News

Tighter security needed to prevent repeats of Twitter hack, experts say

Cyber security analysts have called on social media firms to introduce tighter security measures for internal admins following Twitter breach.
Cyber security analysts have called on social media firms to introduce tighter security measures for internal admins following Twitter breach. Cyber security analysts have called on social media firms to introduce tighter security measures for internal admins following Twitter breach.

Social media platforms such as Twitter need to tighten security around admin staff with access to internal systems, cyber security experts have said.

The warning comes in the wake of a Twitter breach where hackers targeted employees with access to the firm’s internal systems and posted a Bitcoin scam to the accounts of high-profile figures in the US.

Former president Barack Obama, rapper Kanye West and current presidential candidate Joe Biden were among those hit by the breach, with identical messages promoting the cryptocurrency scam posted to their profiles.

Twitter has now confirmed the incident was a “co-ordinated social engineering attack” by hackers who had targeted Twitter employees with “access to internal systems and tools”.

Cyber security expert Todd Peterson, from software firm One Identity, said better management of staff with access to such sensitive internal tools was vital to prevent future repeats of the attack.

“Providing great customer support for high-profile customers means IT administrators need privileged access to their accounts – to help reset passwords and to help clear up after an account takeover,” he said.

“However, with this great power comes great responsibility – and it takes only one bad admin to create global chaos by abusing their privileged access.

“Touching such high-profile Twitter accounts should be tied to an approval process, where a single person cannot act alone, without a detailed explanation and an approval by a superior.

“A modern record-and-review monitoring system would have also stopped the lone actor in their tracks by flagging the highly unusual activity and helping to retrace and undo their steps.”

In its statement on the incident, Twitter said: “We know they used this access to take control of many highly-visible (including verified) accounts and Tweet on their behalf.”

Twitter said that in the wake of the incident, it had taken “significant steps to limit access to internal systems and tools while our investigation is ongoing”.

The social media giant is yet to confirm any further details of the attack, but chief executive Jack Dorsey said: “Tough day for us at Twitter. We all feel terrible this happened.”