Facebook to Warn Users of Potential State-Sponsored Hackers

Image courtesy of [Barney Moss via Flickr]

In light of concerns about state-sponsored hackers going after American technology, Facebook will now warn users it believes are falling victim to these types of attacks.

The warning will take the form of a notification that pops up on Facebook. It doesn’t warn individuals that their Facebook accounts are being hacked, but rather that their computers, smartphones, tablets, or other devices have malware on them that indicate that hackers may be trying to access their accounts.

According to Facebook, the notification will prompt a user to “Please Secure Your Accounts Now” and contain the following message:

We believe your Facebook account and your other online accounts may be the target of attacks from state-sponsored actors. Turning on Login Approvals will help keep others from logging into your Facebook account. Whenever your account is accessed from a new device or browser, we’ll send a security code to your phone so that only you can log in. We recommend you also take steps to secure the accounts you use on other services.

Facebook also recommends that if possible, people who get these notifications should consider replacing or rebuilding their systems, because this type of breach is probably too strong to be wiped out by everyday anti-virus software. Facebook has also made it clear that it won’t be sending out these notifications willy-nilly, but only if there’s strong evidence that a breach is coming from a foreign government hack.

Obviously not all hacks come from state-sponsored entities, but Facebook is clear on why it is focusing on warning its users specifically about these kinds of attacks. Alex Stamos, the Chief Security Officer at Facebook, explained in the announcement about the policy change:

While we have always taken steps to secure accounts that we believe to have been compromised, we decided to show this additional warning if we have a strong suspicion that an attack could be government-sponsored. We do this because these types of attacks tend to be more advanced and dangerous than others, and we strongly encourage affected people to take the actions necessary to secure all of their online accounts.

War waged via technological means is certainly a legitimate concern–there have been either allegations or outright evidence that unfriendly actors such as China, Russia, Iran, North Korea, and ISIL have attempted to hack American accounts.

There are some criticisms of the new alert–Tech Crunch pointed out that the phrase “state-sponsored actors” may not be in everyone’s vernacular, and could be confusing. Additionally, Maddy Crowell of Christian Science Monitor points out that we don’t know exactly how Facebook is getting the information to conclude that someone has been the victim of a state-sponsored attack. While that’s not necessarily a criticism, it is a viable inquiry about Facebook’s privacy features. 

So, essentially, you don’t want to see this notification pop up on your Facebook–it means that your information is under attack, most likely due to malware that has infected your computer. Facebook is doing right by its users by letting them know–it may be an indication of the kind of security we’ll see moving forward as cyberwar remains a serious concern.

Anneliese Mahoney is Managing Editor at Law Street and a Connecticut transplant to Washington D.C. She has a Bachelor’s degree in International Affairs from the George Washington University, and a passion for law, politics, and social issues. Contact Anneliese at amahoney@LawStreetMedia.com.