Facebook to warn users if their account is hacked by a government

The site has added the addition warning because of the extra threat posed by attackers who have been sponsored by nation states, it said

Andrew Griffin
Monday 19 October 2015 11:41 EDT
Comments
A Facebook employee holds a laptop with a 'like' sticker on it during an event at Facebook headquarters during an event at Facebook headquarters on April 4, 2013 in Menlo Park, California
A Facebook employee holds a laptop with a 'like' sticker on it during an event at Facebook headquarters during an event at Facebook headquarters on April 4, 2013 in Menlo Park, California (Justin Sullivan/Getty Images)

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

Facebook will start sending notifications to people that it believes have had their accounts hacked by governments.

The site will be watching for extra-suspect activity on people’s accounts and informing them when it happens — encouraging them not just to change their password but to “rebuild or replace” their computer system because it has probably been entirely compromised.

If Facebook detects activity that makes it think an account has been “compromised by an attacker suspected of working on behalf of a nation-state”, it will show a notification at the top of the page. That tells users to “Please Secure Your Accounts Now”, giving an explanation of what has happened and advising people to turn on login approvals.

Login approvals sends a message to a users’ phone when somebody tries to log in from a new device. That message includes a code that must then be put back into Facebook, meaning that hackers need physical access to the phone to break into an account.

The warning doesn’t mean that Facebook or its systems have been compromised, the site said. Instead, it is likely to mean that the computer or mobile device could have been infected by malware.

The site said that it won’t often be able to explain how it has come to decide that certain attacks have come from state-sponsored hackers, to “protect the integrity of our methods and processes”. But it would only provide the notification in situations where evidence “strongly supports” its conclusion, it said.

Facebook said that it had chosen to offer users an extra-alert about state-sponsored attacks — rather than those that might be perpetrated by criminals, for instance — because they tend to be much worse.

Facebook reactions - Dislike?

“While we have always taken steps to secure accounts that we believe to have been compromised, we decided to show this additional warning if we have a strong suspicion that an attack could be government-sponsored,” wrote Alex Stamos, Facebook’s chief security officer, in a blogpost announcing the change. “We do this because these types of attacks tend to be more advanced and dangerous than others, and we strongly encourage affected people to take the actions necessary to secure all of their online accounts.”

Despite privacy concerns around Facebook’s business, the site has been active in promoting tools to stop state snooping on its users. Earlier this year, for instance, it added support for a super-secure encryption protocol into its emails, meaning that they shouldn’t be able to be intercepted on their way between the site and its users.

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in