Several prominent politicians, celebrities and public figures were victims of a large-scale hacking attack on Twitter accounts on Wednesday, July 15. Twitter itself now has some explaining to do, as it is only the latest incident in a history of breaches of the popular platform.
What Happened on Wednesday?
On Wednesday, hackers succeeded in spreading advertising for dubious cryptocurrency deals on Twitter profiles of celebrities such as Barack Obama, Joe Biden and Jeff Bezos. Accounts of companies like Apple and Uber were also affected. How exactly the unprecedented hack was facilitated remains currently unclear. Many of the Twitter accounts were temporarily blocked and were back online a short time later without the apparent fraudulent messages.
The Twitter profiles of Michael Bloomberg, Kanye West, Bill Gates and Elon Musk were also affected. In the message distributed via the accounts, it was promised to repay the bitcoins sent in twice. Cryptocurrency worth over $100,000 was quickly sent to the aforementioned Bitcoin account.
Twitter’s Past Cybersecurity Problems
Twitter has had problems hijacking accounts in the past, but never on such a broad front and with so many prominent names at once. The extent of the attack suggests that this time it was not an app linked to Twitter accounts that were used, as in previous cases, but that systems from Twitter may have been directly affected.
Twitter confirmed the latter. Moreover, the company states that the perpetrators had digitally attacked Twitter employees and also given themselves access to internal systems and tools. In the near future, users could have problems sending tweets or changing their password, the company warned.
How Safe is Twitter?
The high-profile accounts of the aforementioned individuals are likely to be protected with complex passwords and so-called two-factor authentication, which also requires a freshly sent code to log on to a new device. The fact that it was still possible to send messages on behalf of the celebrities raises severe questions about Twitter’s security measures — especially less than four months before the US presidential election. The account of US President Donald Trump, meanwhile, for whom Twitter is a central communication channel, was not affected.
However, the Bitcoin incident could also have served as a distraction for an attack on the company’s collected customer data. After all, if the hackers had access to the back-end or direct database access, nothing would prevent them from copying data in the shadow of the tweet fraud.
The attack occurred despite Twitter having further tightened security after hackers spread fake news about CEO Jack Dorsey’s account less than a year ago. The service claimed at the time that its systems had not been hacked, but a security vulnerability at Dorsey’s mobile operator had allowed the tweets to be sent via SMS.
Most recently, at the end of January, a group called OurMine managed to post to the accounts of several American football teams, with the sole purpose of displaying that anything could be hacked.
How a Future Twitter Hack Could Spread Political Chaos
The hack now reminds the public of the risks that come with services such as Twitter. The platform is an essential channel for numerous politicians to communicate with their own citizens as well as with the rest of the world — an effective attack by a hacker could be utilized to stir up considerable uncertainty.
In the past, states have shown that they are not afraid to exploit social media to manipulate users and influence elections: for years, Facebook has exposed the accounts of state actors, such as those from Russia and Iran, that spread controversial political messages and above all pursue the goal of dividing the population of a country.
All in all, it may thus be fair to conclude that Twitter has yet to take sufficient steps to protect itself adequately and that it must find a more effective way to mitigate the risks its service presents to democracies.