Securing Facebook

Powered by SC Magazine

Put on your black hat.

To secure Facebook and its 750 million users, it helps to be a spook.

You need to think like a black hat hacker, be in a constant state of high alert and assume you're constantly being hacked.

It's a rational state of mind when you consider Facebook had become a veritable White Pages for identity theft.

And it's one that Ryan ‘Magoo’ McGeehan - the man responsible for incident response at Facebook - has maintained for five years.

McGeehan is Facebook’s chief security technical boffin. His incident response unit of 10 staff chases down spammers and hackers and is part of the company’s 300-strong security team.

“You need to know your enemy, understand the trends, and the goals [of attackers] from a threat perspective,” McGeehan said. “You need to put on your black hat.”

Spam king's reign over

Facebook was unforgiving to those that exploited its service or attacked users.

Two weeks ago, notorious spammer Sanford Wallace, aka “the spam king”, turned himself in to police after an indictment (pdf) was sought against him on 11 charges relating to electronic crime.

He was accused of using 500,000 compromised Facebook accounts to post some 27 million spam messages.

Such a finding could place Wallace in contempt of court for breaching an order not to access Facebook.

“Once you are on the radar for attacking our users, you never, ever leave,” McGeehan said.

Wallace’s face was now the latest of dozens plastered on a wall inside Facebook’s security office, under a banner that reads “scalps”.

But there was always someone else trying to break into Facebook and swindle its users.

Recently, some within the online activist group Anonymous declared war on Facebook.

It is not known what, if any, action will be taken on November 5, Guy Fawkes Day, but Facebook isn’t particularly troubled.

It's just another threat that would be handled with the same immediacy as every other hacking, spam and social engineering attack against the site, McGeehan said.

Threats had become more sophisticated and financially-motivated in the five years since McGeehan joined Facebook, but that’s not surprising, given that the site’s user base has grown from 10 million to a staggering 750 million over the same period.

”I’ve seen the evolution of threats from the primordial ooze of security, like 419 scams, fake accounts, to sophisticated threats that we are now dealing with,” McGeehan said.

Defensive armoury

In defending Facebook, McGeehan draws heavily on his volunteer work as a member of the HoneyNet Project in which he works in web-based and client-side honeynetting.

Facebook also offers bug bounties to security researchers who find vulnerabilities in Facebook’s services.

It has been deluged since revising vulnerability disclosure policies to satisfy the Electronic Frontier Foundation, and has regularly paid above the minimum payment.

Last week, one researcher bagged $5000 for a critical vulnerability and is helping Facebook to resolve the flaw.

“The bug bounties are like simulating attacks, all the time,” McGeehan said. “We have had a fantastic response.”

Copyright © SC Magazine, Australia

Securing Facebook
Top Stories
Content, cost & constant innovation: How Foxtel plans to take on Netflix
Nell Payne inhabits the “brave new world of blue strings and networking”. Just don't ask her to put a TV screen on your microwave.
Sending in the drones
Margins are getting tighter in the industrial services industry, so Transfield Services' Stephen Phillips looks offshore - and to the skies - for the solutions he needs to keep pace.
Westpac fires starting pistol on core banking upgrade
St George readies itself for move to Celeriti.
Sign up to receive iTnews email bulletins
Latest Comments
Should Optus make a bid for iiNet?

   |   View results