50,000 Facebook users may have been targeted by private surveillance

Nearly 50,000 Facebook users in 100 countries may have been targeted by "surveillance-for-hire" companies, parent company Meta said Thursday.

Driving the news: Meta director of threat disruption David Agranovich and head of cyber espionage Mike Dyvilyanski shared a blog post detailing a months long investigation in "cyber mercenaries" engaging in "surveillance-for-hire."

• Agranovich and Dyvilyanski wrote that Meta disabled seven entities, based in China, Israel, India and North Macedonia, which were found to have targeted people on the internet on behalf of governments or private clients. The entities were banned from Meta services entirely.
• According to the blog post, targets of the surveillance efforts included "journalists, dissidents, critics of authoritarian regimes, families of opposition and human rights activists."
• Meta says it shared findings about the attempted attacks with security researchers, alerted the potential victims and issued cease-and-desist warnings to the attackers.
• A detailed report of the investigation says that about 1,500 Facebook and Instagram accounts were linked to the seven entities' surveillance efforts and removed.

Why it matters: Meta's actions follow the growing trend of tech companies having to disrupt cyber attack attempts on their platforms, as online surveillance gets more sophisticated.

• Meta sued Israeli spyware firm NSO Group over WhatsApp malware in 2019. Thursday's report argues that NSO is just one part of a "much broader global cyber mercenary ecosystem."

What they're saying: "Cyber mercenaries" may argue their work is focused on criminals and terrorists, but their tactics are used on many types of people, the two authors wrote.

• "In fact, for platforms like ours, there is no scalable way to discern the purpose or legitimacy of such targeting. This is why we focus on enforcing against this behavior, regardless of who’s behind it or who the target might be."