Facebook says it was target of sophisticated hacking

SAN FRANCISCO/LOS ANGELES Sat Feb 16, 2013 11:18am IST

1 of 2. An illustration picture shows the log-on screen for the Website Facebook on an Ipad, in Bordeaux, Southwestern France, January 30, 2013.

Credit: Reuters/Regis Duvignau/Files

Stocks

   

SAN FRANCISCO/LOS ANGELES (Reuters) - Facebook Inc (FB.O) said on Friday hackers had infiltrated some of its employees' laptops in recent weeks, making the world's No.1 social network the latest victim of a wave of cyber attacks, many of which have been traced to China.

It said none of its users' data was compromised in the attack, which occurred after a handful of employees visited a website last month that infected their machines with so-called malware, according to a post on Facebook's official blog released just before the three-day U.S. President's Day weekend.

"As soon as we discovered the presence of the malware, we remediated all infected machines, informed law enforcement, and began a significant investigation that continues to this day," Facebook said.

It was not immediately clear why Facebook waited until now to announce the incident. Facebook declined to comment on the reason or the origin of the attack.

A security expert at another company with knowledge of the matter said he was told the Facebook attack appeared to have originated in China.

The attack on Facebook, which says it has more than 1 billion members, underscores the growing threat of cyberattacks aimed at a broad variety of targets.

Twitter, the microblogging social network, said earlier this month it had been hacked and that about 250,000 user accounts were potentially compromised, with attackers gaining access to information, including user names and email addresses.

Newspaper websites, including those of The New York Times (NYT.N), The Washington Post and The Wall Street Journal, have also been infiltrated. Those attacks were attributed by the news organizations to Chinese hackers targeting coverage of China.

Earlier this week, U.S. President Barack Obama issued an executive order seeking better protection of the country's critical infrastructure from cyber attacks.

"INFILTRATED"

Facebook noted in its blog post that it was not alone in the attack, and that "others were attacked and infiltrated recently as well," although it did not specify who.

The Federal Bureau of Investigation declined to comment, while the U.S. Department of Homeland Security did not immediately return a call seeking comment.

In its blog post, Facebook described the attack as a "zero-day" attack, considered to be among the most sophisticated and dangerous types of computer hacks. Zero-day attacks, which are rarely discovered or disclosed by their targets, are costly to launch and often suggest government involvement.

While Facebook said no user data was compromised, the incident could raise consumer concerns about privacy and the vulnerability of personal information stored within the social network.

Facebook has made several privacy missteps in the past because of the way it handled user data. It settled a privacy investigation with federal regulators in 2011.

According to one person familiar with the situation, the type of information on the employee laptops that were compromised included "snippets" of Facebook source code and employee emails.

Facebook said it spotted a suspicious file and traced it back to an employee's laptop. After conducting a forensic examination of the laptop, Facebook said it identified a malicious file, then searched company-wide and identified "several other compromised employee laptops".

Another person briefed on the matter said the first Facebook employee had been infected via a website where coding strategies were discussed.

The company also said it identified a previously unseen attempt to bypass its built-in cyber defenses and that new protections were added on February 1.

Because the attack used a third-party website, it might have been an early-stage attempt to penetrate as many companies as possible.

If they followed established patterns, the attackers would learn about the people and computer networks at all the infected companies. They could then use that data in more targeted attacks to steal source code and other intellectual property.

Another fear for such a popular website is that hackers could use central controls to infect wide swathes of its user base at once.

In January 2010, Google reported it had been penetrated via a "zero-day" flaw in an older version of the Internet Explorer Web browser. The attackers were seeking source code and were also interested in Chinese dissidents. Google reduced its operations in China as a result. (Additional reporting by Alexei Oreskovic in San Francisco and Tim Reid in Los Angeles; Editing by Paul Tait)

Comments (0)
This discussion is now closed. We welcome comments on our articles for a limited period after their publication.

  • Most Popular
  • Most Shared

Fuelling Change

REUTERS SHOWCASE

NSEL Fraud

NSEL Fraud

Govt orders Financial Tech to absorb NSEL, liabilities  Full Article 

Stalemate

Stalemate

WTO prepares for crisis talks as India keeps veto on global deal.  Full Article 

Deal Talk

Deal Talk

Smartphone repair company B2X steps up expansion with Indian deal.  Full Article 

Earnings Season

Earnings Season

HDFC Bank eyes pickup in corporate credit.  Full Article 

JLR China

JLR China

JLR sees 20 percent growth in China sales this year - exec  Full Article 

Iron Ore Imports

Iron Ore Imports

JSW Steel to boost iron ore imports by up to 80 percent.  Full Article 

Pollution Levels

Pollution Levels

Delhi braces for worst air quality this Diwali week.  Full Article 

Remembering Margerie

Remembering Margerie

Total’s "Big Moustache"- bon vivant, deal-maker and risk-taker .  Full Article 

Reuters India Mobile

Reuters India Mobile

Get the latest news on the go. Visit Reuters India on your mobile device.  Full Coverage