In a move to beef up its security and improve the integrity of its social networking platform, Facebook Inc. is partnering with security giant McAfee Inc. to offer a free antivirus trial to users and improve its account remediation processes with a free tool and security education material.
Facebook is rolling out the news to all of its users in a series of advertisements on the site, linking to a six-month trial download of McAfee's Internet Security Suite. In addition, McAfee has developed a light-weight PC scanning and malware removal tool that will be made available to owners of hijacked accounts during the account remediation process. McAfee will also help manage a security education campaign in a variety of posts on Facebook, highlighting ongoing threats and ways users can protect themselves.
Under growing pressure to protect its user base of more than 300 million active account users from phishing, malware and other cyberattacks, Facebook said it found a security firm capable of developing a security strategy to protect user machines and educate them on the latest threat vectors.
Social networking security:
Facebook attacks prompt investments in social networking security: Social networks are opening their wallets in a big way to bolster security teams and install new security technologies to combat attacks.
Five security industry themes to watch in 2010: All signs point to payment industry security improvements, tighter security in social networks and some new attack vectors for savvy cybercriminals.
Trust eroding as social engineering attacks climb in 2009, says Kaspersky expert: Kaspersky Lab researchers have tracked more than 25,000 malware samples spreading through social networks in 2009.
"One thing we haven't been able to control is the security of people's computers," said Barry Schnitt, director of corporate communications and public policy at Facebook. "The level of responsibility we're taking to protect and remediate our users is unique, and the security benefits extend beyond Facebook."
Schnitt said users that download the McAfee software will be given a discount, subsidized by Facebook, after the six-month trial period.
Security experts have warned that social network attacks will continue to rise as users interweave nearly their entire lives in some of the networks, uploading content-rich data that could be used in social engineering attacks. Facebook has fended off social networking worms such as Koobface, and has implemented measures to guard against brute force password attacks.
But compromised accounts placed in remediation in 2009, which Facebook said is less than 1% of its user base, were targeted by phishing campaigns and malware outside of the Facebook platform, Schnitt said. By offering antivirus, the social network hopes to get a majority of account holders to use up-to-date antivirus on their own machines and become more aware of frequent attacks targeting their account credentials.
In addition, the social network continued to develop proprietary software to scan user accounts and alert when anomalies are detected. Jake Brill, a project manager on Facebook's site integrity team, said the company uses both in-house and open source software to monitor accounts and applications for suspicious activity.
While the scanning process is largely automated, Brill said there is a level of human involvement to feed data into the automated systems.
"We look for the presence of people actively logging onto accounts and spamming all the friends associated with the accounts," Brill said. "We look for activity that doesn't match how accounts are typically used."
Security expert Rafel Ivgi, vice president of technologies at Israeli penetration testing firm Citadel Technologies LTD, said Facebook's move to put a public face on its security practices helps it maintain a feeling of trust and safety among its user base.
"They are letting the users feel safe while they are in the social network, which every day becomes a larger part of their lives," Ivgi said. "That feeling of safety is symbolic to that they are in control of their lives."
Facebook pages are built using dynamic PHP scripting language and are exposed to threats just as any other PHP website running on Apache, Ivgi said.
"There are many precautions that can be taken, such as using only stored procedures when working with the database and denying use of dynamic SQL in such a manner that absolutely denies the possibility of the application being vulnerable to SQL injection," Ivgi said.
Ivgi said extreme traffic loads make it almost impossible to pass traffic through an inspection firewall or security system and efficiently analyze traffic for ongoing attacks.
"The traffic loads are so high that even an out-of-band IPS … simply can't inspect such an enormous amount of traffic," he said. "So in contrast to a normal website, which can use an IPS or Web application firewall, those large social networks simply can't."