Facebook has said it constantly monitors users' accounts for potentially malicious activity and is able to tell where the attack is coming from.
Starting this week, Facebook will notify users if it believes the account has been targeted or compromised by an attacker suspected of working on behalf of a nation-state.
"While we have always taken steps to secure accounts that we believe to have been compromised, we decided to show this additional warning if we have a strong suspicion that an attack could be government-sponsored," said Alex Stamos, Facebook's chief security officer, in a post on the Facebook Security page.
"We do this because these types of attacks tend to be more advanced and dangerous than others, and we strongly encourage affected people to take the actions necessary to secure all of their online accounts."
"It is absolutely possible the government could be monitoring Facebook accounts in South Africa, but I don't think they are yet," says SensePost CTO Dominic White. "It is very difficult for government to monitor and intercept everything on social networks without being caught."
Stamos says: "To protect the integrity of our methods and processes, we often won't be able to explain how we attribute certain attacks to suspected attackers. That said, we plan to use this warning only in situations where the evidence strongly supports our conclusion. We hope these warnings will assist those people in need of protection."
There are three ways a nation-state could monitor social media, says White:
1. Passively monitor content a user has shared on unsecure channels.
2. Actively intercept secured connections.
3. Lawfully intercept, eg, RICA.
"My guess is that a government security agency will see something like the Snowden leaks and say they need to develop the same technology, and civil rights groups like R2K [Right2Know Campaign] will see the leaks and think we should make sure our government is not doing the same thing."
White notes: "This is not a new innovation as Google started providing a similar service a few years back, particularly to help activists in China."
A Facebook user asked if the social network would include the National Security Agency or other agencies affiliated with the US government. Facebook responded by saying: "This feature is not specific to ? or excluded from ? any particular government."
Facebook advises users to secure their accounts by adding a login approval. This will mean a security code, sent to the user's cellphone, will be required every time there is a login from an unknown browser.
In April, it was revealed in R2K's Big Brother Exposed report that SA's security cluster is "becoming increasingly powerful, secretive, and involved in the political affairs of the country" and is targeting community activists for surveillance.
R2K alleges the Crime Intelligence Division of the police service and the State Security Agency conduct intelligence-gathering that includes monitoring Web and social media sites, covertly monitoring phone calls, e-mails and Internet use, and attending community activist meetings.
It adds, however, that "many forms of surveillance - especially electronic surveillance - are hard to detect".
Share