Nepal | August 06, 2020

Experts say Twitter breach troubling, undermines trust

Associated Press
Share Now:

HONG KONG: A breach in Twitter’s security that allowed hackers to break into the accounts of leaders and technology moguls is one of the worst attacks in recent years and may shake trust in a platform politicians and CEOs use to communicate with the public, experts said Thursday.

The ruse discovered Wednesday included bogus tweets from Barack Obama, Joe Biden, Mike Bloomberg and a number of tech billionaires including Amazon CEO Jeff Bezos, Microsoft co-founder Bill Gates and Tesla CEO Elon Musk. Celebrities Kanye West and his wife, Kim Kardashian West, were also hacked.

Hackers used social engineering to target some of Twitter’s employees and then gained access to the high-profile accounts. The attackers sent out tweets from the accounts of the public figures, offering to send $2,000 for every $1,000 sent to an anonymous Bitcoin address.

Cybersecurity experts say such a breach could have dire consequences since the attackers were tweeting from verified, globally influential accounts with millions of followers.

“If you receive a tweet from a verified account, belonging to a well-known and therefore trusted person, you can no longer assume it’s really from them,” said Michael Gazeley, managing director of cybersecurity firm Network Box.

Reacting to the breach, Twitter swiftly deleted the tweets and locked down the accounts to investigate. In the process it prevented verified users from sending out tweets for several hours.

The company said Thursday it has taken “significant steps to limit access to internal systems and tools.”

Many celebrities, politicians and business leaders often use Twitter as a public platform to make statements. U.S. President Donald Trump, for example, regularly uses Twitter to post about national and geopolitical matters, and his account is closely followed by media, analysts and governments around the world.

Twitter faces an uphill battle in regaining people’s confidence, Gazeley said. For a start, it needs to figure out exactly the accounts were hacked and show the vulnerabilities have been fixed, he said.

“If key employees at Twitter were tricked, that’s actually a serious cybersecurity problem in itself,” he said. “How can one of the world’s most used social media platforms have such weak security, from a human perspective?”

Rachel Tobac, CEO of Socialproof Security, said that the breach appeared to be largely financially motivated. But such an attack could cause more serious consequences.

“Can you imagine if they had taken over a world leader’s account, and tweeted out a threat of violence to another country’s leader?” asked Tobac, a social engineering hacker who specializes in providing training for companies to protect themselves from such breaches.

Social engineering attacks typically target human weaknesses to exploit networks and online platforms. Companies can guard themselves against such attacks by beefing up multi-factor authentication -– where users have to present multiple pieces of evidence as authentication before being allowed to log into a system, Tobac said.

Such a process could include having a physical token that an employee must have with them, on top of a password, before they can log into a corporate or other private system. Other methods include installing technical tools to monitor for suspicious insider activities and reducing the number of people who have access to an administrative panel, Tobac said.

U.S. Sen. Josh Hawley called on Twitter to co-operate with authorities including the Department of Justice and the FBI to secure the site.

“I am concerned that this event may represent not merely a coordinated set of separate hacking incidents but rather a successful attack on the security of Twitter itself,” he said.

He added that millions of users relied on Twitter not just to send tweets but also communicate privately via direct messaging.

“A successful attack on your system’s servers represents a threat to all of your users’ privacy and data security,” said Hawley.


Follow The Himalayan Times on Twitter and Facebook

Recommended Stories:

More from The Himalayan Times:

Massive blast rips through Beirut, killing 78 and injuring thousands

Highly explosive materials were stored at port, says minister Blast felt in Cyprus, more than 100 miles (160 km) away Lebanon's Red Cross chief calls it "a huge catastrophe" Israel says it had no role, ready to help Lebanon Blast rocks Lebanese port area BEIRUT: A powerful blast i Read More...

Amend laws related to children: Panel

Kathmandu, August 4 The Women and Social Welfare Committee of the House of Representatives has directed the Ministry of Women, Children and Senior Citizens to make timely amendment to the Children’s Act to bring about clarity in role and responsibility of all three tiers of the government with Read More...

China, US to review trade deal, air other grievances on Aug 15: sources

WASHINGTON: Senior US and Chinese officials will review the implementation of their Phase 1 trade deal and likely air mutual grievances in an increasingly tense relationship during an August 15 videoconference, two people familiar with the plans said. US Trade Representative Robert Lighthizer and Read More...

Kathmandu based Morang Auto Works staffers contract COVID-19

KATHMANDU, AUGUST 4 At least six employees of Morang Auto Works Enterprises tested positive for COVID-19 today. According to sources, employees who work for MAW Enterprises at its Yamaha showroom in Tripureshwor were diagnosed with the contagion today when their swab samples tested positive fo Read More...

Panchthar district

Flood damages hydropower projects, bridge

KATHMANDU, AUGUST 4 Flooded Feme rivulet, which flows through Fidim Municipality, has caused damages in multiple areas. The monsoon-rain triggered flood in the rivulet has risked the bridge over the Feme rivulet, on Fidim-Falot road. Perpetual erosion of land in the western part has rendered the Read More...

Aircrafts, Nepal Airlines Corporation, Tribhuvan International Airport, Aeroplanes

August 17 resumption of domestic flights in doubt

KATHMANDU, AUGUST 4 The initial excitement among domestic airline operators over resumption of flights after nearly a five-month hiatus has begun to dampen. With the number of COVID-19 cases rising, especially in areas bordering India which are among the busiest routes of domestic flight opera Read More...

Int’l Youth Day to be marked with several programmes

KATHMANDU, AUGUST 4 The National Youth Council has planned week-long celebrations to mark this year’s International Youth Day. Council’s Executive Vicechair Madhav Prasad Dhungel informed about this at a virtual press meet here today. Several programmes have been scheduled for a week on th Read More...

Dharan Sub-metropolis issues prohibitory order for seven days

KATHMANDU: Dharan Sub-Metropolitan City has issued a prohibitory order to be in effect starting from Wednesday midnight due to possible transmission of Covid-19 at the community level. The meeting of the sub-metropolis today decided to bring into effect the prohibitory order to prevent the spread Read More...