From Ars Technica’s fascinating write-up of FaceBook’s security dry run.
“Internet security is so flawed,” Facebook Chief Security Officer Joe Sullivan told Ars. “I hate to say it, but it seems everyone is in this constant losing battle if you read the headlines. We don’t want to be part of those bad headlines.”
That was October 31st 2012.
Last month, Facebook Security discovered that our systems had been targeted in a sophisticated attack. This attack occurred when a handful of employees visited a mobile developer website that was compromised. The compromised website hosted an exploit which then allowed malware to be installed on these employee laptops. The laptops were fully-patched and running up-to-date anti-virus software. As soon as we discovered the presence of the malware, we remediated all infected machines, informed law enforcement, and began a significant investigation that continues to this day.
Let’s never complain of drills again. Read the whole Ars piece, it was fascinating the lengths FaceBook and the FBI went to in order to make the drill as realistic as possible. Barely four months later, we find out why.