Facebook Chief Security Officer Alex Stamos wrote in a blog post that “while we have always taken steps to secure accounts that we believe to have been compromised, we decided to show this additional warning if we have a strong suspicion that an attack could be government-sponsored”.
Precisely how Facebook knows that the hacks are originating from government agencies isn’t explained, although experts could identify the source of the intrusion by the servers that are used in the breach or by the type of malware or exploit used to attack a computer. Stamos said: “To protect the integrity of our methods and processes, we often won’t be able to explain how we attribute certain attacks to suspected attackers […] We plan to use this warning only in situations where the evidence strongly supports our conclusion.”
Facebook suggests that any users who are notified that their accounts may be the target of state-sponsored hackers should “rebuild or replace” any hardware that may have been infected by malware. It also advises people to turn on login approvals; a feature that sends a one-time authorization passcode to a user’s cell phone whenever Facebook detects someone accessing their account from a new browser or device.
Facebook’s announcement comes at a time when an increasing number of internet users fear their privacy may be at risk from government intrusion. While the move will likely be welcomed by the social media giant’s billion plus userbase, it remains to be seen how various governments will respond to the new measures.
Facebook: Notifications for targeted attacks