Hackers used social engineering to target some of Twitter’s employees and then gained access to the high-profile accounts, in a July 16, 2020 story. (Photo by THE ASSOCIATED PRESS)

Hackers used social engineering to target some of Twitter’s employees and then gained access to the high-profile accounts, in a July 16, 2020 story. (Photo by THE ASSOCIATED PRESS)

Experts say Twitter breach troubling, undermines trust

Twitter swiftly locked down accounts to investigate

HONG KONG — A breach in Twitter’s security that allowed hackers to break into the accounts of leaders and technology moguls is one of the worst attacks in recent years and may shake trust in a platform politicians and CEOs use to communicate with the public, experts said Thursday.

The ruse discovered Wednesday included bogus tweets from Barack Obama, Joe Biden, Mike Bloomberg and a number of tech billionaires including Amazon CEO Jeff Bezos, Microsoft co-founder Bill Gates and Tesla CEO Elon Musk. Celebrities Kanye West and his wife, Kim Kardashian West, were also hacked.

Hackers used social engineering to target some of Twitter’s employees and then gained access to the high-profile accounts. The attackers sent out tweets from the accounts of the public figures, offering to send $2,000 for every $1,000 sent to an anonymous Bitcoin address.

Cybersecurity experts say such a breach could have dire consequences since the attackers were tweeting from verified, globally influential accounts with millions of followers.

“If you receive a tweet from a verified account, belonging to a well-known and therefore trusted person, you can no longer assume it’s really from them,” said Michael Gazeley, managing director of cybersecurity firm Network Box.

Reacting to the breach, Twitter swiftly deleted the tweets and locked down the accounts to investigate. In the process it prevented verified users from sending out tweets for several hours.

The company said Thursday it has taken “significant steps to limit access to internal systems and tools.”

Many celebrities, politicians and business leaders often use Twitter as a public platform to make statements. U.S. President Donald Trump, for example, regularly uses Twitter to post about national and geopolitical matters, and his account is closely followed by media, analysts and governments around the world.

Twitter faces an uphill battle in regaining people’s confidence, Gazeley said. For a start, it needs to figure out exactly the accounts were hacked and show the vulnerabilities have been fixed, he said.

“If key employees at Twitter were tricked, that’s actually a serious cybersecurity problem in itself,” he said. “How can one of the world’s most used social media platforms have such weak security, from a human perspective?”

Rachel Tobac, CEO of Socialproof Security, said that the breach appeared to be largely financially motivated. But such an attack could cause more serious consequences.

“Can you imagine if they had taken over a world leader’s account, and tweeted out a threat of violence to another country’s leader?” asked Tobac, a social engineering hacker who specializes in providing training for companies to protect themselves from such breaches.

Social engineering attacks typically target human weaknesses to exploit networks and online platforms. Companies can guard themselves against such attacks by beefing up multi-factor authentication -– where users have to present multiple pieces of evidence as authentication before being allowed to log into a system, Tobac said.

Such a process could include having a physical token that an employee must have with them, on top of a password, before they can log into a corporate or other private system. Other methods include installing technical tools to monitor for suspicious insider activities and reducing the number of people who have access to an administrative panel, Tobac said.

U.S. Sen. Josh Hawley called on Twitter to co-operate with authorities including the Department of Justice and the FBI to secure the site.

“I am concerned that this event may represent not merely a co-ordinated set of separate hacking incidents but rather a successful attack on the security of Twitter itself,” he said.

He added that millions of users relied on Twitter not just to send tweets but also communicate privately via direct messaging.

“A successful attack on your system’s servers represents a threat to all of your users’ privacy and data security,” said Hawley.

By The Associated Press

Business

Just Posted

Alberta Premier Jason Kenney arrives at the 2021 budget in Edmonton on Thursday, Feb. 25, 2021.THE CANADIAN PRESS/Jason Franson
Alberta launches COVID vaccine lottery with million-dollar prizes to encourage uptake

The premier says the lottery will offer three prizes worth $1 million a piece, as well as other prizes

The City of Red Deer sits at 249 active cases of the virus, after hitting a peak of 565 active cases on Feb. 22. (Black Press file image)
Red Deer down to 119 active COVID-19 cases

Province identifies 179 new cases Saturday

Member Terry Parsons’ custom built track vehicle.
Forestburg’s Area 53 Racetrack gears up for action-packed season

Site will also host a portion of the ‘Miles of Mayhem’ event in July

File photo
Sylvan Lake NexSource Centre reopens Monday

As part of the provincial reopening plan, the recreation facility is able to open to the public

Canadian Prime Minister Justin Trudeau participates in a plenary session at the G7 Summit in Carbis Bay, England on Friday June 11, 2021. THE CANADIAN PRESS/Adrian Wyld
Canada donating 13M surplus COVID-19 vaccine doses to poor countries

Trudeau says the government will pay for 87 million shots to be distributed to poor countries

Indigenous Services Minister Marc Miller is seen during a news conference, Wednesday May 19, 2021 in Ottawa. THE CANADIAN PRESS/Adrian Wyld
Indigenous child-welfare battle heads to court despite calls for Ottawa to drop cases

Feds are poised to argue against two Canadian Human Rights Tribunal rulings

The Great Ogopogo Bathtub Race has been held in Summerland as a fundraising event. Do you know which Canadian city introduced this sport? (Black Press file photo)
QUIZ: A summer’s day at the water

How much do you know about boats, lakes and water?

Flowers and cards are left at a makeshift memorial at a monument outside the former Kamloops Indian Residential School to honour the 215 children whose remains are believed to have been discovered buried near the city in Kamloops, B.C., on Monday, May 31, 2021. THE CANADIAN PRESS/Darryl Dyck
‘Pick a Sunday:’ Indigenous leaders ask Catholics to stay home, push for apology

Indigenous leaders are calling on Catholics to stand in solidarity with residential school survivors by not attending church services

“They will never be forgotten, every child matters,” says Sioux Valley Chief Jennifer Bone in a video statement June 1. (Screen grab)
104 ‘potential graves’ detected at site of former residential school in Manitoba

Sioux Valley Dakota Nation working to identify, repatriate students buried near former Brandon residential school

Denmark’s Christian Eriksen receives medical attention after collapsing during the Euro 2020 soccer championship group B match between Denmark and Finland at Parken stadium in Copenhagen, Saturday, June 12, 2021. (AP Photo/Martin Meissner, Pool)
Christian Eriksen in stable condition, Euro 2020 match resumes

Eriksen was given chest compressions after collapsing on the field during a European Championship

As stories of the horrors of residential schools circulate after the Tk’emlups te Secwepemc First Nation announced it had located what are believed to be the remains of 215 children, Grand Chief Stewart Phillip of the Union of B.C. Indian Chiefs said he feels a connection with the former students. THE CANADIAN PRESS/Darryl Dyck
2 sides of the same coin: Ex-foster kids identify with residential school survivors

Grand Chief Stewart Phillip says the child welfare system takes Indigenous children from their families

Airport ground crew offload a plane carrying just under 300,000 doses of the single-shot Johnson & Johnson COVID-19 vaccine which is developed by the Janssen Pharmaceutical Companies at Pearson International Airport during the COVID-19 pandemic in Toronto on Wednesday, April 28, 2021. THE CANADIAN PRESS/Nathan Denette
1st batch of Johnson & Johnson vaccines won’t be released in Canada over quality concerns

The vaccines were quarantined in April before they were distributed to provinces

Most Read