As Twitter tries to get to the bottom of the embarrassing hack of high profile accounts, the FBI has also joined the investigation with many signs indicating it might have been an inside job.
The verified accounts of Elon Musk, Apple, Bill Gates and numerous other high-worth individuals and companies were hacked and sending tweets as part of a crypto scam.
These accounts were no doubt secured with strong passwords and backed up by two-factor authentication so how did these cyber criminals get in?
Monash University associate professor Carsten Rudolph, department of software systems and cybersecurity, says the Twitter attack may have originated internally.
“This recent attack on Twitter identifies quite a big problem with the social network’s application programming interface (API) or their internal management interfaces,” Professor Rudolph says.
“It seems possible that a hacker was able to gain access via an employee’s account or an internal person at Twitter.
“The time it took for Twitter to react is also quite worrying.
“Blocking all verified accounts from posting showed that they did not really know what to do in this situation and were unaware of exactly where the manipulations and hacks came from.”
Monash University senior lecturer, criminology, Lennon Chang says the attack targeted Twitter databases rather than specific accounts.
“This seems to be a hacking towards Twitter databases, not individual users,” Professor Lennon said.
“It could also be an insider crime. Similar events had also happened on Facebook, though they might not use the profile from the public figures so did not draw media’s attention.
We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools.
— Twitter Support (@TwitterSupport) July 16, 2020
“It is important for Twitter to review its internal controls, not allowing individual employees to have the right to access the database.
“It is also important for Twitter to share the experience with other social media to prevent copycats from doing the same on other social media platforms.
“Followers/friends should always double-check unusual messages posted on celebrities’ or friends’ sites.”
Twitter confirmed in a tweet that it believed the attack was a result of social engineering which targeted some of its employees who had access to internal systems and tools.