Hackers used social engineering to target some of Twitter’s employees and then gained access to the high-profile accounts, in a July 16, 2020 story. (Photo by THE ASSOCIATED PRESS)

Hackers used social engineering to target some of Twitter’s employees and then gained access to the high-profile accounts, in a July 16, 2020 story. (Photo by THE ASSOCIATED PRESS)

Experts say Twitter breach troubling, undermines trust

Twitter swiftly locked down accounts to investigate

HONG KONG — A breach in Twitter’s security that allowed hackers to break into the accounts of leaders and technology moguls is one of the worst attacks in recent years and may shake trust in a platform politicians and CEOs use to communicate with the public, experts said Thursday.

The ruse discovered Wednesday included bogus tweets from Barack Obama, Joe Biden, Mike Bloomberg and a number of tech billionaires including Amazon CEO Jeff Bezos, Microsoft co-founder Bill Gates and Tesla CEO Elon Musk. Celebrities Kanye West and his wife, Kim Kardashian West, were also hacked.

Hackers used social engineering to target some of Twitter’s employees and then gained access to the high-profile accounts. The attackers sent out tweets from the accounts of the public figures, offering to send $2,000 for every $1,000 sent to an anonymous Bitcoin address.

Cybersecurity experts say such a breach could have dire consequences since the attackers were tweeting from verified, globally influential accounts with millions of followers.

“If you receive a tweet from a verified account, belonging to a well-known and therefore trusted person, you can no longer assume it’s really from them,” said Michael Gazeley, managing director of cybersecurity firm Network Box.

Reacting to the breach, Twitter swiftly deleted the tweets and locked down the accounts to investigate. In the process it prevented verified users from sending out tweets for several hours.

The company said Thursday it has taken “significant steps to limit access to internal systems and tools.”

Many celebrities, politicians and business leaders often use Twitter as a public platform to make statements. U.S. President Donald Trump, for example, regularly uses Twitter to post about national and geopolitical matters, and his account is closely followed by media, analysts and governments around the world.

Twitter faces an uphill battle in regaining people’s confidence, Gazeley said. For a start, it needs to figure out exactly the accounts were hacked and show the vulnerabilities have been fixed, he said.

“If key employees at Twitter were tricked, that’s actually a serious cybersecurity problem in itself,” he said. “How can one of the world’s most used social media platforms have such weak security, from a human perspective?”

Rachel Tobac, CEO of Socialproof Security, said that the breach appeared to be largely financially motivated. But such an attack could cause more serious consequences.

“Can you imagine if they had taken over a world leader’s account, and tweeted out a threat of violence to another country’s leader?” asked Tobac, a social engineering hacker who specializes in providing training for companies to protect themselves from such breaches.

Social engineering attacks typically target human weaknesses to exploit networks and online platforms. Companies can guard themselves against such attacks by beefing up multi-factor authentication -– where users have to present multiple pieces of evidence as authentication before being allowed to log into a system, Tobac said.

Such a process could include having a physical token that an employee must have with them, on top of a password, before they can log into a corporate or other private system. Other methods include installing technical tools to monitor for suspicious insider activities and reducing the number of people who have access to an administrative panel, Tobac said.

U.S. Sen. Josh Hawley called on Twitter to co-operate with authorities including the Department of Justice and the FBI to secure the site.

“I am concerned that this event may represent not merely a co-ordinated set of separate hacking incidents but rather a successful attack on the security of Twitter itself,” he said.

He added that millions of users relied on Twitter not just to send tweets but also communicate privately via direct messaging.

“A successful attack on your system’s servers represents a threat to all of your users’ privacy and data security,” said Hawley.

By The Associated Press

Business

Get local stories you won't find anywhere else right to your inbox.
Sign up here

Just Posted

File photo
Alberta’s central zone has 670 active cases

301 new cases identified Sunday

Alberta has 1,910 active cases of COVID-19 as of Wednesday. Red Deer is reporting five active cases, with 108 recovered. (File photo)
Red Deer reports 25th COVID-19 death

415 new cases identified provincially Saturday

Alberta Health reported two new COVID-19 deaths in Red Deer Friday. (Image courtesy CDC)
Two more deaths linked to Olymel outbreak in Red Deer

Province reported 356 additional COVID-19 cases Friday

Black Press file photo
Wetaskiwin RCMP execute search warrant; illegal drugs seized

Two Wetaskiwin residents have been charged with possession and trafficking of Methamphetamine.

Alberta Premier Jason Kenney speaks during a news conference in Edmonton on Feb. 24, 2020. It’s budget day in the province, and Kenney’s United Conservative government is promising more help in the fight against COVID, but more red ink on the bottom line. THE CANADIAN PRESS/Jason Franson
Alberta’s budget promises more help for COVID-19 with a hard deficit

Annual spending on debt interest is closing in on $3 billion

People line up outside a vaccine clinic as seniors wait to get the COVID-19 vaccine in Edmonton Alta, on Friday February 26, 2021. THE CANADIAN PRESS/Jason Franson
Alberta Health Services head sorry for glitches in vaccine booking system for seniors

AHS president said technical issues have been fixed and a virtual waiting room is in place

Vandalism is shown on Alberta NDP MLA Janis Irwin’s constituency office in Edmonton in this handout photo on Saturday, February 27, 2021. Alberta Premier Jason Kenney quickly condemned vandalism at an Opposition legislature member Janis Irwin’s Edmonton office after the MLA posted pictures showing her front window spray-painted with the words “Antifa Liar.” THE CANADIAN PRESS/HO, Janis Irwin *MANDATORY CREDIT*
Alberta Premier slams vandalism after slur painted on MLA’s office window

Edmonton MLA Janis Irwin posted pictures showing the front window spray-painted with the words ‘Antifa Liar’

A helicopter flies past a mountain near McBride, B.C., on Saturday January 30, 2016. THE CANADIAN PRESS/Darryl Dyck
Avalanche warning for backcountry users in North and South Rockies

Avalanche Canada is urging backcountry users to always check their regional avalanche forecasts

Supporters pray outside court in Stony Plain, Alta., on Wednesday, Feb. 24, 2021, as a trial date was set for Pastor James Coates of GraceLife Church. He is charged with holding Sunday services in violation of Alberta’s COVID-19 rules and with breaking conditions of his bail release. THE CANADIAN PRESS/Jason Franson
Trial date for jailed Alberta pastor charged with breaking COVID-19 health orders

The court says it will reconvene with lawyers on March 5 for a case management plan by teleconference

A pharmacist prepares a COVID-19 vaccine at Village Green Retirement Campus in Federal Way on Jan. 26. (Olivia Sullivan/Sound Publishing)
Canada approves use of AstraZeneca’s COVID-19 vaccine

The country joins more than a dozen others in giving the shot the green light

Sylvan Lake's Winter Village lured many visitors to the town this winter. The town has launched a new contest to attract a new business.
(Black Press file photo)
Sylvan Lake offering rent-free storefront space to lure new businesses

Winning business proposal will get a storefront space rent-free for a year

NDP leader Jagmeet Singh holds a press conference on Parliament Hill in Ottawa on Wednesday, Feb. 24, 2021. THE CANADIAN PRESS/Sean Kilpatrick
NDP will not trigger election as long as pandemic continues: Singh

‘“We will vote to keep the government going’

Most Read