Facebook owner Meta takes action against cyber threats in some countries

Report shows dangerous internet landscape where malicious groups and individuals use social media for illicit and legally dubious purposes

Malicious internet users are becoming harder to locate and shut down. Bloomberg
Powered by automated translation

Meta Platforms, which controls the world's biggest social networking site Facebook, took action to remove accounts that violated its policies in an effort to prevent the spread of cyber threats, its new report showed.

In its first quarterly Adversarial Threat Report, Meta analysts wrote about the risks of co-ordinated inauthentic behaviour, online espionage, mass reporting and other emerging problems from some countries.

It is expanding the scope of its action to deal with an increasingly dangerous internet landscape and the use of social media networks by individuals and groups in pursuit of illicit activities.

Meta's public security reporting began more than four years ago, when it shared findings regarding co-ordinated inauthentic behaviour by the Russian Internet Research Agency.

“Since then, global threats have significantly evolved, and we have expanded our ability to respond to a wider range of adversarial behaviour,” analysts wrote.

“To provide a more comprehensive view into the risks we see, we’re expanding our regular reporting … all in one place, as part of the quarterly reporting we’re testing.”

So-called “bad actors” on the internet have grown in numbers and scope, forcing companies and individuals to be very cautious about the content they engage with.

Overall, such criminal activities were projected to inflict damages worth about $6 trillion globally in 2021, according to a study by research company Cybersecurity Ventures.

If that were to be measured as a country, it would be the world's third-largest economy behind the US and China.

By 2025, illicit activity is expected to cost the world about $10.5tn, up 250 per cent from 2015's $3tn, it said.

Meanwhile, global spending on IT security and risk management was estimated to have increased 12.4 per cent to $150.4 billion in 2021, and is expected to grow in the high single digits through 2024, according to research firm Gartner.

Ukraine spammers

Meta said it has been on high alert during Russia's offensive in Ukraine to detect and disrupt threats and platform abuse, including attempts by removed networks to return.

It said that since the war began, tens of thousands of accounts, pages and groups have been removed — a tricky task given the magnitude of the crisis.

“As is typical for major world events and critical societal issues, we’re seeing scammers around the world turn to the war in Ukraine to amass an audience and monetise everyone’s attention to this humanitarian crisis,” Meta said.

Notably, spammers have used tactics such as live-gaming videos and reposting popular content from Ukraine as a way to pose as sharing live updates.

Some resorted to switching to different names repeatedly to trick people into following them so they can make money by either driving people to off-platform advertisement-filled websites or selling them merchandise.

Meta said in the report that it removed three espionage networks — which typically dupe people to collect intelligence, manipulate them into revealing information and compromise their devices and accounts — from Iran and Azerbaijan.

It took action against the hacker group from Iran known as UNC788, which is also engaged in phishing and malware and has victims from the Middle East, the US and among journalists.

Meta also tried to stop a hacking group, also from Iran, that targeted or spoofed companies in the energy, information technology, maritime, telecoms and semiconductor industries across continents.

We focus on behaviour rather than content — no matter who’s behind them, what they post, or whether they’re foreign or domestic
Meta Platforms' Adversarial Threat Report

In Azerbaijan, Meta stopped an operation from one network that combined tools such as phishing, social engineering and hacking. It primarily focused on news websites and social networks, including Facebook, Twitter, LinkedIn and YouTube, Russia's VK and OK social platforms.

In the Philippines, Meta removed a network of more than 400 accounts, pages and groups that worked together to violate policies against co-ordinated harm, bullying and harassment, hate speech, misinformation, and incitement to violence, and evade enforcement.

This network also offered cyber security services to protect websites from attacks, similar to the ones they themselves claimed to have perpetrated. They also claimed credit for bringing websites down and defacing them, primarily those of news entities.

In Brazil, Costa Rica, El Salvador, Russia and Ukraine, Meta monitored and took action and removed four networks and hundreds of accounts for co-ordinated inauthentic behaviour, which is, according to Meta, an action to manipulate public debate for a goal where fake accounts are central to the operation.

In Brazil, 14 Facebook accounts, nine pages and 39 Instagram accounts were removed, while in Costa Rica and El Salvador, 233 Facebook accounts, 84 pages, two groups and 27 Instagram accounts were taken down.

In Russia and Ukraine, Meta removed 27 Facebook accounts, two pages, three groups and four Instagram accounts.

Meta said that when investigating and removing these operations, “we focus on behaviour rather than content — no matter who’s behind them, what they post, or whether they’re foreign or domestic".

Updated: April 10, 2022, 5:30 AM