Hackers used social engineering to target some of Twitter’s employees and then gained access to the high-profile accounts, in a July 16, 2020 story. (Photo by THE ASSOCIATED PRESS)

Hackers used social engineering to target some of Twitter’s employees and then gained access to the high-profile accounts, in a July 16, 2020 story. (Photo by THE ASSOCIATED PRESS)

Experts say Twitter breach troubling, undermines trust

Twitter swiftly locked down accounts to investigate

HONG KONG — A breach in Twitter’s security that allowed hackers to break into the accounts of leaders and technology moguls is one of the worst attacks in recent years and may shake trust in a platform politicians and CEOs use to communicate with the public, experts said Thursday.

The ruse discovered Wednesday included bogus tweets from Barack Obama, Joe Biden, Mike Bloomberg and a number of tech billionaires including Amazon CEO Jeff Bezos, Microsoft co-founder Bill Gates and Tesla CEO Elon Musk. Celebrities Kanye West and his wife, Kim Kardashian West, were also hacked.

Hackers used social engineering to target some of Twitter’s employees and then gained access to the high-profile accounts. The attackers sent out tweets from the accounts of the public figures, offering to send $2,000 for every $1,000 sent to an anonymous Bitcoin address.

Cybersecurity experts say such a breach could have dire consequences since the attackers were tweeting from verified, globally influential accounts with millions of followers.

“If you receive a tweet from a verified account, belonging to a well-known and therefore trusted person, you can no longer assume it’s really from them,” said Michael Gazeley, managing director of cybersecurity firm Network Box.

Reacting to the breach, Twitter swiftly deleted the tweets and locked down the accounts to investigate. In the process it prevented verified users from sending out tweets for several hours.

The company said Thursday it has taken “significant steps to limit access to internal systems and tools.”

Many celebrities, politicians and business leaders often use Twitter as a public platform to make statements. U.S. President Donald Trump, for example, regularly uses Twitter to post about national and geopolitical matters, and his account is closely followed by media, analysts and governments around the world.

Twitter faces an uphill battle in regaining people’s confidence, Gazeley said. For a start, it needs to figure out exactly the accounts were hacked and show the vulnerabilities have been fixed, he said.

“If key employees at Twitter were tricked, that’s actually a serious cybersecurity problem in itself,” he said. “How can one of the world’s most used social media platforms have such weak security, from a human perspective?”

Rachel Tobac, CEO of Socialproof Security, said that the breach appeared to be largely financially motivated. But such an attack could cause more serious consequences.

“Can you imagine if they had taken over a world leader’s account, and tweeted out a threat of violence to another country’s leader?” asked Tobac, a social engineering hacker who specializes in providing training for companies to protect themselves from such breaches.

Social engineering attacks typically target human weaknesses to exploit networks and online platforms. Companies can guard themselves against such attacks by beefing up multi-factor authentication -– where users have to present multiple pieces of evidence as authentication before being allowed to log into a system, Tobac said.

Such a process could include having a physical token that an employee must have with them, on top of a password, before they can log into a corporate or other private system. Other methods include installing technical tools to monitor for suspicious insider activities and reducing the number of people who have access to an administrative panel, Tobac said.

U.S. Sen. Josh Hawley called on Twitter to co-operate with authorities including the Department of Justice and the FBI to secure the site.

“I am concerned that this event may represent not merely a co-ordinated set of separate hacking incidents but rather a successful attack on the security of Twitter itself,” he said.

He added that millions of users relied on Twitter not just to send tweets but also communicate privately via direct messaging.

“A successful attack on your system’s servers represents a threat to all of your users’ privacy and data security,” said Hawley.

