Hackers used social engineering to target some of Twitter’s employees and then gained access to the high-profile accounts, in a July 16, 2020 story. (Photo by THE ASSOCIATED PRESS)

Experts say Twitter breach troubling, undermines trust

Twitter swiftly locked down accounts to investigate

HONG KONG — A breach in Twitter’s security that allowed hackers to break into the accounts of leaders and technology moguls is one of the worst attacks in recent years and may shake trust in a platform politicians and CEOs use to communicate with the public, experts said Thursday.

The ruse discovered Wednesday included bogus tweets from Barack Obama, Joe Biden, Mike Bloomberg and a number of tech billionaires including Amazon CEO Jeff Bezos, Microsoft co-founder Bill Gates and Tesla CEO Elon Musk. Celebrities Kanye West and his wife, Kim Kardashian West, were also hacked.

Hackers used social engineering to target some of Twitter’s employees and then gained access to the high-profile accounts. The attackers sent out tweets from the accounts of the public figures, offering to send $2,000 for every $1,000 sent to an anonymous Bitcoin address.

Cybersecurity experts say such a breach could have dire consequences since the attackers were tweeting from verified, globally influential accounts with millions of followers.

“If you receive a tweet from a verified account, belonging to a well-known and therefore trusted person, you can no longer assume it’s really from them,” said Michael Gazeley, managing director of cybersecurity firm Network Box.

Reacting to the breach, Twitter swiftly deleted the tweets and locked down the accounts to investigate. In the process it prevented verified users from sending out tweets for several hours.

The company said Thursday it has taken “significant steps to limit access to internal systems and tools.”

Many celebrities, politicians and business leaders often use Twitter as a public platform to make statements. U.S. President Donald Trump, for example, regularly uses Twitter to post about national and geopolitical matters, and his account is closely followed by media, analysts and governments around the world.

Twitter faces an uphill battle in regaining people’s confidence, Gazeley said. For a start, it needs to figure out exactly the accounts were hacked and show the vulnerabilities have been fixed, he said.

“If key employees at Twitter were tricked, that’s actually a serious cybersecurity problem in itself,” he said. “How can one of the world’s most used social media platforms have such weak security, from a human perspective?”

Rachel Tobac, CEO of Socialproof Security, said that the breach appeared to be largely financially motivated. But such an attack could cause more serious consequences.

“Can you imagine if they had taken over a world leader’s account, and tweeted out a threat of violence to another country’s leader?” asked Tobac, a social engineering hacker who specializes in providing training for companies to protect themselves from such breaches.

Social engineering attacks typically target human weaknesses to exploit networks and online platforms. Companies can guard themselves against such attacks by beefing up multi-factor authentication -– where users have to present multiple pieces of evidence as authentication before being allowed to log into a system, Tobac said.

Such a process could include having a physical token that an employee must have with them, on top of a password, before they can log into a corporate or other private system. Other methods include installing technical tools to monitor for suspicious insider activities and reducing the number of people who have access to an administrative panel, Tobac said.

U.S. Sen. Josh Hawley called on Twitter to co-operate with authorities including the Department of Justice and the FBI to secure the site.

“I am concerned that this event may represent not merely a co-ordinated set of separate hacking incidents but rather a successful attack on the security of Twitter itself,” he said.

He added that millions of users relied on Twitter not just to send tweets but also communicate privately via direct messaging.

“A successful attack on your system’s servers represents a threat to all of your users’ privacy and data security,” said Hawley.

By The Associated Press

Business

Get local stories you won't find anywhere else right to your inbox.
Sign up here

Just Posted

Alberta children whose only symptom of COVID-19 is a runny nose or a sore throat will no longer require mandatory isolation, starting Monday.
477 new COVID-19 cases confirmed in Alberta on Thursday

Changes being made to the COVID-19 symptom list for school-age children

Three young Sylvan Lake residents are asking for lights to be added to the walking trail system to make them safer and less scary at night. Photo by @workinonmyfitness72
Young Sylvan Lake residents ask for lights to be added to walking trails

Three young Sylvan Lake residents appeared before Council recently to present their ask

Agriculture Minister Devin Dreeshen (Alberta government photo)
Town of Sylvan Lake recieves funding to help with COVID-19 related revenue losses

Minister Devin Dreeshen says the funding will help the Town pay staff and provide services

There were 410 COVID-19 cases recorded in Alberta Wednesday. (File photo by The Associated Press)
Alberta records 410 new COVID-19 cases Wednesday

Central zone dropped to 160 active cases

Shaun Isaac, owner of Woodchucker Firewood in Trochu, is awaiting a new shipment during a firewood shortage in the province. All of the wood he has left is being saved for long-time customers who need it to heat their homes. (Contributed photo).
Firewood shortage in central Alberta caused by rising demand, gaps in supply

‘I’ve said “No” to more people than ever’: firewood seller

Royal Alexandra Hospital front-line workers walk a picket line after walking off the job in a wildcat strike in Edmonton, on Monday, October 26, 2020. THE CANADIAN PRESS/Jason Franson
Alberta labour board orders health-care staff who walked off the job to go back to work

Finance Minister Travis Toews said in a news release that he was pleased with the labour board’s decision

Pilots Ilona Carter and Jim Gray of iRecover Treatment Centres, in front of his company’s aircraft, based at Ponoka’s airport. (Perry Wilson/Submitted)
95-year-old Ilona Carter flies again

Takes to the skies over Ponoka

Children’s backpacks and shoes are seen at a daycare in Langley, B.C., on Tuesday May 29, 2018. Alberta Children’s Services Minister Rebecca Schulz says the province plans to bring in a new way of licensing and monitoring child-care facilities. THE CANADIAN PRESS/Darryl Dyck
Alberta proposes legislation to change rules on child-care spaces

Record-keeping, traditionally done on paper, would be allowed digitally

Prime Minister Justin Trudeau shakes hands with US Vice-President Joe Biden on Parliament Hill in Ottawa on Friday, December 9, 2016. THE CANADIAN PRESS/ Patrick Doyle
A Biden presidency could mean good news for Canadian environment policy: observers

Experts and observers say even a U.S. outside the Paris agreement may ultimately end up in the same place

People take a photo together during the opening night of Christmas Lights Across Canada, in Ottawa, on Wednesday, Dec. 4, 2019. The likelihood that most Canadians will enjoy a holly jolly Christmas season of gatherings, caroling and travel is unlikely, say public health experts who encourage those who revel in holiday traditions to accept more sacrifices ahead. THE CANADIAN PRESS/Justin Tang
Ho, ho, no: Experts advise preparing for a scaled-back COVID holiday season

Many of the holiday season’s highlights have already been scrapped or are unlikely to take place

Sen. Kim Pate is shown in Toronto in an October 15, 2013, file photo. The parliamentary budget office says a proposed law that would give judges discretion on whether to apply a lesser sentence for murder could save the federal government $8.3 million per year. THE CANADIAN PRESS/Colin Perkel
Judicial discretion for mandatory minimum sentences for murder would save $8.3M: PBO

The result would be fewer people in long-term custody at federal correctional institutions, experts say

Husky Energy logo is shown at the company’s annual meeting in Calgary on May 5, 2017. THE CANADIAN PRESS/Jeff McIntosh
Husky pipeline spills 900,000 litres of produced water in northwestern Alberta

The energy regulator says environmental contractors are at the site

A raccoon paid a visit to a Toronto Tim Hortons on Oct. 22, 2020. (shecallsmedrew/Twitter)
Who are you calling a trash panda? Raccoon takes a shift at Toronto Tim Hortons

Tim Hortons said animal control was called as soon they saw the surprise visitor

Most Read