The sweeping hack of verified Twitter accounts Wednesday night was one of the largest security lapses in the platform’s history and led to thousands of users being partially locked out for hours.
But the social media giant, and its users, may have gotten off easy.
Now lawmakers and top officials are mulling how to ensure Twitter is not hacked by groups with more malicious intentions and how to protect other potential cyber targets from the same fate. The conversation has taken on a particular urgency as geopolitical tensions increase during the COVID-19 pandemic with only months left until a presidential election.
“This hack bodes ill for November balloting,” Sen. Richard Blumenthal (D-Conn.), a member of the tech-focused Senate Commerce Committee, said in a statement Thursday.
“Count this incident as a near miss or shot across the bow,” he added. “It could have been much worse with different targets. So many security red flags are raised by this criminal attack that the culprits should be tracked down as quickly as possible.”
The hacking incident occurred Wednesday night, when accounts of verified Twitter users including former President Barack ObamaBarack Hussein Obama Ilhan Omar: GOP response to calls for police reform ‘was vicious’ Twitter accounts of Obama, Biden, Musk and others compromised Trump-backed House candidate leads by only 7 votes in key Texas runoff MORE, former Vice President Joe BidenJoe BidenProgressive group launches M pro-Biden ad buy targeting young voters National Association of Police Organizations endorses Trump Hillicon Valley: Twitter accounts of Obama, Biden, Musk, others compromised | U.S. announces sanctions on Huawei, citing human rights abuses | Pompeo ‘confident’ foreign adversaries will interfere in elections MORE, Amazon CEO Jeff BezosJeffrey (Jeff) Preston BezosHillicon Valley: Twitter accounts of Obama, Biden, Musk, others compromised | U.S. announces sanctions on Huawei, citing human rights abuses | Pompeo ‘confident’ foreign adversaries will interfere in elections Twitter accounts of Obama, Biden, Musk and others compromised Jeff Bezos’s wealth hits record high 1B MORE, Tesla CEO Elon MuskElon Reeve MuskHillicon Valley: Twitter accounts of Obama, Biden, Musk, others compromised | U.S. announces sanctions on Huawei, citing human rights abuses | Pompeo ‘confident’ foreign adversaries will interfere in elections Twitter accounts of Obama, Biden, Musk and others compromised House appropriators cut NASA’s moon landing funds; will Senate do better? MORE, and Microsoft co-founder Bill Gates tweeted out messages asking followers to send them money in the form of bitcoin.
The posts, which were quickly taken down by Twitter, gave an address to a bitcoin wallet, and promised to double any amount sent. The individuals behind the attack quickly raised the equivalent of more than $115,000.
In response, Twitter temporarily restricted the use of verified accounts as it began its investigation into the incident. In at least one troubling case involving the National Weather Service (NWS), this decision prevented critical safety information from reaching the community for hours.
Again…NWS Lincoln, IL can’t tweet right now because of the Twitter lock of verified accounts. What a mess. There is a tornado warning in effect. https://t.co/9Ft705qfMB pic.twitter.com/eS3kynJtey
— Derrick Snyder (@Derrick_Snyder) July 15, 2020
Sen. Mark WarnerMark Robert WarnerUS praises British ban on China’s Huawei after pressure campaign GOP chairman vows to protect whistleblowers following Vindman retirement over ‘bullying’ Senators press IRS chief on stimulus check pitfalls MORE (D-Va.), vice chairman of the Senate Intelligence Committee, told The Hill that the outcome could have been worse if individuals with more disruptive intentions than simply making money had been involved.
“The ability of bad actors to take over prominent accounts, even fleetingly, signals a worrisome vulnerability in this media environment — exploitable not just for scams, but for more impactful efforts to cause confusion, havoc and political mischief,” Warner said.
The company later tweeted that hackers had “successfully targeted some of our employees with access to internal systems and tools” in what Twitter described as a “coordinated social engineering attack.”
