Securing Facebook

Powered by SC Magazine

Put on your black hat.

To secure Facebook and its 750 million users, it helps to be a spook.

You need to think like a black hat hacker, be in a constant state of high alert and assume you're constantly being hacked.

It's a rational state of mind when you consider Facebook had become a veritable White Pages for identity theft.

And it's one that Ryan ‘Magoo’ McGeehan - the man responsible for incident response at Facebook - has maintained for five years.

McGeehan is Facebook’s chief security technical boffin. His incident response unit of 10 staff chases down spammers and hackers and is part of the company’s 300-strong security team.

“You need to know your enemy, understand the trends, and the goals [of attackers] from a threat perspective,” McGeehan said. “You need to put on your black hat.”

Spam king's reign over

Facebook was unforgiving to those that exploited its service or attacked users.

Two weeks ago, notorious spammer Sanford Wallace, aka “the spam king”, turned himself in to police after an indictment (pdf) was sought against him on 11 charges relating to electronic crime.

He was accused of using 500,000 compromised Facebook accounts to post some 27 million spam messages.

Such a finding could place Wallace in contempt of court for breaching an order not to access Facebook.

“Once you are on the radar for attacking our users, you never, ever leave,” McGeehan said.

Wallace’s face was now the latest of dozens plastered on a wall inside Facebook’s security office, under a banner that reads “scalps”.

But there was always someone else trying to break into Facebook and swindle its users.

Recently, some within the online activist group Anonymous declared war on Facebook.

It is not known what, if any, action will be taken on November 5, Guy Fawkes Day, but Facebook isn’t particularly troubled.

It's just another threat that would be handled with the same immediacy as every other hacking, spam and social engineering attack against the site, McGeehan said.

Threats had become more sophisticated and financially-motivated in the five years since McGeehan joined Facebook, but that’s not surprising, given that the site’s user base has grown from 10 million to a staggering 750 million over the same period.

”I’ve seen the evolution of threats from the primordial ooze of security, like 419 scams, fake accounts, to sophisticated threats that we are now dealing with,” McGeehan said.

Defensive armoury

In defending Facebook, McGeehan draws heavily on his volunteer work as a member of the HoneyNet Project in which he works in web-based and client-side honeynetting.

Facebook also offers bug bounties to security researchers who find vulnerabilities in Facebook’s services.

It has been deluged since revising vulnerability disclosure policies to satisfy the Electronic Frontier Foundation, and has regularly paid above the minimum payment.

Last week, one researcher bagged $5000 for a critical vulnerability and is helping Facebook to resolve the flaw.

“The bug bounties are like simulating attacks, all the time,” McGeehan said. “We have had a fantastic response.”

Copyright © SC Magazine, Australia

Securing Facebook
Top Stories
NBN to offer TV connections through fibre for greenfields
Ditching aerials to come at a cost.
Tech SWAT teams kicking down the digital door
From dam engineers in Ecuador to Sydney light-rail gurus, Cardno's global CIO Karen Wagner is linking up her widespread organisation.
AusPost board approves Fujitsu outsourcing
End user computing to be handed over to partner.
Sign up to receive iTnews email bulletins
Latest Comments
Is site blocking effective in stopping piracy?

   |   View results