Facebook just launched a new kind of notification that will warn users if it suspects their account has been targeted by an attacker working on behalf of a nation-state.
“While we have always taken steps to secure accounts that we believe to have been compromised, we decided to show this additional warning if we have a strong suspicion that an attack could be government-sponsored,” Alex Stamos, Facebook’s chief security officer, writes in the company’s blog post about the news.
“We do this because these types of attacks tend to be more advanced and dangerous than others, and we strongly encourage affected people to take the actions necessary to secure all of their online accounts.”
Facebook says that if a user sees this notification, it’s not an indication that Facebook itself has been hacked in any way.
Rather, it could indicate that that person’s computer or smartphone has malware on it that bad actors are using to seek access to their accounts.
Facebook says it can’t explain how it attributes attacks to nation-states versus smaller-scale hackers, because it has to “protect the integrity” of its methods and processes, but promises that it will only use that warning notification “where the evidence strongly supports our conclusion.”
In other words, if you get that Facebook notification, you should take it seriously. The company recommends rebuilding or replacing any system that may have been infected by malware, as well as turning on login approvals.
The chilling reality of the potential destruction of state-sponsored cyber-attacks rocketed into the public eye late last year when North Korea attacked Sony Entertainment, shutting down the company’s computer systems and revealing troves of personal information from employees.
Talking about the hack at the recent Vanity Fair conference, assistant attorney general for national security in the Department of Justice John Carlin said that attacks by nation-states can be brutal, because if they want to get in, they’ll get it.
“There’s no wall high enough to keep a determined nation state out of your computer systems,” he said.
But, he said, noticing an attack early and moving fast is crucial. That’s Facebook’s attitude when releasing this new notification, too.
“We hope that these warnings will assist those people in need of protection,” Stamos writes, “And we will continue to improve our ability to prevent and detect attacks of all kinds against people on Facebook.”