On Friday, Facebook issued a statement admitting its systems had been "targeted in a sophisticated attack". While Facebook says it has no evidence that user data was compromised, it has raised concerns over the implications of a major security breach for the world's largest social network.
Facebook says: "This attack occurred when a handful of employees visited a mobile developer Web site that was compromised. The compromised Web site hosted an exploit which then allowed malware to be installed on these employee laptops.
"The laptops were fully-patched and running up-to-date anti-virus software. As soon as we discovered the presence of the malware, we remediated all infected machines, informed law enforcement, and began a significant investigation that continues to this day."
Facebook added that, like other services, it is frequently targeted "by those who want to disrupt or access our data and infrastructure".
"The vast majority of the time, we are successful in preventing harm before it happens, and our security team works to quickly and effectively investigate and stop abuse."
Explaining the recent attack in more detail, Facebook says after analysing the site where the attack originated, it found it was using a "zero-day" (previously unseen) exploit to bypass the Java sandbox (built-in protections) to install the malware.
"We immediately reported the exploit to Oracle, and they confirmed our findings and provided a patch on 1 February 2013, that addresses this vulnerability."
Facebook says it was not the only target of this attack. "It is clear that others were attacked and infiltrated recently as well."
Twitter was recently hacked and about 250 000 user accounts were potentially compromised. While the popular micro-blogging platform didn't detail exactly how its network was infiltrated, Twitter director of information security, Bob Lord, did remind users that it was strongly recommended that Java should be switched off within their browsers.
Other major sites to be hacked recently include The New York Times, The Wall Street Journal and The Washington Post. The news organisations attributed the attacks to Chinese hackers.
Head of technology for Sophos Asia Pacific, Paul Ducklin, says had Facebook's employees switched off Java in their browser, the problem could have been side-stepped.
"Even just using a browser with click-to-play (so that Java and Flash applets, among others, can't launch quietly in the background from compromised Web sites) would surely have been enough. I'm guessing now, but I'd be very surprised if the mobile developer Web site alluded to above actually required Java, so there would have been no reason to have Java turned on for that site," says Ducklin.
Security pressure
With over a billion users, Facebook has managed to keep its users' data protected so far, but it has been noted that a single major breach could have disastrous effects for the social network. Keeping user data secure is especially important for Facebook as it tries to push into the e-commerce space.
In 2011, Facebook created a stir when it released some statistics that showed up to 600 000 user logins each day are potentially compromised - a figure which has most likely increased along with the network's total user base.
At the time, the social network said it roadblocks between 250 000 and 600 000 Facebook accounts per day. Accounts are roadblocked if Facebook believes them to be temporarily compromised by malicious software. While blocked, Facebook runs its own security software on the account until it is certified clean.
Facebook also explained that accounts are "compromised" in the sense that the site is not confident that the account's true owner is accessing the account, and as a result access is either pre-emptively or retroactively blocked. Accounts are also blocked if the owner is accessing the account from a computer infected with malware.
At the time, senior security analyst at Sense Post, Junaid Loonat, said that based on past events, it's clear that most changes to Facebook have attempted to push more personal information into the public realm.
"Regardless, it is still possible for users to control the extent to which their lives are recorded online. Users should regard all information provided to social media Web sites as information that may (eventually) be exposed to the public," said Loonat.
Facebook founder and CEO, Mark Zuckerberg, has said the social network does not track its progress in terms of user numbers, but rather the amount of content being shared on the platform. According to "Zuckerberg's Law" the volume of photos, status updates and other online material each individual Facebook user posts, will double every year.
Share