Facebook starts warning users of state-sponsored attacks against their accounts

eBook: The DevOps Roadmap for Security - Tips and tools for bridging the security tribe into DevOps. Download →

Facebook will begin alerting its users when their account is being targeted or compromised by an attacker suspected of working on behalf of a nation-state.


“While we have always taken steps to secure accounts that we believe to have been compromised, we decided to show this additional warning if we have a strong suspicion that an attack could be government-sponsored,” Facebook CSO Alex Stamos explained.

“We do this because these types of attacks tend to be more advanced and dangerous than others, and we strongly encourage affected people to take the actions necessary to secure all of their online accounts.”

The social network won’t explain why those particular attacks are suspected to come from state-sponsored hackers – they have their own methods and processes that they want to keep secret so that attackers can’t find a way to pass their hacking attempts as generic ones.

Stamos made sure to note that if a user sees this warning, it doesn’t mean that Facebook was compromised, but that it’s very likely that the user’s computer or mobile device has been saddled with malware.

“Ideally, people who see this message should take care to rebuild or replace these systems if possible,” he said.

In case of a suspected state-sponsored attack, Facebook advises users to protect their accounts by turning on Login Approvals, so that each time someone – the user or an attacker – tries to log into the account from an unknown browser, they will also have to provide a security code that is sent to the user’s phone.



Facebook is not the first Internet firm to do that. Google began warning Gmail users that might be targeted by state-sponsored attackers back in June 2012.