We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools.
— Twitter Support (@TwitterSupport) July 16, 2020
Twitter said it had limited access to “internal systems and tools” while their investigation was underway into the targeting of their employees. While it wasn’t immediately clear how the employees were targeted, Motherboard spoke with hackers claiming to be involved who said they paid a Twitter employee for some form of access to the accounts.
Twitter CEO Jack Dorsey tweeted that company was “working hard to make this right,” while Biden tried to use the situation to his advantage by encouraging people to donate to his presidential campaign to defeat President TrumpDonald John TrumpProgressive group launches M pro-Biden ad buy targeting young voters Ilhan Omar: GOP response to calls for police reform ‘was vicious’ White House considers sweeping travel ban on members, families of the Chinese Communist Party: report MORE instead of sending bitcoin.
Tough day for us at Twitter. We all feel terrible this happened.
We’re diagnosing and will share everything we can when we have a more complete understanding of exactly what happened.
to our teammates working hard to make this right.
— jack (@jack) July 16, 2020
I don’t have Bitcoin, and I’ll never ask you to send me any.
But if you want to chip in to help make Donald Trump a one-term President, you can do that here: https://t.co/8XtBjuU5fX
— Joe Biden (@JoeBiden) July 16, 2020
But Twitter now faces a wave of governmental scrutiny, with many seriously concerned that it could provide avenues that others could exploit to cause damage.
The FBI said Thursday that it was launching an investigation into the incident, while New York Gov. Andrew CuomoAndrew CuomoNational Retail Federation calls for stores to set nationwide mask mandate How a progressive populist appears to have toppled Engel DeSantis sued for not having ASL interpreter at coronavirus briefings MORE (D) directed state agencies to separately investigate the incident.
Both Senate Commerce Committee Chairman Roger WickerRoger Frederick WickerSenate GOP hedges on attending Trump’s convention amid coronavirus uptick Bottom line GOP rallies around Trump after firing of Manhattan US attorney MORE (R-Miss.) and House Oversight and Reform Committee ranking member James ComerJames (Jamie) R. ComerRepublicans boot Francis Rooney from GOP Steering Committee Comer tapped to serve as top Republican on House Oversight This week: Democrats set to move health care, infrastructure proposals with eye on November MORE (R-Ky.) sent Twitter letters asking the company to brief the panels on the hacking incident, with Wicker writing it was “of great concern” to his committee.
Spokespersons for Sens. Ron JohnsonRonald (Ron) Harold JohnsonBattle brewing on coronavirus relief oversight Senate GOP hedges on attending Trump’s convention amid coronavirus uptick Koch-backed group urges Senate to oppose ‘bailouts’ of states in new ads MORE (R-Wis.) and Gary PetersGary Charles PetersConservative group launches ad campaign for Rep. Roger Marshall in Kansas Senate race Health care group launches M ad campaign hitting Trump in battleground states The Hill’s Morning Report – Presented by Facebook – Trump wants schools to reopen, challenged on ‘harmless’ COVID-19 remark MORE (D-Mich.), the leaders of the Senate Homeland Security and Governmental Affairs Committee, told The Hill that committee staff were also “requesting a bipartisan staff-level briefing to understand how this happened and what we can do to prevent it from happening in the future.”
The letters were sent the day after committee member Sen. Josh HawleyJoshua (Josh) David HawleyTwitter accounts of Obama, Biden, Musk and others compromised Larry Hogan’s hopes Hawley fires back at ESPN, NBA over China MORE (R-Mo.) sent a separate missive to Twitter encouraging the company to immediately alert the FBI and the Department of Justice of the incident.
“Millions of your users rely on your service not just to tweet publicly but also to communicate privately through your direct message service,” Hawley wrote. “A successful attack on your system’s servers represents a threat to all of your users’ privacy and data security.”