By The Associated Press

Business

Get local stories you won't find anywhere else right to your inbox.
Sign up here

Just Posted

.
Alberta confirmed more than 1,500 COVID-19 cases Sunday

Central zone active cases slightly up

A nurse gets a swab ready at a temporary COVID-19 test clinic in Montreal, on Friday, May 15, 2020. Health Canada has reversed course on home test kits for COVID-19, saying it will now review applications for such devices. THE CANADIAN PRESS/Paul Chiasson
Students from Lacombe Composite High School’s art 30 and drawing 35 classes will have their art displayed at the LMC until the end of January. (Alannah Page/Lacombe Express)
Lacombe high school student art displayed at the Lacombe Memorial Centre

The art will be featured until the end of January

Kyle Charles poses for a photo in Edmonton on Friday, Nov. 20, 2020. Marvel Entertainment, the biggest comic book publisher in the world, hired the 34-year-old First Nations illustrator as one of the artists involved in Marvel Voice: Indigenous Voices #1 in August. THE CANADIAN PRESS/Jason Franson
VIDEO: Indigenous illustrator of new Marvel comic hopes Aboriginal women feel inspired

Kyle Charles says Indigenous women around the world have reached out

This 2019 photo provided by The ALS Association shows Pat Quinn. Quinn, a co-founder of the viral ice bucket challenge, died Sunday, Nov. 22, 2020, at the age of 37. (Scott Kauffman/The ALS Association via AP)
Co-founder of viral ALS Ice Bucket Challenge dies at 37

Pat Quinn was diagnosed with Lou Gehrig’s disease, also known as amyotrophic lateral sclerosis, in 2013

Minister of Justice and Attorney General of Canada David Lametti speaks with the media following party caucus in Ottawa, Tuesday, January 28, 2020. THE CANADIAN PRESS/Adrian Wyld
Exclusion of mental health as grounds for assisted death is likely temporary: Lametti

Senators also suggested the exclusion renders the bill unconstitutional

Claudio Mastronardi, Toronto branch manager at Carmichael Engineering, is photographed at the company’s offices in Mississauga, Ont., Thursday, Nov. 19, 2020. As indoor air quality becomes a major concern in places of business, HVAC companies are struggling to keep up with demand for high quality filtration systems. THE CANADIAN PRESS/Chris Young
Business is booming for HVAC companies as commercial buildings see pandemic upgrades

‘The demand right now is very high. People are putting their health and safety ahead of cost’

Prime Minister Justin Trudeau speak to the media about the COVID-19 virus outside Rideau Cottage in Ottawa, Friday, Nov. 20, 2020. THE CANADIAN PRESS/Adrian Wyld
Long-awaited federal rent subsidy program for businesses hurt by COVID-19 opens today

The new program will cover up to 65 per cent of rent or commercial mortgage interest

Traffic crosses over the Lions Gate Bridge from North Vancouver into Vancouver on July 2, 2015. Motorists would have to pay a fee to drive into downtown Vancouver under the city's plan to slow climate change but one expert warns it could pose financial hardship for some. THE CANADIAN PRESS/Darryl Dyck
Vancouver’s climate plan ‘first 10 steps in a journey of 10,000,’ says expert

Almost 40 per cent of Vancouver’s carbon pollution comes from vehicles

Alberta has 1,910 active cases of COVID-19 as of Wednesday. Red Deer is reporting five active cases, with 108 recovered. (File photo)
After COVID-related transplant delays, 16-year-old N.S. girl gets lung transplant

‘This is the difficult time now of seeing Tahlia in ICU hooked up to 15 IVs and sedated’

Britain's Princess Anne The Princess Royal, right, talks to NATO delegates from left, Canadian Prime Minister Justin Trudeau and Britain's Prime Minister Boris Johnson, during a reception at Buckingham Palace, in London, as Nato leaders attend to mark 70 years of the alliance, Tuesday Dec. 3, 2019.  While NATO leaders are publicly professing unity as they gather for the London summit, several seem to have been caught in an unguarded exchange on camera apparently gossiping about U.S. President Donald Trump’s behaviour. In footage recorded during the Buckingham Palace reception on Tuesday, Canadian Prime Minister Justin Trudeau was seen standing in a huddle with French President Emmanuel Macron, British Prime Minister Boris Johnson, Dutch Prime Minister Mark Rutte and Britain’s Princess Anne. (Yui Mok/Pool via AP)
Canada, Britain strike new trade, beating Brexit, incorporating expiring EU pact

Prime Minister Justin Trudeau and British counterpart, Boris Johnson, announced the deal Saturday

Most Read