Facebook’s chief security officer said the social media site will begin notifying users it believes have been targeted by government-sponsored hackers.
In a Friday afternoon post, Facebook CSO Alex Stamos said the company will notify users “if we believe your account has been targeted or compromised by an attacker suspected of working on behalf of a nation-state.” Those accounts under attack will receive a short message notifying them of the breach attempts and encouraging them to turn on Facebook’s Login-Approvals feature, which sends a security code to the user’s cell phone that must then be entered to sign in from a new device or browser.
“While we have always taken steps to secure accounts that we believe to have been compromised, we decided to show this additional warning if we have a strong suspicion that an attack could be government-sponsored,” Stamos wrote. “We do this because these types of attacks tend to be more advanced and dangerous than others, and we strongly encourage affected people to take the actions necessary to secure all of their online accounts.”
Stamos’ message did not specify a particular country as a threat and also declined to reveal the process through which it will determine which attacks are state-sponsored, but said the warning will only be displayed when the “evidence strongly supports our conclusion.” Stamos said the warning may also indicate the presence of malware on a user’s device or devices and encouraged those who receive the message to “take care to rebuild or replace these systems if possible.”
Despite the lack of specifics given, Facebook’s message comes in the broader context of a push for increased cybersecurity as more and more elements of our everyday lives become digitized and attacks become increasingly dangerous. At the start of this month, several million T-Mobile subscribers fell victim to cybercrime when hackers breached the files of credit agency Experian, resulting in at least five lawsuits against the two companies. Recent reports have also indicated that Chinese cyberattacks on U.S. companies have continued over the past three weeks despite the signing of a recent cyberagreement by U.S. President Barack Obama and Chinese President Xi Jinping at the end of September.