Twitter suffered an unusual hack on Wednesday, the worst security breach in the company’s history. In response, US think-tanks say July 15 is bad for Twitter, but November 3rd (US presidential election) could be worse than that.
Twitter said late Wednesday local time that hackers had hijacked accounts including Democratic presidential candidate Joe Biden, former President Barack Obama, reality TV star Kim Kardashian and tech billionaire and Tesla founder El Musk by gaining control of Twitter employee credentials.
In a series of tweets, Twitter said: “We detected what we believe was a collaborative social engineering attack by some of our employees who managed to target some of our employees and gain control of their credentials, thereby accessing our internal systems and tools.” Hackers then took advantage of this access to control many well-known (including authenticated) accounts and tweets. “
In response, analysts said Twitter’s series of statements confirmed security experts’ concern that its service itself, not its users, had been threatened.
Twitter is known to have become a key communication platform for political candidates and public officials, including President Donald Trump, who often uses it to post political opinions and other content. The hacking has unquestionably raised concerns that hackers could wreak havoc on the November 3 US presidential election or otherwise endanger national security.
Adam Conner, vice president of technology policy at center for American Progress, a liberal think-tank, said on Twitter today: “July 15 is really bad, but November 3rd could be terrible. “
In the attack, hackers posing as celebrities and wealthy individuals asked fans to send the digital currency Bitcoin to a series of addresses. As of Wednesday evening local time, 400 bitcoin transfers worth $120,000 had been made. According to forensics firm Elliptic, half of the victims traded all the money in Bitcoin in the United States, one-quarter in Europe and another quarter in Asia.
These transfers have left a record to help investigators identify the perpetrators of the attack. Financial losses may be limited because multiple exchanges have blocked other payments after finding that their Twitter accounts were targeted.
But for Twitter, the damage to its reputation could be even worse. For some, the worst part is how long it took the company to stop these bad tweets.
Dan Guido, CEO of security firm Trail of Bits, said: “Twitter’s response to this hack is shocking. It took them five hours to deal with the incident. “What’s worse, because the hack involves the more popular “Bitcoin,” it has largely distracted attention from the more serious hacking incident itself, such as hackers gaining direct access to account holders.”
Twitter said it was not sure what the hackers might have done other than send Bitcoin messages. Twitter said: “We are investigating what other malicious activity they may have engaged in, or what information they may have obtained, and will share more information with us in our possession.” “
In fact, a massive attack on Twitter accounts has occurred before by stealing employee credentials, or vulnerabilities in third-party apps that many users use, and Wednesday’s hack was the worst to date. Several users with two-factor authentication said they were powerless to stop the behavior. Two-factor authentication is a security procedure that helps prevent intrusion attempts.
“If hackers do have access to the back end of Twitter or directaccess to the database, there is nothing to stop them from stealing data other than using such tweets for fraud,” said Michael Borohovski, director of software engineering at security firm Synopsys. “