600,000 hackers target Facebook every day

Social networking site Facebook has revealed that it has to fend off around 600,000 security attacks from hackers every day.

Out of more than a one billion daily logins, the site estimates that around six per cent are fraudulent, according to the Daily Telegraph.

Facebook revealed the shocking numbers in blog post announcing a series of new security measures they intend to implement in the next couple of weeks.

Company spokesman Barry Schnitt admitted: “600,000 times a day, we stop a bad guy from getting access to an account even though he has guessed, phished, or stolen the login and password of an account. This is something we're very proud of.”

Hackers use the popular site as a way in which to steal information, such as email addresses and telephone numbers, spread viruses and sell counterfeit goods.

However, some of the hacking is not done by organised bands of criminals, it’s conducted by teenagers eager to break into accounts to steal photos and other items as well as cause trouble by spreading malicious messages.

Security experts told the newspaper that the figures were a "big concern" and suggested that people should take much greater care in choosing passwords and in clicking adverts that appear to legitimately come from real Facebook friends.

“When a Facebook login is compromised, it means that someone else, the hacker, has taken control of that account," said Graham Cluley, senior technology consultant at security firm Sophos.

“When a hacker takes over a user's Facebook account, they can post images, send messages and access all of that person's private information.”

It is estimated that 30 per cent of people use the same password for all of the sites they are registered with online and this is making it increasingly easy for hacking to take place.

On top of this, many people are falling foul of ‘phishing’. This were someone logs onto what appears to be a legitimate website but in reality it only serves the purpose of providing personal details to criminals.

The social network, which is the world’s second most used site behind search engine Google, are launching a series of new security measures which it hopes will drastically the number of people trying to hijack the system.

The first measure will be called ‘Trusted Friends’ and will allow users to nominate three to five friends who will be sent login details if the person cannot access their account because a hacker has gotten in and changed their password.

A another new security measure will be a facility for setting passwords for apps, which will mean users will not have to use the same passwords to access third-party app services through Facebook.

Computerworld warned last month that Facebook’s new timeline screen, which replaced the old Status Updates feed, would be “boon for hackers”.

The facility, which Facebook CEO Mark Zuckerberg described as "the story of your life", allows people to get a real-time view of what a user is doing but researchers at UK-based security experts Sophos said that it will enable criminals to gather information easier.

Chet Wisniewski, of Sophos security, told the technology magazine: “Timeline makes it a heck of a lot easier for attackers to collect information on people. It's not that the data isn't already there on Facebook, but it's currently not in an easy-to-use format.

“Because people often use personal information to craft passwords or the security questions that some sites and services demand answered before passwords are changed, the more someone adds to Timeline, the more they put themselves at risk.”

He pointed out that former US vice-presidential candidate Sarah Palin had her personal email account hacked last year when someone worked her password out from questions she had answered online.

David Kernall, a 22-year-old student from Tennessee, bragged that it had taken him just 45 seconds to get into her account and was sentenced to one year’s imprisonment in November 2010.

And it isn’t just social networks and email accounts that come under attack by hackers. A recent study by protection providers Data Defender Ltd found that one in three businesses puts itself at risk of failure by having substandard IT security.

Posted by Steven Gaskill

Breaking news from ihotdesk, IT Security Solutions in London