Twitter Deals with Cyber-Attack from Within
On Wednesday, July 15th, Twitter was faced with the worst security breach they have experienced since their inception, leaving the company scrambling to determine whether their employees were victims of an elaborate scheme or willing participants.
So, what exactly happened?
Invitations to what appeared to be a Bitcoin scam were tweeted by some of the most influential people in the world, including Bill Gate and Elon Musk. Even former President Barack Obama’s account was involved. Twitter’s response was to prevent any further posts from verified accounts and announce that they had detected a “coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools.”
Speculation quickly arose as to the identity of those responsible and the true purpose of the attack, with some believing that the timing and sheer scope of the incident suggests an attempt to gain access to sensitive data ahead of the US elections in November.
As Twitter investigates the incident, employee logs, email, and phone records are likely to be the focus of intense scrutiny. Investigators will be seeking to discover precisely what information may have been compromised. The Bitcoin wallets mentioned in the tweets collected close to $120,000 in cryptocurrency.
As a result of the attack, Twitter shares had dropped about 3% by Thursday morning in New York.
It can be exceedingly difficult to track this type of attack when the focus of the investigation is on employees rather than technology. Social engineering attacks begin with the scammer developing a relationship with someone who has administrative access. The scammer will do what they can to gain access to the employee's credentials, which they will use to log into their account.
Although one might wonder how cybercriminals know which employees to target, it is not as difficult as it appears. Today’s smartphone apps collect a vast amount of data from users which is often sold to various marketing companies. Users are regularly giving away information about themselves, sometimes knowingly, but often not. Cybercriminal organizations engaged in social engineering attacks make millions of dollars each year.
Until Twitter reveals details about the attack, cybersecurity experts can only speculate about what happened, but many are not convinced that it was just a cryptocurrency scam, suspecting that it was a cover for a larger operation.
For example, the attack could have served as a distraction, with hackers focusing on collecting private messages and other sensitive information that they can use at a later date. This means that even as Twitter returns to normal operation, there may be effects from the attack that have yet to be seen.
Whatever Twitter uncovers, they will need to be perfectly transparent. Failing to do so could cause considerable damage to their brand.
Every business should assume they have either been attacked, are being attacked, or will be attacked. Fast detection and swift response are the small business owner’s only defense.
You can access my Free Ebook=> “WHAT’S AT STAKE FOR YOUR BUSINESS?”
So, if you’re ready to put the right security in place. Contact me, I have traveled the globe Identifying security threats in Companies. I can help give your business a peace of mind as you move into the digital revolution. There’s no risk to talk with us about your business and you can stop the process any time. But if you let us look under the hood, we’ll help you discover any potential problems before they impact your business or take your data. If everything looks good, we’ll tell you. However, if we discover symptoms of a growing threat, we’ll help you check them out to make sure you’re not exposed to catastrophic failure.
To Learn More About Cyber Security => Safe Harbour.