Last Friday, Facebook has revealed its internal computer network had been targeted in a “sophisticated attack”, though they claim no data about its more than one billion active users was compromised.
“It took place in January when a small number of employees visited an infected website that installed malware on their machines” the company said in a blog post posted on Friday afternoon, this compromised website downloaded malware or other malicious software onto their laptops. The company did not publish the name of the developer whose website brought about the attack. Facebook discovered that it has been the target of a series of attacks by an unidentified group of hackers, but no evidence has been found that our data was compromised.
They also stated that as soon as they realized the presence of the malware, they remediated all infected machines, informed law enforcement, and started to share details about this infiltration with other major companies that were affected too. A significant investigation had begun on this incident.
There is a supposition that the breaches were made by hackers working for the Chinese government, but neither Facebook nor Twitter acknowledge it.
Other social networks such as Twitter admitted to be attacked and infiltrated as well. Unlike its great competitor, Facebook said it has found no evidence that any data was compromised. Twitter evidenced that hackers gained access to private information including user names, encrypted passwords and e-mail addresses for as many as 250,000 users.
Facebook promised to do everything to prevent similar actions in the future and also said that its engineers along with outside security experts will try to collect all information about the attack. Even though, laptops used by the employees were running up-to-date antivirus software, Facebook said it had been penetrated via a “zero-day” flaw or a piece of malicious software which have never been used before, that is why regular security tools were unable to stop it.
Facebook said it associates the malware to Oracle, as the site responsible for its incident have exploited vulnerabilities in the programming language Java, which makes the Java software possible way that the hackers were able to go around to infect the employees' laptops.
Many security experts and the Department of Homeland Security have recommended users to turn off Java on their computers in order to avoid getting hacked. If you cannot do it, download the latest updates, which include key security patches.
This incident could make people more concern about privacy and the vulnerability of personal information stored within the social network.
What bad things can happen if our data falls in the wrong hands? While more and more data is going digital a number of people recites the benefits, but digital data also creates new risks and burdens. Let’s imagine they stole our data from Facebook, then they could easily hack into our emails and find out more information, thus putting companies at risk of a security breach. They could then use that data in more sophisticated attacks to steal source code and other intellectual property. Suppose a company loses financial or medical information about a customer? Losing control of such personal data can have deleterious consequences not only for finances but also for our psychological wellbeing. Cybercriminals could carefully examine the information we've uploaded to sell better targeted adverts. It would probably cause the avalanche of adverts on our email accounts. The trouble is, that information about all of us is a commercial gold for media, so hackers would use our data to guess email passwords and read personal email in order to find out more information about our preferences.
If you lost an email address then you may not consider that to be a big problem, but what in case the data included your National Insurance number and bank account number or other sensitive information? The concept of privacy underwent a radical transformation which means we no longer live our lives in private, we live our lives in public. We sometimes even do not know who has our private information, and what they are using it for, as Mark Zuckerberg said, “The age of privacy is over.” Attacks on computers and phone systems are coming from anywhere in the world at any time. Should we be prepared to lose our identity?