Friday evening, Facebook’s Chief Security Officer Alex Stamos posted that the company “will notify you if we believe your account has been targeted or compromised by an attacker suspected of working on behalf of a nation-state.”
Stamos explains that Facebook will show the warning “if we have a strong suspicion that an attack could be government-sponsored. We do this because these types of attacks tend to be more advanced and dangerous than others, and we strongly encourage affected people to take the actions necessary to secure all of their online accounts.”
Affected users will receive notices that read, “We believe your Facebook account and your other online accounts may be the target of attacks from state-sponsored actors.” They are then advised to turn on two-factor authentication through Facebook’s Login Approvals settings.
What this does is send a security code to the user’s phone whenever someone logs onto their account from a new device or browser. That person would need that unique code to continue.
Stamos warns users that people who receive these notices from Facebook may have a computer or mobile device that has been infected with malware.
“Ideally, people who see this message should take care to rebuild or replace these systems if possible,” he writes.
Perhaps the biggest frustration with these notices is that Facebook can’t really tell you much about them, even if you’re a target.
“To protect the integrity of our methods and processes, we often won’t be able to explain how we attribute certain attacks to suspected attackers,” explains Stamos. “That said, we plan to use this warning only in situations where the evidence strongly supports our conclusion.”
by Chris Morran via Consumerist