Sen. Ron WydenRonald (Ron) Lee WydenTrump administration to impose tariffs on French products in response to digital tax Mnuchin: Next stimulus bill must cap jobless benefits at 100 percent of previous income Congress must act now to fix a Social Security COVID-19 glitch and expand, not cut, benefits MORE (D-Ore.), a member of the Senate Intelligence Committee, pointed to concerns around the security of Twitter’s direct message system (DMs), noting that Dorsey promised during a meeting with Wyden in 2018 to implement end-to-end encryption on the messages.
“Twitter DMs are still not encrypted, leaving them vulnerable to employees who abuse their internal access to the company’s systems, and hackers who gain unauthorized access,” Wyden said in a statement. “If hackers gained access to users’ DMs, this breach could have a breathtaking impact, for years to come.”
Some members of Congress pointed to the hack as evidence that Congress needs to lead the way on passing legislation to shore up cybersecurity. One of these proposals, which has gained bipartisan support in recent days, is the reestablishment of a national cyber director at the White House to help coordinate federal cybersecurity activity.
Rep. Jim LangevinJames (Jim) R. LangevinOvernight Defense: US formally rejects Beijing’s South China Sea claims | House set to consider defense policy bill next week | 57 injured as firefighters battle warship blaze Foreign cyber criminals take aim at Americans working from home Hillicon Valley: Democrats introduce bill banning federal government use of facial recognition tech | House lawmakers roll out legislation to establish national cyber director | Top federal IT official to step down MORE (D-R.I.), a sponsor of the legislation creating the position, told The Hill on Thursday that the Twitter incident underlined “the need to take action now to protect Americans, our assets, and allies.”
“We cannot be timid in our response to this cyber aggression,” he said.
Rep. Cedric RichmondCedric Levon RichmondBlack Caucus unveils next steps to combat racism Gaetz tweets photo of teenage adopted son after hearing battle Tensions flare between Reps. Cedric Richmond and Matt Gaetz during police reform hearing MORE (D-La.), the chairman of the House Homeland Security Committee’s cyber panel, told The Hill that Congress had an “obligation to protect the internet and our constituents who use social media.” Rep. John KatkoJohn Michael KatkoDemocrat Dana Balter to face Rep. John Katko in NY House rematch Hillicon Valley: Wells Fargo tells employees to delete TikTok from work phones | Google, Facebook join legal challenge to ICE foreign students rule | House Republican introduces bills to bolster federal cybersecurity House Republican introduces legislation to strengthen federal cybersecurity MORE (R-N.Y.), the ranking member of the panel, told The Hill that social media users need to “remain vigilant and utilize best practices and good cyber hygiene.”
Software group Check Point was among those tracking the Twitter hacking incident as it occurred. Mark Ostrowski, the head of engineering at Check Point US East, told The Hill that in light of millions working remotely, the hack is a reminder for companies to step up their game and educate employees on how to spot malicious cyber activity.
“This is an eye-opening moment, where companies have to be better equipped for things like spear phishing and limiting access to their internal tools so these things can be avoided in the future,” Ostrowski said.
Many unanswered questions about the hacking incident remain.
Twitter gave an update on Thursday afternoon saying no passwords were accessed, but did not answer questions about whether hackers accessed direct messaging for accounts or stole other information.
For Theresa Payton, the White House chief information officer during the George W. Bush administration, these questions kept her up through the night Wednesday, wondering what the hackers were able to access.
“We don’t actually know what the attackers did with the accounts yet,” Payton, who currently serves as CEO of cyber consultancy group Fortalice Solutions, said. “To me, the jury is out until we understand who the attackers truly were and Twitter does a full forensic investigation of what the attackers did with each and every individual account while they owned them.”
“It will be interesting to see if this was only a cryptocurrency scam,” she said.
Get your CompTIA A+, Network+ White Hat-Hacker, Certified Web Intelligence Analyst and more starting at $35 a month. Click here for more details.
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .