The hard truth about cyber security is that regardless of how up-to-date you think your system is, hackers and other ne'er-do-wells are usually a step ahead. This can happen to anyone, from the unassuming college student to one of the largest companies in the world.
Facebook is currently investigating a massive data security breach when malware was discovered on the laptops of several of its employees. The malicious software was introduced into the social network's system when the employees in question visited a mobile developer website that was already compromised. The workers' laptops were fully patched and running updated antivirus software at the time.
"The compromised website hosted an exploit, which then allowed malware to be installed on these employee laptops," company officials said in a recent CRN article. "As soon as we discovered the presence of the malware, we remediated all infected machines, informed law enforcement, and began a significant investigation that continues to this day."
So far there is no evidence that any of Facebook's user information was compromised and the attackers seemed to be targeting specific individuals as part of surveillance activities. The company's internal engineering and security teams are working with law enforcement to learn about the breach and help prevent them in the future.
This is just another example of a high profile infiltration in recent weeks. Facebook now joins Twitter, The New York Times and The Wall Street Journal as companies that have publicly announced they have been the victim of an attack.
Cyber security is a top concern for any IT Principal. It cannot be handled in a "set it and forget it" mentality. These attacks are always evolving and IT decision-makers need to have reliable resources at their disposal to counter any security threat that could be coming down the IT Channel.