Category Archives: NOTICES

State-sponsored attack? Facebook will now tell you ‘You’ve been hacked’

Just don’t expect Facebook to reveal how it knows when government hackers are coming after you.

facebook logo sign image www.socialselect.net

Facebook has started to notify users when it suspects they’ve been targeted by government-sponsored hackers, rather by than run-of-the-mill cybercriminals.

“Starting today, we will notify you if we believe your account has been targeted or compromised by an attacker suspected of working on behalf of a nation-state,” Facebook’s chief security officer Alex Stamos said in a Notes post on the weekend.

12107890101536110102468863935073197580215636n.png
A state-sponsored hacker alert. Image: Facebook

The notification users will see when Facebook detects that they are probably being targeted by a state-sponsored hacker advises them to turn on its two-factor authentication feature, Login Approvals, which requires the user give Facebook their phone number.

Facebook sends users a login code to the person’s phone the next time it detects an account has been accessed from a new device or browser.

“We decided to show this additional warning if we have a strong suspicion that an attack could be government-sponsored. We do this because these types of attacks tend to be more advanced and dangerous than others, and we strongly encourage affected people to take the actions necessary to secure all of their online accounts,” Stamos said.

Facebook won’t be revealing how it tells when a state-sponsored hacker is targeting a particular user, although there are numerous pieces of known malware that are suspected to have been created by government-backed hackers, such as the Stuxnet, thought to have been built by the US, Duqu, DarkSeoul, supposedly from North Korea, China’s ShadyRAT and Russia’s The Dukes malware.

“To protect the integrity of our methods and processes, we often won’t be able to explain how we attribute certain attacks to suspected attackers. That said, we plan to use this warning only in situations where the evidence strongly supports our conclusion,” Stamos said.

The new hacker alert notifications join Facebook’s other security efforts, such as its security check-up tool, and teaming up with several antivirus vendors to offer online malware scanning and clean-up tools.

Facebook earlier this year said it helped clean up two million infected PCs after using a “combination of signals” to find the infections. While helpful at cleaning up malware, some users have objected to being locked out of their accounts until they download anti-malware from Facebook’s partners.

ooo

Henry Sapiecha

 

AUSTRALIAN FEDERAL PARLIAMENT ALERT RE SECURITY

Tuesday 29 July 2014

 aust gov logo white on black

Extended submission deadline for inquiry into the National Security Legislation
Amendment Bill (No. 1) 2014

The closing date for submissions to the Parliamentary inquiry into the National Security Legislation Amendment Bill (No. 1) 2014 has been extended to Wednesday, 6 August 2014.

The closing date was extended by the Parliamentary Joint Committee on Intelligence and Security in order to give interested parties more time to make a contribution to the inquiry.

The Bill implements many of the bipartisan recommendations made by the Committee in Chapter 4 of its 2013 Report of the Inquiry into Potential Reforms of Australia’s National Security Legislation. Chapter 4 included 22 recommendations on reforms to legislation governing the Australian Intelligence Community, including the Australian Security Intelligence Organisation Act 1979 and Intelligence Services Act 2001.

The Explanatory Memorandum to the Bill states it will enhance the capability of intelligence agencies by:

  • Modernising ASIO’s statutory employment framework,
  • Modernising and streamlining ASIO’s warrant-based intelligence collection powers,
  • Strengthening ASIO’s capability to conduct covert intelligence operations, with appropriate safeguards and oversight,
  • Clarifying and improving the statutory framework for ASIO’s co-operative and information-sharing activities,
  • Enhancing the capabilities of IS Act agencies,
  • Improving protection of intelligence-related information, and
  • Renaming of Defence agencies to better reflect their roles.

Public hearings on the Bill will be held during August. The Committee intends to report by 8 September 2014 in order that the House may consider the Bill in the Spring sittings.

Further information about the inquiry, including how to make a submission, can be accessed via the Committee’s website at http://www.aph.gov.au/nslab. A submission received from the Attorney-General’s Department is now available at this website. The Bill and Explanatory Memorandum can be accessed via http://www.aph.gov.au/Parliamentary_Business/Bills_Legislation.

Henry Sapiecha