Two weeks ago, the social network Twitter was the victim of a computer attack.
A cyberattack that allowed cybercriminals to take control of several accounts belonging to public and political figures such as Bill Gates, Elon Musk and even Joe Biden. While some information about this incident has not yet been published, several lessons can be learned.
The weak link of computer security and human beings
The takeover lasted exactly a few hours. Precisely on July 15. Twitter accounts apartment to important personalities have been used to extract money from Internet users. The idea was to push them in order to donate in the form of bitcoin under a false pretext. They still managed to get a loan of $150,000 in cryptographic currency.
This article will also interest you: Twitter hacked, several apartment accounts to high-ranking personalities affected
However, an investigation showed that it was a group of cyber criminals, especially young people, who were behind the cyberattack and not a state, as might have been assumed or even a well-organized criminal group. Referring to Twitter's findings, cybercriminals failed to do so through security vulnerabilities. They simply "manipulated a small number of employee[de Twitter]s and used their information to gain access to internal systems," as the statement posted on the social network's website read.
This form of a loved one is called in the field of social engineering. The choice of cyber criminals to do so did not really surprise him is a specialist in cybersecurity. "One of the easiest ways to get into an organization is to hack people, not systems," said Darktrace, national director of the Canadian company, which specializes in providing IT security services. It is humans who are the weak link in the chain." As a former agent of the British MI5 and the Canadian Security Intelligence Service (CSIS), his approach is based on years of experience.
This technique, developed a lot during the containment because of the Covid-19. It is not uncommon for it to be associated with the phishing technique, which will allow cybercriminals to collect information, by pushing targets to fill out forms often by email. So that you can have access to certain interfaces. In this way, it is thought that the adoption of telework has had a strong impact on the implementation of the cyber attack known by the social network. "Twitter employs many security measures, but they are mostly at the company's head office, not in all of their employees' homes," says David Masson, Darktrace's director. When 500 people are in the office, there is only one site to protect. When they're at home, there are 500," he continues.
As the director of the Canadian cybersecurity firm has indicated, it would have been easy to protect themselves from this problem if the employees had been properly trained. In addition, he should have learned, to detect abnormal movements, during their usual services.
It is therefore recommended that all teleworkers, especially those who have access to the company's network from home, be more and more vigilant. Learn not to consider emails that offer them to click on links for any unredified movement on the part of the company. Good safe practices in getting the place. That is, the complex password formulation thus preventing brute force attacks. In addition, the activation of dual-factor authentication.
On the business side, it is recommended that employee privileges be restricted to the maximum. This is because the cybercriminals that caused the problem experienced by Twitter had used tools that were accessible by many employees. This tool allowed social network employees to change emails that are typically associated with user control, and in some cases, disable dual-factor account authentication. It is exactly with these tools that cybercriminals have proceeded. "If that's the case, I hope companies around the world will learn from this case: attackers can only take advantage of these tools if your employees have the access to make these changes. Limit the privileges of their accounts now," recommends Rachel Tobac, the IT security consultant, on Twitter.
Twitter's example is one of many. Indeed, many technology companies have already experienced this kind of problem, because of certain tools available to their employees. Let's remember in 2017, it had been temporarily deleted from Donald Trump's account. Whether it's Uber, Facebook or even Snapchat, this problem has also been discovered.
The most surprising thing about all this is that the social network attack is simply about starting a scam. Knowing that this could have led to a much greater consequence. "If you had the power to control Twitter for a few hours, would you do it for only $150,000 in bitcoins? David Masson wondered. The latter to consider much greater possibilities such as publications that can affect the stock market price, especially when we know that large companies such as Apple had also been a victim of this Hacking of Twitter account. But according to twitter the cyber criminals could have accessed private messages belonging to 36 users victims of the incident. In this case it is believed that the information they could have gathered could be used to initiate blackmail companions. "I feel like there's more to this attack than we've seen so far," Masson said.
Now access an unlimited number of passwords: