming that it will continue to develop the company’s ability to prevent and detect spying attacks of all kinds against people on Facebook. The company has also joined forces with Google, Yahoo and others to oppose the CISA bill currently being proposed by the U.S. government, on the grounds that it has an excessively wide remit, according to ItPro.
[Photo by Dan Kitwood/Getty Images]