On Wednesday, a hacker accessed 130 prominent Twitter accounts including that of Joe Biden, Mike Bloomberg, Jeff Bezos, Warren Buffett, Bill Gates, Kim Kardashian, Kanye West and the most followed Twitter account on the planet – Barack Obama – to promote a bitcoin scam. This force Twitter to shut down verified Twitter users’ accounts for several hours.
The hacker received approximately $120,000 from 358 transactions.
Twitter attributed the attack to a social engineering attack targetting Twitter employees with access to its internal systems and tools. Motherboard, however, is reporting that hackers paid a Twitter employee to assist with the attack, proving that the weak point in cybersecurity is often personnel.
An NBC News report offered these insights:
- Mikko Hyppönen, the chief research officer at the Finnish cybersecurity company F-Secure explained, “Humans and their behavior continue to be the biggest threat for organizations”; and
- Michael Hamilton, Seattle’s former Chief Information Security Officer, explained that during the recession that followed the financial crisis, employees were more likely to entertain offers from hackers. “When the macroeconomics get to be real bad . . . people have a higher tendency to go to the dark side.”
Twitter has shown that it is vulnerable in this area, as last year the Justice Department charged two former Twitter employees with providing user data to Saudi Arabia.
The FBI has indicated it is launching an investigation into the incident. New York Governor Andrew Cuomo has directed his state to launch an investigation and other states’ Attorneys General may get involved. There is also the possibility this could trigger a Federal Trade Commission investigation for Twitter since it is subject to a 2011 consent decree based on a prior investigation that found Twitter had not properly trained administrators on password security.
Twitter can also expect to spend a lot of time on Capitol Hill where this incident has triggered great concern, as multiple committees are calling for an investigation or briefing by Twitter. Senator Ron Wyden (D-OR), noted that he had raised concerns over the security of Twitter’s direct message system in 2018 and CEO Jack Dorsey promised him that he would implement end-to-end encryption on the messages. An irate Wyden noted:
Twitter DMs are still not encrypted, leaving them vulnerable to employees who abuse their internal access to the company’s systems, and hackers who gain unauthorized access. While it still isn’t clear if the hackers behind yesterday’s incident gained access to Twitter direct messages, this is a vulnerability that has lasted for far too long, and one that is not present in other, competing platforms If hackers gained access to users’ DMs, this breach could have a breathtaking impact, for years to come.
Rep. Jim Langevin (D-RI) saw this as highlighting the need for his legislation (which has bi-partisan support) to reestablish a national cyber director at the White House to help coordinate federal cybersecurity activity.
Concerns About Election Mayhem
Several commentators expressed concern this could be a test run for disruption in the days leading up to our election or using it to take over a public official’s account during armed conflict.
Senator Mark Warner (D-VA), who is Vice-Chair of the Senate Intelligence Committee, noted that the hack revealed “a worrisome vulnerability in this media environment — exploitable not just for scams, but for more impactful efforts to cause confusion, havoc, and political mischief.”
John Hultquist, FireEye’s senior director of intelligence analysis explained that he was “very concerned about the possibility of real foreign actors hijacking legitimate sources of information — key media accounts for instance — and using that to push out disinformation” close to Election Day. By the time we unwind everything to figure out what happened, it could be too late. That’s a very real scenario.”
Laura Rosenberger, a past guest on Cyber Law & Business Report who directs the Alliance for Securing Democracy project at the German Marshall Fund, noted, “What hasn’t changed is our failure to think ahead. Our adversaries have an ability to turn this infrastructure, which we have created, against us, and we need to be better at anticipating the threat vectors.”
The Secretary of State in Ohio and California have confirmed that they are working on scenarios to address potential disinformation campaigns immediately prior to the election.