On July 15, 2020, several verified Twitter accounts with millions of followers were compromised in a cyberattack. Many of the hacked accounts we protected using two-factor authentication, which the hackers were somehow able to bypass.
Hacked accounts included Barack Obama, Joe Biden, Bill Gates, Jeff Bezos, Mike Bloomberg, Warren Buffett, Kim Kardashian, and Kanye West, Benjamin Netanyahu, and several high profile tech companies, including Apple and Uber.
The hackers posted variation of a message asking follower to transfer thousands of dollars in Bitcoin, with the promise that double the donated amount would be returned.
How could Twitter have been better prepared for this? How do you rate their response?
For some good information from a leading expert check out the webinar today 7/17 on Brighttalk by Alex Holden..... We have a lot of
questions about the Twitter breach but not so many answers. I can tell
you that similar cryptocurrency fraud campaigns are on-going on
different social media platforms and on a different scale. Tomorrow
(Friday) at 11 am CT on BrightTalk https://lnkd.in/eRuXaca We will discuss what we know about the breach and disturbing patterns that are emerging everywhere.
@Ken Shaurette thanks! I missed it live, will catch the recording when I get a chance. What security platforms do you think would have done the best job at preventing the hack?
I like the potential for catching an unusual activity like that with our recently implemented endpoint detection tool, Cynet360. It seems so far to have about the highest level of transparency into the endpoint with a 24x7x365 backing of monitoring.
It's understood that internal tool probably shared by Internal Employee as RCA. The tool was used to reset associated Mail Address of account thereby Password Reset of Choice. In MFA of Identity related features, it's more secured on keeping it with associated Mobile Secure Pin or SoftCrypto Code in Future to avoid compromise at this moment is the lesson learned.
The use of two factor authentication by Twitter
This is one of the Identity theft issue, which means some one hack your password or account and do activity which he she is not suppose to do. basic reason of hack of your identity or password is Social engineering. second reason is system has week privilege access management. If you have less control on admin id or privilege id then enter firm has to suffer along with the customer of that firm. For me the take away of this event is to protect privilege ID and you good PAM PIM tool with two factor and UBA included.
Span of control, Solid RBAC, Privileged Access Management (PAM)