How The Twitter Hack Could Change Corporate America
ROBERTSON COUNTY TENNESSEE: On Wednesday, hackers gained access to several (high profile) Twitter user accounts (about 130 accounts by one estimate) and launched Tweets asking for money via Bitcoin. The ruse worked to the tune of about $116,000 (a small sum considering the nature of the attack) but the ruse was more surprising because of how the hackers appear to have penetrated the Twitter accounts.
The unprecedented attack will force many companies to take a hard look at their internal infrastructure and the way they share and communicate internally.
Smokey Barn News normally avoids national stories but many Robertson Countians have Twitter accounts and a sister company to Smokey Barn News (String Logic) is uniquely qualified to offer a different perspective.
String Logic deals with database mining and Intellectual Property retention (I.P. retention), something Twitter lost on Wednesday. String Logic’s clients are either looking for data or trying to shield it.
What’s unique about this most recent Twitter attack is that, reportedly, it was not an attack on individual accounts by hacking passwords. The hack seems to have been directed at corporate infrastructure or Twitter’s human capital, their employees. Once more, the way the hack was exploited suggests it may not have been directed by high-level corporate sponsors or a government entity but more likely someone dialing for dollars in their basement. The credentials they obtained could have fetched far more on the dark web.
Additionally, according to Twitter; “We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools.” If that is true, it means that user accounts can be accessed and Tweets can be published by employees of Twitter.
It’s an eye-opener for anyone storing data on any digital medium. For Twitter, it should mean a complete overhaul of their internal operations.
So what does all that mean? It means that Twitter will have to face the fact that the primary part of the hack may not have been computer-related but more a problem with the way the company communicates with itself internally. If that’s true, you might (in part) be able to blame the hack on COVID-19. With many employees working from home due to the pandemic, companies around the world are scrambling to secure all those remote locations. It means that, for a hacker, the number of ways around firewalls and into a company just got bigger.
As companies grow it also gets harder and harder to vet every single call that an employee gets. Place the right call or the right series of calls to the right people and you might just be able to gain access to a firm’s I.P. If a company has not taken steps to train their employees or commit to policies that control how information moves in and around the company internally they have the potential for a significant breach of this type.
What does this hack mean for companies? String Logic has helped many companies address these kinds of issues. It’s a wake-up call that not all hacks come through computers. Vulnerabilities in Human Capital will need to be addressed and the way companies communicate with themselves internally will need to change.
What does this mean for Twitter users? Not much. We’re all pretty much at the mercy of online companies to protect our data which we are learning may not be possible. All you can do to protect yourself and your data is to use common sense. Change passwords once in a while and never answer those social media posts asking for personal information like how old you are, your birthday, the name of your favorite teacher, or the first school you attended, otherwise your online social media presents could be a smorgasbord for a hacker, especially if you are a celebrity.
In closing, we have added Twitter’s public Tweets relating to the breach following the attack (in sequential order) but there’s probably little you can do to further protect your Twitter account from this type of breach since the attack was perpetrated at the corporate level.
Twitter 4:45 PM · Jul 15, 2020 “We are aware of a security incident impacting accounts on Twitter. We are investigating and taking steps to fix it. We will update everyone shortly.
Twitter 9:38 PM “We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools.
Twitter 9:38 PM “We know they used this access to take control of many highly-visible (including verified) accounts and Tweet on their behalf. We’re looking into what other malicious activity they may have conducted or information they may have accessed and will share more here as we have it.
Twitter 9:38 PM “Once we became aware of the incident, we immediately locked down the affected accounts and removed Tweets posted by the attackers.”
Twitter 9:38 PM “Internally, we’ve taken significant steps to limit access to internal systems and tools while our investigation is ongoing. More updates to come as our investigation continues.
Twitter 9:38 PM “We have locked accounts that were compromised and will restore access to the original account owner only when we are certain we can do so securely.
Twitter 9:38 PM “This was disruptive, but it was an important step to reduce risk. Most functionality has been restored but we may take further actions and will update you if we do.
Twitter 9:38 PM “We also limited functionality for a much larger group of accounts, like all verified accounts (even those with no evidence of being compromised), while we continue to fully investigate this.
Twitter 9:53 PM · Jul 16, 2020 “Based on what we know right now, we believe approximately 130 accounts were targeted by the attackers in some way as part of the incident. For a small subset of these accounts, the attackers were able to gain control of the accounts and then send Tweets from those accounts.
Twitter 9:53 PM “We have also been taking aggressive steps to secure our systems while our investigations are ongoing. We’re still in the process of assessing longer-term steps that we may take and will share more details as soon as we can.
Twitter 10:36 PM “We hope that our openness and transparency throughout this process, and the steps and work we will take to safeguard against other attacks in the future, will be the start of making this right.”
