Skip to main content

The Great Twitter Hack has exposed the precarity of our online existence


Sometimes, a security breach is so startling in its reach and audacity that it becomes a stark reminder of the precarious nature of our collective dependence on computer systems. The particular nature of the attack also serves as a commentary on the times.
The Sony hack of 2014, later blamed on North Korea, exposed deeply embarrassing — and costly — personal and business secrets. The Snowden leaks of 2013 were an unprecedented dump of national security information. The attack on the Democratic National Committee in 2016 led to the leak of emails that might have influenced the outcome of an election.
It’s time for a farcical new addition to this list: the Great Twitter Hack of 2020. If the earlier cases demonstrated the sinister repercussions of computer insecurity, this was apparently a comedy without severe consequence. Attackers briefly took over the Twitter accounts of famous business people, celebrities, politicians and companies to try to trick people into sending them bitcoin.
The proceeds from this scam came to little more than $100,000 — a paltry pay-off given the startling success of the undertaking, and certainly much less than the value of the “earned media” that might normally be associated with tweeting from such influential accounts. The attackers had control for only a brief period — but that was still significant for a system whose value lies in holding mass attention in real time.
Inevitably, the apparently half-baked cryptocurrency element to the attack has led to suspicions that more was going on than meets the eye. While the accounts of Barack Obama, Joe Biden and Michael Bloomberg were taken over, for instance, no senior Republican figures were compromised — so was this really a disguised political assault of some kind? Maybe the miscreants used their access to pry into the direct messages of famous people, and will use these to attempt blackmail — or even to carry out the kind of political leaks that followed the DNC hack?
Until Twitter gets to the bottom of the incident, there’s no way to be sure. But given how much public discourse now takes place in the hall of mirrors that is social media — and the outsized influence now conferred by Twitter celebrity — it has already become an emblematic hack for our times. In the process, it has underlined two things.
The first is that there are some system-wide vulnerabilities that may be impossible to plug. According to Twitter, the attackers tricked some of the company’s employees in order to get internal access to its systems.
To the non-expert, it might seem inexcusable that individuals inside a company should have such control. But security expert Bruce Schneier points out that there is always a human somewhere with a hand on the lever: “Systems need trusted people to operate. Someone had to have control of everything.”
Those humans, in turn, are social creatures who are not above being fooled. The greater the prize, the more effort an attacker will put into the deceit.
The second point highlighted by this week’s debacle is the world’s growing dependence on information networks that are, by their very nature, built on unverified information. As the US enters the final months of a deeply divisive presidential election campaign, it might be tempting to think that the guardians of the most influential information systems have learnt the lessons from the campaign of 2016. Also, the people who rely on those systems — both to communicate and inform themselves — might be expected to be more on guard.
But the scale of the networks, and the world’s dependence on them, has only grown in the past four years. Many official agencies now use Twitter as the default mechanism for pushing out important information. The president of the US has frequently used it as a way to announce new policy — often, before his own advisers know about it. The media’s recourse to treating tweets as the definitive soundbites of our age has turned them into a fetish.
In this environment, what havoc might a more canny and manipulative attacker cause by secretly taking over the accounts of the powerful? What extra doubts might that seed in the public mind about the trustworthiness of political leaders? And how long will it be before the tweeter-in-chief at the White House, after a particularly controversial tweet, claims his Twitter account has been hacked?

Originally published at https://www.ft.com on July 17, 2020.

Comments

Post a Comment

Popular posts from this blog

Google can now help you figure out that song stuck in your head - all you have to do is hum (or whistle) into your phone

  Google just launched its “hum to search” feature, which allows users to hum, whistle, or sing for 10–15 seconds in order to identify a song. The feature currently works in 20 languages, and Google hopes to add more. Google has finally launched the perfect feature for when a song is stuck in your head but you don’t know any of the words. “Hum to search” launched today on both the Google app for iOS and Android, according to Google’s blog, The Keyword. Users can also whistle or sing directly into the mic to identify a song. The technology works like this: the user can hum (whistle, or sing) for 10–15 seconds, and then Google’s technology takes the song’s melody and turns it into a numbers-based sequence. From there, the sequence can be used to “identify songs based on a variety of sources, including humans singing, whistling or humming, as well as studio recordings,” according to Google’s announcement. The sequence also strips away any other outside noise, like accompanying instru...
Post a Comment
Read more

Ransomware's Dangerous New Trick Is Double-Encrypting Your Data

  Ransomware groups have always taken a more-is-more approach . If a victim pays a ransom and then goes back to business as usual-hit them again. Or don’t just encrypt a target’s systems; steal their data first, so you can threaten to leak it if they don’t pay up. The latest escalation? Ransomware hackers who encrypt a victim’s data twice at the same time. Double-encryption attacks have happened before, usually stemming from two separate ransomware gangs compromising the same victim at the same time. But antivirus company Emsisoft says it is aware of dozens of incidents in which the same actor or group intentionally layers two types of ransomware on top of each other. “The groups are constantly trying to work out which strategies are best , which net them the most money for the least amount of effort,” says Emsisoft threat analyst Brett Callow. “So in this approach you have a single actor deploying two types of ransomware. The victim decrypts their data and discovers it’s not act...
Post a Comment
Read more

WhatsApp Users Exchanged Over 100 Billion Messages on New Year’s Eve, A New Record

WhatsApp is one of the most widely used communication apps on the planet and as such, clocks an insane number of messages and media exchanges on a daily basis. But the New Year's Eve broke a record that has been standing since WhatsApp's debut a decade ago. WhatsApp has revealed that users exchanged over 100 billion messages on New Year's eve. And out of that number, more than 20 billion messages were shared by Indian users alone. Moreover, around 12 billion out of the 100 billion+ messages shared on the platform were images. WhatsApp wrote in a press release that over 100 billion messages were shared globally on December 31 in the 24-hour duration leading up to the midnight of New Year's Eve. This is a record-breaking volume and is the highest number of messages exchanged in a single day ever since WhatsApp kicked off its services ten years ago. Out of those 100 billion+ messages shared on New Year's eve, WhatsApp says over 12 billion were images. Meanwhile...
Post a Comment
Read more