Facebook security have announced that the social media giant will notify users if they believe their account has been compromised by a government agency.
Facebook Chief Security Officer Alex Stamos announced that “while we have always taken steps to secure accounts that we believe to have been compromised, we decided to show this additional warning if we have a strong suspicion that an attack could be government-sponsored“.
BYPASS THE CENSORS
Sign up to get unfiltered news delivered straight to your inbox.
He added that such attacks “tend to be more advanced and dangerous than others”, meaning that users who are thus compromised should take great care in addressing them.
Facebook identifies the primary source of such attacks as users’ own computers and mobile devices, infected by malware tools such as GCHQ’s ‘Smurfs’, revealed in documents leaked by NSA whistleblower Edward Snowden. Facebook says that its own service is unlikely to be the origin of such security breaches, stating that “it’s important to understand that this warning is not related to any compromise of Facebook’s platform or systems” and suggesting that users who see the message “rebuild or replace” their affected hardware.
Unfortunately, Alex Stamos didn’t go into detail about exactly how Facebook would be able to distinguish accounts compromised by “an attacker suspected of working on behalf of a nation-state” from more commonplace private-sector hacking attempts, but said that the company would “use this warning only in situations where the evidence strongly supports our conclusion”.
Facebook appears to be promising blanket announcements of malicious activity originating with any government’s intelligence or law enforcement agencies, saying that it hopes to “assist those people in need of protection” without giving any indication that it will, for example, warn people of attacks by Chinese authorities, but not British ones.
Known malware tools used by British intelligence services include Nosey Smurf, which turns on your mobile device’s microphone to spy on conversations, Tracker Smurf, which reports your geolocation data, and Dreamy Smurf, which surreptitiously switches phones on.