Twitter CEO Jack Dorsey and the Federal Bureau of Investigation are still trying to iron out the details of just who and what were behind Wednesday’s massive hack that compromised the accounts of some of the biggest political names and industry leaders in the world.
Messages sent from the hacked accounts of politicians including former president Barack Obama, presumptive Democratic presidential nominee Joe Biden and tech titans including Bill Gates and Elon Musk, claimed that if users sent bitcoin to the Twitter (TWTR) account holders, they would, in turn, send the users double that amount.
According to The New York Times, the scam netted roughly $120,000 for the still-unknown hackers. And while that may be a good deal of money for the individuals bilked out of their funds, the hack could have been far worse.
Twitter is already bound by a settlement agreement with the Federal Trade Commission that relates to a 2009 breach under which the social network could face fines if it doesn’t safeguard user data.
With Twitter serving as a major news source for everything from financial institutions to weather services, and operating as the de facto bullhorn for President Trump, a hack targeting such high-profile accounts could have been far more disastrous, experts warn.
“We really dodged a bullet that they only stole a little over $100,000 in bitcoin,” said NYU Tandon School of Engineer assistant professor of computer science and engineering Damon McCoy. “It could have been much, much worse than what happened.”
Twitter’s strength in shaping news
Twitter’s importance in breaking international and financial news has come into sharp focus in recent years. Trump regularly makes grand pronouncements on the service, which can either roil or lift markets.
Musk, meanwhile, has both sent Tesla’s (TSLA) stock price soaring and plummeting after he’s made statements on Twitter including his famous call that he was going to take Tesla private at $420 a share, for which he was subsequently sued by the Securities and Exchange Commission.
According to McCoy, Twitter has become so entrenched in the lives of traders that major news events can directly impact the markets, giving hackers a greater incentive to attack the social network.
‘[Hackers could] target a particular company's stock, either make it rise or fall, or even worse, target entire sectors or entire markets with how closely the algorithmic trading and the hedge funds have connected themselves to monitoring social media and how fast they trade these days,” he said.
What’s more, nation-state hackers have proven their willingness to exploit Twitter for their own gains. Look no further than the 2016 election meddling campaign Russia waged against the U.S. using Twitter and Facebook.
Equally alarming was the time Syrian hackers took over the Associated Press’s Twitter account in 2013 and tweeted that then-president Obama was involved in an explosion at the White House and was injured.
“I think this hack definitely exposed that this could be an issue at least at Twitter. The harm was fairly minimal compared to what it could have been,” McCoy said of the latest incident.
How Twitter moves forward
For Twitter, the next step is determining how this hack happened and how it can mitigate future attempts in the future.
“The hardest thing to regain here is the trust of the user population,” explained Professor Dave Levin of the Maryland Cybersecurity Center at the University of Maryland.
“Fortunately, I mean, Twitter hasn't had a lot of these types of incidents. Whereas a lot of the other tech companies have had things like this happen. A real red flag is when you see things like this happen over and over again.”
According to Twitter, the hack seems to be the result of some form of social engineering. It’s similar to the tactic attackers use when they send fraudulent emails claiming to be from Google or Microsoft asking you to click a link and enter your username and password then take over your account.
Motherboard, however, says that it spoke to individuals claiming to be behind the hack, and that they paid off an insider to give them access to the means to control the high-profile accounts.
Both McCoy and Levin expressed their dismay that the attackers were able to thoroughly penetrate Twitter, and said they’ll need to work to ensure similar attacks can’t occur in the future.
“The reason why there are two keys you have to turn in a nuclear submarine at the same time is there is a chance one person will go crazy and you don't want the crazy person to launch nuclear missiles,” Levin said.
“If something is really, really important, having a single person that could have a bad day is not great. You should design systems to have some kind of resilience against those types of attacks,” he said.
Got a tip? Email Daniel Howley at email@example.com over via encrypted mail at firstname.lastname@example.org, and follow him on Twitter at @DanielHowley.
More from Dan: