sb-nz logo
Story image

Experts comment on Facebook’s 50 million user credential leak

01 Oct 2018

Earlier today, Facebook announced that a bug discovered on September 25 in their View As feature compromised the authentication tokens of almost 50 million users.

The data leak is one of the biggest security breaches at Facebook to date and could have far-reaching implications for Facebook users who have used its messaging service, Messenger, to communicate sensitive information.

Techday spoke to security experts who commented on the breach.

Barracuda Networks technology evangelist Greg Annette says, “Every new breach further proves that the public needs to preserve and protect their own cloud data because the providers are not.

“Free services like Facebook are even less likely to care about user data protection, so the public must take ownership in protecting and preserving data.

Annette says, “According to recent data, 78% of account takeover incidents result in a phishing email, with the goal of infecting additional accounts, via user impersonation. In order to protect themselves, the public should implement a few baseline proactive measures, including:

  • Back up data in a controlled environment. This will allow you to recover any deleted or compromised items.
  • Use unique passwords for all services, and where appropriate, use a password manager.
  • Enable multi-factor (MFA) or two-factor authentication (2FA) for any and all cloud-based accounts. While you should take personal steps to enable MFA and 2FA, you should also demand these authentication protocols from your vendor if they’re not automatically provided.

Darktrace Asia Pacific managing director Sanjay Aurora says, “While we may never understand the attacker’s motivations, it is important to realise that incentives are endless in this new era of cyber warfare.”

“In order to bypass Facebook’s security controls without raising alarm bells, this attack would have had to be complex, sophisticated, and stealthy. Complex attacks have many moving parts that often appear as individual, subtle anomalies hiding within the noise of the network.

“Attacks like this will only continue to threaten our organizations, and we have to assume that it will only get harder and harder to detect.  

"This is where technologies rooted in AI will be paramount. AI is capable of sifting through large amounts of data and lines of code to identify these subtle patterns, and what’s more, it is intelligent enough to determine how to contain the threat as it’s emerging in real time.

“We live our lives in a maze of interconnectivity, and the more we connect, the more risk we adopt into our lives and networks.

Sophos principal research scientist Chester Wisniewski says, “In something as big and complicated as Facebook, there are bound to be bugs.

“As with any social media platform, users should assume their information may be made public, through hacking or simply through accidental oversharing. This is why sensitive information should never be shared through these platforms. For now, logging out and back in is all that is necessary.

“The truly concerned should use this as a reminder and an opportunity to review all of their security and privacy settings on Facebook and all other social media platforms they share personal information with.”

RedLock cloud security VP Matt Chiodi says, “Facebook's recent “View As” vulnerability underscores the level of persistence on the part of attackers.

“If there’s a high enough value target, they will get in sooner or later. Facebook today employs over 10,000 cybersecurity professionals. No system or application is 100% secure.

“What's most intriguing is that despite a formal bug bounty program, the vulnerability has been present in Facebook code since July of 2017. It’s hard to believe that a vulnerability of this size would persist this long undetected.”

Forcepoint chief scientist Richard Ford says, “Facebook’s fast reaction time is a sign of the growing maturity around breach response that we’re starting to see as GDPR comes into effect.

“Understanding, if there was a pattern to the impacted accounts versus just random selection, is the difference between someone trying to hack the system for fun or a coordinated nation-state attack that compromises specific users to ultimately gain access to sensitive data.

“This breach illustrates a fundamental truth of the new digital economy: when I share my personal data with a company I am putting my trust in your ability to protect that data adequately.

“Users need to continually evaluate the type of data they share and the potential impact a breach of that data could cause, to become an active participant in protecting their own online identities.

“On the other side, companies need to avail themselves of proactive technologies such as behavioural analysis to hold up their end of the bargain.”

Story image
5 ways to use data science to predict security issues - Forcepoint
Data science enables people to respond to problems in a better way, and to also understand those problems in a way that would not have been possible 50 years ago.More
Story image
Kaspersky finds red tape biggest barrier against cybersecurity initiatives
The most common obstacles that inhibit or delay the implementation of industrial cybersecurity projects include the inability to stop production (34%), and bureaucratic steps, such as a lengthy approval process (31%) and having too many decision-makers (23%). More
Story image
Exabeam and Code42 partner up to launch insider threat solution
The solution will give customers a fuller picture of their environment, and will leverage automated incident response to obstruct insider threat before data loss occurs.More
Link image
Webcast series: The necessary tools to secure a remote workforce
Experts from across the A/NZ region discuss the best security practices in a remote working world - with sessions available on the first Thursday of every month.More
Story image
Check Point acquires Odo Security to bolster remote security offering
The deal will integrate Odo’s remote access software with Check Point’s Inifinity architecture, bolstering the latter company’s remote security capabilities in a time where working and learning from home has become the norm, and looks to largely remain that way in the near future.More
Story image
CrowdStrike acquires Preempt Security for $96m, develops zero trust security offerings
With this acquisition, the company plans to offer customers enhanced Zero Trust security capabilities and strengthen the CrowdStrike Falcon platform with conditional access technology. More