Alex Stamos spent three years as Facebook’s chief security officer, and it was during that time his team discovered Russia’s use of the platform to influence the 2016 presidential election.
He knows better than anyone that bad actors are launching constant cyberattacks and disinformation campaigns aimed at the big tech companies. But sometimes, he explains, the attempts to infiltrate Silicon Valley are a bit more old school…
I expect that every major US tech company has at least several people that have been turned…
Laurie Segall: Have you guys ever worried about spies inside Facebook?
Alex Stamos: Yes, absolutely. That was definitely a concern. It continues to be a major concern in Silicon Valley.
Laurie Segall: Increasingly so, or just always?
Alex Stamos: I mean, certainly it was my concern for my entire time, and we did a lot of workaround, kind of internal security… I think it’s increasing.
…We don’t put people through lie detector tests. We don’t have single-scope background investigations or lifestyle [polygraph tests]. All the things that, in the US government are used to prevent spies, and still they have spies. So if the NSA can’t keep them out…then certainly the tech companies can’t. And the best example of this that’s come up happened at Twitter. Now it was fascinating. The country that got caught was the Kingdom of Saudi Arabia. So the Saudis were paying off Twitter employees to spy on people, but I expect that every major US tech company has at least several people that have been turned by at least China, maybe Russia, probably Israel, and a couple other US allies.
Laurie Segall: Did you ever uncover anybody that had been turned?
Alex Stamos: I’m not gonna comment on that. It’s certainly an area in which we did a lot of work and investigation.
Laurie Segall: Can you comment a little bit?
Alex Stamos: What I’ll say is, there’s a lot of weird things that happen inside of the companies and it’s very difficult for them to figure out why it did happen. If that makes sense.
Laurie Segall: So maybe there wasn’t like a solid yes, but there definitely wasn’t a solid no. So there was-
Alex Stamos: Yeah. That would be reasonable.
Laurie Segall: Suspicious activity that you uncovered in your time-
Alex Stamos: Yeah.
Laurie Segall: -at Facebook.
Alex Stamos: Right. At the companies, you have to design your internal systems to detect that.