Mega Twitter hack

SECURITY/ GOVERNANCE/ SOCIETY

Topic: General Studies 2,3:

• Role of media and social networking sites in internal security challenges 
• Government policies and issues arising out of their design and implementation. 

Mega Twitter hack

What was the Twitter hack all about?

• On July 15th, many high-profile accounts started tweeting a message saying any bitcoin sent to a link in the tweet will be sent back doubled
• Among the affected names are former president Barack Obama, Bill Gates, Elon Musk, Jeff Bezos, Uber & Apple Twitter handles
• Even when Twitter deleted such tweets, the accounts tweeted again within minutes.
• In the four-odd hours the tweets were live, the Bitcoin wallet promoted in the tweets received over $100,000 via at least 300 transactions.

Image Source: Indian Express

How did the hack happen?

• Early suggestions are the hackers managed to access administration privileges, which allowed them to bypass the passwords of any account they wanted.
• Twitter has said that hack is believed to be a co-ordinated social-engineering attack by persons who successfully targeted some of their employees who had access to internal systems and tools
• “Social-engineering” could mean one of several things.
• It might imply a targeted phishing operation – a common tactic employed by cyber-criminals, who find out which individuals have the keys to a system and then target them with personal emails that trick them into handing over details.
• Or it might mean the perpetrators managed to convince one or several staff members to go rogue, by offering a financial inducement or other means.
• The exact details of how the cyber-attack happened is not yet fully known

What are implications of this security incident?

• It was an unprecedented attack on privacy, trust and security.
• It had huge impact as the tweets had a reach of at least 350 million people.
• Being the platform of choice for some of the most powerful and prominent people in the world, the attack on Twitter will cost its reputation 
• This hack shows just how vulnerable social-media platforms are 
• It also shows how vulnerable users are to disinformation (who paid in bitcoins)
• 2020 being election year in USA, there are now valid questions about whether Twitter can be relied upon in the lead up to elections

Way Ahead – what steps needs to be taken?

• As social media platforms are also used as warning systems, and for publication of news, they need to be extra careful with security.
• Social media platforms also need to have contingency plans ready
• Social media companies need to spend more on security (there is no law regarding this as of now).
• There is need for comprehensive & strict laws about cyber security
• India is still to come out with a national cybersecurity policy or mandate companies to do such checks

Conclusion

As more people adjust to online activities, there is a need to look at cybersecurity as a necessary spend.

Did You Know?

• Beyond a potential loss of trust, Twitter may now face legal consequences too.
• The EU’s General Data Protection Regulation (GDPR) says organisations such as Twitter have to show “appropriate” levels of security.
• And if data-protection officers judge that Twitter failed to take adequate measures to protect European users, it could be fined.

Connecting the dots:

• Critical analysis of Social Media
• EU’s General Data Protection Regulation (GDPR) and Justice B. N. Srikrishna Committee report on data protection regime