Facebook Will Now Warn Users of State-Sponsored Attacks

Social network giant Facebook will now warn users if their accounts have been targeted or compromised by attackers sponsored by a nation-state.

Facebook has released a security note that explains an alert to secure Facebook users’ accounts that may be targeted or compromised by a nation-state backed attacker.

While the company insists that steps are already taken to secure user accounts that may be targeted, it has stepped up the security dial a notch to directly warn users when an attack is under away.

Alex Stamos, chief security officer at Facebook, wrote:

“While we have always taken steps to secure accounts that we believe to have been compromised, we decided to show this additional warning if we have a strong suspicion that an attack could be government-sponsored.”

Facebook’s Alert – Login Approvals.

Facebook will advise users, with the warning, to turn on a feature called “Login Approvals.” The feature ensures a two-factor type authentication system wherein any account being logged into from a different computer or a web-browser will be secured with a security passcode that is sent to the user’s mobile device. This passcode will be the means through which a user then gains access to his or her account.

Stamos added:

“It’s important to understand that this warning is not related to any compromise of Facebook’s platform or systems and that having an account compromised in this manner may indicate that your computer or mobile device has been infected with malware.”

For obvious reasons, a user’s Facebook account could prove to be a tremendous resource to any attacker looking to gain information or data about a target. The messages, a user’s personal media such as photos and videos, the contact list and more features in a Facebook profile can all be used to dissect a target’s relationships and habits.

While nation-state attacks have been identified plenty of times in the past, it isn’t always a clear as to the mode of operation or the attackers behind such breaches.

“To protect the integrity of our methods and processes, we often won’t be able to explain how we attribute certain attacks to suspected attackers,” explained Stamos, not revealing Facebook’s ways in which nation-state attacks are identified.

“That said, we plan to use this warning only in situations where the evidence strongly supports our conclusion,” he concluded.