Facebook operator Meta removes some companies offering cyber monitoring tools from its platform
Meta, which has popular social media such as Facebook, Instagram and Whatsapp, has announced that it will remove some companies that provide cyber monitoring tools from its platform. In addition, it will take multiple actions against the surveillance industry, which provides cyber monitoring tools.
Taking Action Against the Surveillance-For-Hire Industry | Meta
Facebook bans seven'cyber mercenary' companies from its platforms | Facebook | The Guardian
https://www.theguardian.com/technology/2021/dec/16/facebook-bans-surveillance-companies-warnings-malicious-activity
NSO Group, the developer of spyware 'Pegasus' reportedly used tomonitor more than 180 journalists and 10 prime ministers, 3 presidents, and 1 king, is to monitor specific people. We have been quietly developing and selling spyware, but in 2021 we got a lot of attention from all over the world, such as being sued by Apple.
However, Meta, which has social media such as Facebook and Instagram, said, 'NSO Group is just one part of the cyber mercenary company (organization-paid, cyber-attack agency) industry. Today, as part of our efforts. We will share the findings of seven companies that have been removed from the platform as being involved in surveillance activities. We will continue to take action against other companies as soon as they are discovered. ' Announced that it has excluded companies that provide services to monitor the company from its platform.
Meta describes the employment monitoring industry as 'targeting people on the Internet, collecting a variety of information, manipulating them to obtain new information, and endangering devices and accounts. Who are the companies in the employment monitoring industry? Providing indiscriminate intrusive software tools and surveillance services to all customers, whether targeted or enabling human rights violations. The industry democratizes threats and has surveillance capabilities. We are making surveillance tools available to non-governmental and non-governmental groups, 'he said, adding skepticism to the entire surveillance industry.
In addition, Meta points out that the surveillance industry has three phases: reconnaissance, engagement, and exploitation. Some of the surveillance industry specializes in one of the three phases, while others launch cyber attacks across multiple phases.
reconnaissance:
This stage is usually the most invisible monitoring to the target audience. Cyber mercenaries on behalf of clients use software that automates data collection from across the Internet to quietly profile targets. Providers of such surveillance services collect information from all media, including blogs, social media, Wikipedia, but also news media, forums, and the dark web.
engagement:
This stage is most visible to the target and it is important to spot it to prevent breaches. Engagement is an attack that involves contacting a target or someone close to the target, building trust, extracting information, and clicking on malicious links or files.
exploitation:
People's devices by tricking people into providing credentials for sensitive accounts such as email, social media, financial services, corporate networks, creating phishing domains, and clicking malicious links. The final stage of exploitation is to endanger.
Meta says, 'It's important to confuse the entire surveillance industry as it allows for later attacks as surveillance progresses in the order of reconnaissance, engagement, and exploitation. If we can, we can stop the damage before we reach the most serious stage of endangering people's devices and accounts. '
And it's clear that the seven companies that Meta has removed from its platform have indiscriminately attacked people in more than 100 countries, providing services across any or all of the above. According to Meta, the seven companies removed this time are based in China, Israel, India and North Macedonia.
In addition, the seven companies that Meta excluded have been found to have violated multiple community standards and terms of use. Meta said, 'Given the seriousness of their breach, we decided to block it completely from our service, and to disrupt their surveillance activities, we would block it from the relevant internet infrastructure and take cease and desist measures. We issued a letter notifying you that surveillance should not exist on our platform, and to enable security researchers, other platforms, policy makers, etc. to take appropriate action. I shared the results of the survey. '
In addition, it revealed that it has sent notifications to about 50,000 users who may have been the target of malicious surveillance activities by the seven companies deleted this time.
While NSO Grouo and other surveillance tool providers claim that they 'provide services only to criminals and terrorists,' Meta says, 'Independent research, research by independent researchers, and industry. According to investigations by officials and government agencies, attacks by surveillance companies are being carried out indiscriminately, targeting journalists, dissidents, critics of authoritarian regimes, opposition families, human rights activists, etc. In fact, on platforms like ours that are often used as information gathering venues, there is no way to identify the purpose or legitimacy of targeting, so the person behind the attack or who is the target of the attack. We will focus on stopping this type of surveillance, whether or not it is. '
And we are going to strengthen cooperation with the outside to compete with the monitoring industry.
Related Posts:
in Web Service, Security, Posted by logu_ii