Facebook to warn users when targeted in state-sponsored cyberattacks

20 Oct 2015

Facebook yesterday followed Google in saying it would warn users when it appeared they were targeted by state-sponsored cyberattacks.

"Starting today, we will notify you if we believe your account has been targeted or compromised by an attacker suspected of working on behalf of a nation-state," Facebook chief security officer Alex Stamos said in a blog post.

"We do this because these types of attacks tend to be more advanced and dangerous than others, and we strongly encourage affected people to take the actions necessary to secure all of their online accounts."

Facebook would issue alerts in boxed messages urging targeted users to immediately secure accounts and will provide a link to turning on a feature that required a code sent to members' mobile phones along with a password to log in.

Google bolstered security in mid-2012 to include notifying users when it appeared they were being targeted by state-sponsored hackers.

"You might ask how we know this activity is state-sponsored," Google said in a blog post at the time.

"We can't go into the details without giving away information that would be helpful to these bad actors, but our detailed analysis - as well as victim reports - strongly suggest the involvement of states or groups that are state-sponsored."

Stamos said, "To protect the integrity of our methods and processes, we often won't be able to explain how we attribute certain attacks to suspected attackers."

He added, "We plan to use this warning only in situations where the evidence strongly supports our conclusion."

Users should rebuild or replace systems infected by malware if users got the notification.

Also turning on login approvals was a good practice to prevent individuals from logging into others' accounts.