Twitter’s July 15 hack not only compromised the accounts of millions of users, but also sparked a theft of over $118,000 in Bitcoin (BTC). Authorities in New York warn that the hack demonstrated a weakness that could have grave implications for the US election.
118,000 Reasons Why
On July 15, a Florida teenager was allegedly able to hack into Twitter’s network using a simple phishing technique. Having hijacked the accounts of the likes of Amazon CEO Jeff Bezos and President Barack Obama, the high schooler asked for Bitcoin in a classic scam.
In the end, the culprit received about $118,000, security was restored, and a suspect was arrested. However, the attack revealed how vulnerable Twitter was. In addition, once the hack became apparent to Twitter’s security team, they realized there was no elegant mechanism in place to halt the breach. At the time of the attack, Twitter decided to simply lock all verified members until the mess was cleaned up.
On Oct. 15, the New York State Department of Finance released a report on the hack, underlining the negative implications it could have on the contentious US elections on Nov. 3, 2020.
Easy Come, Easy Go
The problem, the report alleges, is two fold. For one, the attack was not very sophisticated. Graham Ivan Clark, 17, was eventually charged with 30 felony counts related to the incident. Though apparently tech savvy, Clark did not require expertise to carry out the attack.
Instead, he relied on a phishing scam. This basically boiled down to calling Twitter employees who had high security clearances, saying he was from IT, and having them tell him their passwords.
The report warned of the significance of this vulnerability:
“The extraordinary access the Hackers obtained with this simple technique underscores Twitter’s cybersecurity vulnerability and the potential for devastating consequences. Notably, the Twitter Hack did not involve any of the high-tech or sophisticated techniques often used in cyberattacks–no malware, no exploits, and no backdoors.”
The second problem is Twitter’s influence, per the report. Twitter has about 330 million active users. These 330 million users have considerable sway. They are not held to standards of fact checking and can always backup a claim by calling it an opinion.
More notably, however, Americans get their news from social media. A Pew Research study found that 55% of Americans get their news from social media “sometimes” or “often.” Twitter was the third most common news portal after Facebook and YouTube.
Interestingly, 62% of those polled felt that social media had too much influence over the mix of news people say.
The Big Deal
The Department of Finance focused on the possible implications for such an influential news source’s vulnerability. It found that the Twitter hack demonstrated how wholly unprepared social media companies are to the threat of a hack:
“The Twitter Hack demonstrates the need for strong cybersecurity to curb the potential weaponization of major social media companies. But our public institutions have not caught up to the new challenges posed by social media.”
A single hacker could block certain Twitter accounts, causing bias, misinformation, or security risks during the upcoming election. With social media so crucial a source of information, this could sway the election.
In the past, many social media companies were accused of unduly influencing politics. Notably, on Oct. 23, 2019, Facebook CEO Mark Zuckerberg testified about elections and cyber security before Congress. The question of Facebook’s Libra cryptocurrency came up during the discussion.
Fight the Power
Meanwhile, Twitter has ostensibly done much work to tighten security before the election. Security clearances were shuffled, stop-gaps for security breaches were put in the place, and staff even worked through war-room style scenarios in the case of an attack on election day.
These improvements mirror many of the report’s security monitoring recommendations. Twitter employees underwent mandatory training. It is also possible that Twitter is monitoring the usage of their high-security staff.
Controversially, the report also spoke of a need for expanding oversight, including a new, independent social media regulator. Such a force could face pushback from free speech advocates.
Nonetheless, the New York State report offers a dire warning for election day. It worries that the current government is “not up to the challenges” of social media. A lone hacker was able to bring Twitter, a giant new source, “to it’s knees.”
NOTE: The views expressed here are those of the author’s and do not necessarily represent or reflect the views of BeInCrypto.