UPDATED 22:01 EST / DECEMBER 16 2021

SECURITY

Meta bans spying firms who targeted 50,000 users

Meta Platforms Inc. announced today that it has banned seven surveillance companies from its platforms for possibly targeting about 50,000 users.

In a report, Meta said those 50,000 users will soon receive warnings that surveillance-for-hire companies may have focused their “malicious activities” on them. These companies, Meta said, often create fake accounts and scrape information from targets, some of whom are journalists and activists.

“The global surveillance-for-hire industry targets people to collect intelligence, manipulate and compromise their devices and accounts across the internet,” said Meta. “While these ‘cyber mercenaries’ often claim that their services only target criminals and terrorists, our months-long investigation concluded that targeting is in fact indiscriminate and includes journalists, dissidents, critics of authoritarian regimes, families of opposition, and human rights activists.”

The investigation revealed that the platforms include Facebook, Instagram and WhatsApp, and the users who were targets of the companies lived in as many as 100 countries. “The surveillance industry is much bigger than just one company, and it’s much bigger than just malware-for-hire,” said Nathaniel Gleicher, head of security policy for Meta.

Meta said there are usually three kinds of attacks when people are targeted. The first one is “reconnaissance,” when a person is chosen by an entity and the cyber mercenary collects as much information as possible on that person — often hard-to-find personal data.

The second is “engagement,” which involves trying to befriend the person on social media after creating a fake identity. The third is “exploitation,” when hacking methods such as phishing are used to collect data from the victim. Meta said some companies specialize in all these methods, while others concentrate their efforts on one line of attack.

Meta named seven of the companies, listing one only as an “unknown” entity based in China. The six companies mentioned were Cobwebs Technologies, Cognyte, BellTroX, Cytrox, Black Cube and Bluehawk CI. They hail from Israel, China, India and North Macedonia.

“We will continue to investigate and enforce against anyone abusing our apps,” Meta said. “However, these cyber mercenaries work across many platforms and national boundaries. Their capabilities are used by both nation-states and private enterprises and effectively lower the barrier to entry for anyone willing to pay. For their targets, it is often impossible to know they are being surveilled across the internet.”

Photo: Dima Solomin/Unsplash

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU