Facebook announced a new initiative to protect its users from prying eyes, the popular social network will inform them on any suspected compromise from state-sponsored hackers.
“Starting today, we will notify you if we believe your account has been targeted or compromised by an attacker suspected of working on behalf of a nation-state. This is what the notification looks like on the desktop version of the Facebook website:” Alex Stamos, Chief Security Officer at Facebook, states in a blog post. “We do this because these types of attacks tend to be more advanced and dangerous than others, and we strongly encourage affected people to take the actions necessary to secure all of their online accounts. “
Facebook is already monitoring users’ account for potential compromise while offering users the possibility to proactively secure their accounts. In June, Facebook released two security tools, the Security Checkup and the cleanup tool, aimed at improving the security posture of its users. The Security Checkup is a tool warn users on the browsers and apps they used to access their accounts, meanwhile the cleanup tool developed in a joint effort with AV firms such as Kaspersky Lab.
The company will provide users with the possibility to enable the “Login Approvals” feature that would ensure that hackers cannot login into a user’s account. The alert would be triggered also if the Facebook account is accessed from a new device or browser, also in these cases the user will receive a security code on the mobile phone he registered.
Alex Stamos highlighted that the alert doesn’t mean that the Facebook’s platform has been hacked, instead there is the concrete risk that the user’s device might have been infected with malware. Facebook hasn’t provided further information regarding the method it uses to detect the nature of the attack (i.e. nation-state attacks, frauds), anyway it highlighted that it is focused on state-sponsored attacks that are often very sophisticated.
“To protect the integrity of our methods and processes, we often won’t be able to explain how we attribute certain attacks to suspected attackers. That said, we plan to use this warning only in situations where the evidence strongly supports our conclusion. We hope that these warnings will assist those people in need of protection, and we will continue to improve our ability to prevent and detect attacks of all kinds against people on Facebook,” added Stamos.
(Security Affairs – Facebook, state-sponsored hackers)