The FBI is investigating last week Cyberattack on Twitter. The Cyber Security officer told us that we are gathering pieces of how the incident occurred and what the company must do next.
Some of the most important questions about this Attack are “How did they get in”? And “What did they do”? Said by Raj Badhwar, Chief information security officer at Voya Financial Inc.
Last Wednesday, a huge breach happened on Twitter. Some high profile and big influencer accounts like Elon Musk, Bill Gates and Barack Obama were targeted and some fake news about bitcoins were spread.
According to a report by The Wall Street Journal, the attack might have focused on Twitter’s internal account reset system. This system helps users to regain the access of the accounts after forgetting their passwords or losing their phones.
During such high profile incidents confusion can occur. Security teams start looking at the data to find a vulnerability but Early evidence can also lead investigators to false leads, said Frederick Lee, Chief Security Officer at Gusto. He further said that, “This is also a tactic of an attacker. If you are a good attacker, you will want to compromise an insider and will try to hide your tracks as much as possible”.
Details of what happened to Twitter are coming out. According to Twitter, “certain twitter employees were targeted through a social engineering scheme. Somehow they entered through two-step security and accessed internal systems. The 130 twitter accounts were targeted and they were able to reset passwords, login, and tweet from 45 of them.
The Company further said, “the attacker took additional steps of downloading the account’s information, eight twitter accounts were involved in this”. Later it was confirmed that none of the eight were verified.
They could not figure out whether a staff member of twitter was involved and how much data was breached.
Mr. Badhwar said that the incident was very unusual for fellow security officials.
He said, When I heard about this breach, I told my intelligence network to learn more about the incident and look at Twitter’s statement on this breach.
“I was shocked, because Twitter is a tech company”, he said.
According to Cybersecurity Experts, “Employees are often the weakest points in the defense system of a company because they can easily fall into traps such as phishing emails and hackers are increasingly targeting them to blast”.
Chief of security insights and global threat alliances at FortiGuard Labs, Derek Manky stated that “It is hard to identify internal threat than an outer”
“These insiders have already access to the network and services. So, when they behave badly the alerts are triggered”, he said.
He further added, “with remote work, when you work by leaving the traditional network perimeter, it becomes easy to hide data thefts”.
Twitter also added that “We are continuing to investigate this incident, working with law enforcement and we are also working on long-term actions we should take to improve our systems.
Mr. Fredrick Lee suggested that Companies should install preventive measures such as requiring multiple employees to access customers’ accounts during troubleshooting.
What it does is it increases attack cost for an attacker, because, as an attacker, instead of one, you have to compromise with two employees of a company.