Cyber Security News
  • Malware
  • Cybercrime
    • Breaches
  • Mobile & Wireless
  • Tech/IoT
  • Compliance & Strategy
  • Hacking

News

Facebook Builds Threat Modelling System

By

Lee Hazell+

on

March 28, 2014

Share

Tweet

Share

Share

0 comments

facebook-threat-modelling

Facebook have this week announced that they have implemented a threat modelling system to identify, gather, store and analyse threats against their platform. The tool will also assist Facebook with reacting to threats against it and staying one step ahead of the curve. The tool has been developed internally by Facebook in order to keep track of the range of threats against them including malware, phishing and other compromise methods.

Developed by the social media giants, the tool is based on a ThreatData framework that utilises threat feeds from a number of different sources. The tool then pulls in the threat data, holds and stores it securely and allows analysts in Facebook to query it to provide input to their real-time defensive capability.

Threat researchers at Facebook have said that ThreatData has also enabled Facebook to track and analyse new, emerging threats in the cyber world. The researchers announced that the tool was able to provide extensive data on trending malware samples using a specific string in an AV signature. This turned out to be a spamming campaign, making fake Facebook accounts in order to distribute mobile malware. The detected malware, named J2ME/Boxer Family, was sophisticated enough to extract user data such as address book as well as using the camera on the phone. The malware would also send SMS spam in bulk. When the tool discovered this particular piece of malware, Facebook were able to respond by interrupting the spamming campaign as well as working with industry to disrupt the botnet’s capability.

The Facebook tool pulls in feeds from a variety of sources including VirusTotal, a tool that distributed threat intelligence feeds from various sources such as open source and malware tracking sites. The tool utilises a wealth of vendor and open-source threat information to build its real time response controls. Facebook also pull in their own research to build a highly powerful threat modelling system.

Facebook research analyst Mark Hammell states that the threat modelling system has a built in automated function that allows Facebook to analyse all data together and automatically respond. For example, malicious web addresses are automatically updated into the giants blacklist, malware file hashes are automatically collected and sent on for further analysis and threat data is automatically ingested into Facebook’s event management system. The tool is a powerful, semi-automated collection of different intelligence feeds as well threat information gained from researchers inside Facebook.

Facebook require to build on their defences in the current arms race. A part of this is keeping track of all the current threats relating to malware, compromise methods, bad URL’s, phishing attempts and other risks. Organisation of this data will enable Facebook to build stronger defences and the framework they have implemented enables this.

The ThreatData tool is another move forward from the social media platform, who have been at the forefront of security research in recent years. They have paid out over 2 million dollars to researchers who find bugs and have also highly publicised their attempts to build up a secure strategy within their business. The social media giants are aiming to ingrain security to the companies culture, ensuring that every employee and developer considers security closely as part of their everyday job.

Related

Related Itemsfacebook threat modellingfacebook threat modelling threatdatafacebook threat systemthreat system facebookthreatdatathreats facebook

Share

Tweet

Share

Share

0 comments

← Previous Story Mobile Malware Mines Digital Currency
Next Story → Cisco fixes denial-of-service vulnerabilities in IOS

About Lee Hazell

Lee Hazell is a cyber security consultant with a keen interest in anything tech or security related. Follow Lee on Google+.

Leave a Reply

Cancel reply

Your email address will not be published. Required fields are marked *

  • Contact Us
  • Home
  • Job Dashboard
  • Jobs
  • Submit Job
Cyber Security News

Latest cyber security news from the UK and around the globe. Covering data breaches, cybercrime, mobile and wireless security, hacking, IoT and cyber attacks. We also keep you informed on risk, compliance and data security strategy issues. Helping you stay informed on cyber security to reduce your risk of cyber attacks, and build effective shields against unauthorised exploitation of networks, systems and technologies.

Copyright © 2018 Cybersecurity News, a division of Business Data International Ltd

Cyber Security Newsfeed

Enter your email address here to receive daily cyber security newsfeeds direct to your inbox!

Privacy & Cookies: This site uses cookies. By continuing to use this website, you agree to their use.
To find out more, including how to control cookies, see here: Cookie Policy

Click below to consent to the use of the cookie technology provided by vi (video intelligence AG) to personalize content and advertising. For more info please access vi's website.

Show purposesShow vendors
Privacy settings