After seeing that the FTC fined Twitter thousands of dollars because it “failed to prevent unauthorized administrative control of its system,” Facebook decided to test it’s own security.
Facebook employees were prompted to do everything they could to gain access to test subject Pedram Keyani’s Facebook account. Keyani is a senior engineer at the company who is responsible for Facebook’s site reliability engineering.
Pedram Keyani’s account was successfully broken into, but not through conventional hacking methods. The hackers had to resort to camping outside of Keyani’s home for weeks in an attempt to hack his home WiFi network. After gaining access to the WiFi network, the Facebook “hackers for hire” were able to gather his login information, which they used to access his account. Once in his Facebook account, the hackers could do whatever they wanted with his personal account, but were unable to infiltrate Facebook’s administrative and corporate systems.
The test successfully showed that even though the engineer’s account was hacked, Facebook’s overall security was not very vulnerable. It also exposed a the weakness of WiFi networks.
What this means for a regular Internet user is that unless you have an army of hacker specifically targeting you and camping out in your backyard, there is a relatively small chance that your login information can stolen if you surf the web in a smart way and be on the lookout for phishing pages. But just to be safe, you should always use antivirus and antispyware software, and remember to periodically change your passwords.