The real problem behind the hacking of celebrities fan pages of Facebook accounts like Mark Zuckerberg and Sarkozy

Last Sunday night, it appeared the French premier was abandoning his plans to run for re-election in 2012, at least that’s what you could read on his Facebook page. The fact is that they weren’t Sarkozy’s words. If you looked very carefully you could see some misspelling and missing accents within the message that stated in French:  “Dear compatriots, given the exceptional circumstances our country is experiencing, I have decided in my spirit and conscience not to run for office again at the end of my mandate in 2012.” Of course the message was not his own but came from the hacker. 

But it seems that he was not the only one recently affected as we saw another strange message earlier today on Facebook CEO Mark Zuckerberg’s fan page.

 It read as follows: 

“Let the hacking begin: If facebook needs money, instead of going to the banks, why doesn’t Facebook let its users invest in Facebook in a social way? Why not transform Facebook into a ‘social business’ the way Nobel Price winner Muhammad Yunus described it? bit.ly/fs6rT3 What do you think? #hackercup2011” 

So was this Mark himself speaking? Shortly after posting, the post had over 1.800 likes and hundreds of comments. Obviously, Zuckerberg didn’t actually write it. Instead, it would appear that his fan page had been hacked. 

These accounts are probably not used by the celebrities themselves but by marketing personnel who are of course in contact with Sarkozy and Mark Zuckerberg. However not all of these personnel use strong passwords and are not particularly careful when logging in to these facebook accounts. Caution must be taken when using open Wi-Fi networks. There are publicly available tools that can easily grab those passwords if such insecure networks are used. 

The problem has always the same root cause in identifying the correct user and is actually a combination of human and ‘in-the-cloud’ issues. You can never be sure who is really who. Attackers can misuse your identity. The cloud does not really know who you (physically) are. If attackers can get access to your network, they can then communicate with the cloud. As the cloud thinks it is still communicating with a trusted source (your network), much information can be intercepted or the cloud can be fed with lots of erroneous data as in these cases. 

If Facebook had implemented other authentication possibilities the risk of this happening would be minimal. 

The good news is that Facebook is already busy addressing these authentication issues. 

However to implement this worldwide presents another challenge whereby international laws would have to be modified maybe to allow this to proceed. This will not be an easy task as this involves a cost factor that would also have to be carried by the user. 

Maybe the tools and implementations used on the internet are growing too fast for the worldwide inclusion of improved authentication methods. For these reasons we must all exert caution when using the Internet and make sure that strong passwords are used, be conscious of the fact that a public network is being used, use a good global anti-virus protection and above all use ‘common sense’! 

The real question is however: ‘Will we ever learn?’

Have a look at G Data’s Security Blog where you can also find some pictures from the problematic fan pages.