This week, we were amazed to hear that an unprecedented Twitter hack took place. It seams that hackers gained access to one or more of Twitter’s internal tools and systems. This leaves a lot security concerns and questions for the average user or for companies which might want to know what actually happened and what can be done to avoid this unprecedented security attack.
How Twitter hack occured
For start, Twitter hack occurred late Wednesday July 15, 2020. It was a coordinated attack on some of Twitter internal tools/systems that affected very popular accounts. Hackers wanted to scam and convince people to send Bitcoin (BTC) to their private wallet address by posting Tweets on accounts like: Apple, Jeff Bezos, Binance, Barrack Obama, Warren Buffet and so on. You get the idea, high profile users.
Here’s an example of Tweet (sent by hackers using Apple account).
First official Tweet that announced that something is happening came at 12:45 AM on July 16.
We are aware of a security incident impacting accounts on Twitter. We are investigating and taking steps to fix it. We will update everyone shortly.
— Twitter Support (@TwitterSupport) July 15, 2020
Few hours later, Twitter continued to report regarding what happened and how disruptive hackers attack was. A lot of high profile verified accounts were somehow lock, while the access for Twitter internal tools and system were temporary limited for their employees.
Once we became aware of the incident, we immediately locked down the affected accounts and removed Tweets posted by the attackers.
— Twitter Support (@TwitterSupport) July 16, 2020
This was disruptive, but it was an important step to reduce risk. Most functionality has been restored but we may take further actions and will update you if we do.
— Twitter Support (@TwitterSupport) July 16, 2020
We have locked accounts that were compromised and will restore access to the original account owner only when we are certain we can do so securely.
— Twitter Support (@TwitterSupport) July 16, 2020
Internally, we’ve taken significant steps to limit access to internal systems and tools while our investigation is ongoing. More updates to come as our investigation continues.
— Twitter Support (@TwitterSupport) July 16, 2020
According to the Motherboard, hackers gained access to Twitter internal systems by convincing a Twitter employee to help them. Photos with their internal tools even emerged from the same source.
At this moment is not 100% clear how Twitter hack happened, but it seams that the hackers basically had access to everything inside Twitter, by using Twitter own internal tools/systems. It might sound like a Hollywood movie, but this is the reality, Twitter was hacked from the inside.
As a tech fan and a software engineer there are some questions here that we all might have.
1) How is possible that a company like Twitter gives access to their own employees and they can freely access users accounts?
Let’s not forget in 2017 a Twitter employee deleted a Trump tweet…so Twitter has no excuse now. If you read their Security policy, you will see that Twitter will never asks for your user/password. Well, that’s fine, no serious company will ever ask you for this. But since they have their own internal tools/system which they can use to access our own accounts, why would they bother asking for user/password?
For sure it is not necessary for any internal Twitter employee to have access and have a tool that can be used to post Tweets on other users accounts. It makes no sense to invade others private space, but I’m sure Twitter have its own take over this.
2) After what happened in 2017 with Trump tweet being deleted by an employee, what measures did Twitter take to ensure their employees won’t have direct access to other user accounts?
It seams like no serious action was taken and probably Twitter thought that was an isolated incident.
3) Knowing what happened, how secured are user accounts right now?
4) How can we trust Twitter that this won’t ever happened?
And the list can go on and on with questions. Remember, we are speaking about Twitter, a company that is listed on stock market with a share price of approx. $35 and having a market cap of over $35 billion.
Unfortunately, we live in a very unstable world where hackers will do whatever will take to take advantage of big companies. Today is Twitter, tomorrow it will be another huge company. It’s important for us to understand what are big companies doing to secure our data and what can be done to prevent this happening in the future.
What can Twitter do
The attach that Twitter experienced is something totally new, as hackers gained access to internal tools, using Twitter employees, which is something pretty scary and shocking. This raises a lot of concerns and some can be related to that/those employee(s) that deliberately or not were somehow made to give access to hackers.
For start, big companies should be more transparent (kudos to Twitter for sharing what happened) and to completely rethink the way they handle security and internal tools. Again, it’s not acceptable for an employee to have the right to access and modify other users accounts/tweets in a free way. Internal security audits should happen, not only at Twitter, but to all huge companies that handle sensitive data and that were never prepared for GDPR for example.
Source: Twitter