I reached out to one of our contributors (Jim Libersky) to our news column “Daily Breech” to get his thoughts on the recent Facebook Cyber Hack that now touches 50 Million users accounts, another 40 Million potential accounts and an unknown number of 3rd party accounts. That is where users log on to other web sites through the use of Facebook. A good example is gaming sites. Sites such as WhatsApp and others have not been confirmed whether they have been affected.
This cyber hack really started in July 2017 but was either not uncovered or finally shared publicly in Sept. 2018. Regardless that is an extraordinary amount of time. It is also another example where cyber convenience can be used against you and become a cyber-attack. The very tools used will now have to be inspected in greater detail in order to be cyber Safe.
The Facebook cyber attack was discovered like all cyber attacks by clues. Clues based on the activity and results of hackers. The hackers discovered a series of bugs that allow them to exploit beyond what the developers intended and the outcome was gaining access.
Jim Libersky summed it up this way:
- The bugs were tied into the function in which people can see what their own profile looks like to someone else.
- The uploader generated an access token that allows you to remain logged in without having to sign in every time you visit Facebook. The browser sets the access token that keeps you logged in without having to enter credentials. The access token contained username & Password.
- When the upload did appear it triggered an access code for whoever the hacker was searching for.
- The access tokens have more power. They might be used for access into other sites. Sites such as gaming sites.
In all cyber breaches or attacks there are clues well before the actual attack. Some of the early clues could be:
- A spike in internet traffic. That traffic spike is just one of many signals that something is not going correctly.
- Early scans from people around the world
These attacks continue the common theme in which something that was designed for good use has now been compromised and used for illegal activity. The trick is how to identify the bad from the good in real time.
Are there security solutions that could have helped to prevent this attack?
Jim Libersky, CEO of Barrier1 had this to say “One of the tasks that our tool offers is to identify the good traffic from the bad with an extraordinary accuracy and speed. This is one way we can identify bad actors and put actions in place to stop it before it gets out of control. This constant monitoring still allow users to continue the uninterrupted use of the internet awhile we identify and stop the bad actors“.
Could a tool like Barrier 1 prevent such an attack? We will never know now, but it’s a good question to ask why such large companies with all of the resources available to battle cyber attacks, are still being breached at such a large scale.
It seems obvious that companies need to do a better job to stay ahead of the problems and leverage more tools and tactics. Thinking that you are good enough or that feeling of “we got this” is not going to cut it.
When the dust settles, the even bigger question is what does this hack of millions of users really mean to the Facebook users? We will see.