Free Republic
Browse · Search
General/Chat
Topics · Post Article

Skip to comments.

Lawmakers zero in on Twitter following massive hack
The Hil ^ | July 16 | BY MAGGIE MILLER

Posted on 07/16/2020 8:26:50 PM PDT by RandFan

The sweeping hack of verified Twitter accounts Wednesday night was one of the largest security lapses in the platform’s history and led to thousands of users being partially locked out for hours.

But the social media giant, and its users, may have gotten off easy.

Now lawmakers and top officials are mulling how to ensure Twitter is not hacked by groups with more malicious intentions and how to protect other potential cyber targets from the same fate. The conversation has taken on a particular urgency as geopolitical tensions increase during the COVID-19 pandemic with only months left until a presidential election.

“This hack bodes ill for November balloting,” Sen. Richard Blumenthal (D-Conn.), a member of the tech-focused Senate Commerce Committee, said in a statement Thursday.

“Count this incident as a near miss or shot across the bow," he added. "It could have been much worse with different targets. So many security red flags are raised by this criminal attack that the culprits should be tracked down as quickly as possible.”

The hacking incident occurred Wednesday night, when accounts of verified Twitter users including former President Barack Obama, former Vice President Joe Biden, Amazon CEO Jeff Bezos, Tesla CEO Elon Musk, and Microsoft co-founder Bill Gates tweeted out messages asking followers to send them money in the form of bitcoin.

The posts, which were quickly taken down by Twitter, gave an address to a bitcoin wallet, and promised to double any amount sent. The individuals behind the attack quickly raised the equivalent of more than $115,000.

In response, Twitter temporarily restricted the use of verified accounts as it began its investigation into the incident. In at least one troubling case involving the National Weather Service (NWS), this decision prevented critical safety information from reaching the community for hours.

Sen. Mark Warner (D-Va.), vice chairman of the Senate Intelligence Committee, told The Hill that the outcome could have been worse if individuals with more disruptive intentions than simply making money had been involved.

“The ability of bad actors to take over prominent accounts, even fleetingly, signals a worrisome vulnerability in this media environment — exploitable not just for scams, but for more impactful efforts to cause confusion, havoc and political mischief,” Warner said.

The company later tweeted that hackers had “successfully targeted some of our employees with access to internal systems and tools” in what Twitter described as a “coordinated social engineering attack.”

Twitter said it had limited access to “internal systems and tools” while their investigation was underway into the targeting of their employees. While it wasn’t immediately clear how the employees were targeted, Motherboard spoke with hackers claiming to be involved who said they paid a Twitter employee for some form of access to the accounts.

Twitter CEO Jack Dorsey tweeted that company was “working hard to make this right,” while Biden tried to use the situation to his advantage by encouraging people to donate to his presidential campaign to defeat President Trump instead of sending bitcoin.

But Twitter now faces a wave of governmental scrutiny, with many seriously concerned that it could provide avenues that others could exploit to cause damage.

The FBI said Thursday that it was launching an investigation into the incident, while New York Gov. Andrew Cuomo (D) directed state agencies to separately investigate the incident.

Both Senate Commerce Committee Chairman Roger Wicker (R-Miss.) and House Oversight and Reform Committee ranking member James Comer (R-Ky.) sent Twitter letters asking the company to brief the panels on the hacking incident, with Wicker writing it was “of great concern” to his committee.

Spokespersons for Sens. Ron Johnson (R-Wis.) and Gary Peters (D-Mich.), the leaders of the Senate Homeland Security and Governmental Affairs Committee, told The Hill that committee staff were also “requesting a bipartisan staff-level briefing to understand how this happened and what we can do to prevent it from happening in the future.”

The letters were sent the day after committee member Sen. Josh Hawley (R-Mo) sent a separate missive to Twitter encouraging the company to immediately alert the FBI and the Department of Justice of the incident.

“Millions of your users rely on your service not just to tweet publicly but also to communicate privately through your direct message service,” Hawley wrote. “A successful attack on your system’s servers represents a threat to all of your users’ privacy and data security.”

Sen. Ron Wyden (D-Ore.), a member of the Senate Intelligence Committee, pointed to concerns around the security of Twitter’s direct message system (DMs), noting that Dorsey promised during a meeting with Wyden in 2018 to implement end-to-end encryption on the messages.

“Twitter DMs are still not encrypted, leaving them vulnerable to employees who abuse their internal access to the company's systems, and hackers who gain unauthorized access,” Wyden said in a statement. “If hackers gained access to users' DMs, this breach could have a breathtaking impact, for years to come.”

Some members of Congress pointed to the hack as evidence that Congress needs to lead the way on passing legislation to shore up cybersecurity. One of these proposals, which has gained bipartisan support in recent days, is the reestablishment of a national cyber director at the White House to help coordinate federal cybersecurity activity.

Rep. Jim Langevin (D-R.I.), a sponsor of the legislation creating the position, told The Hill on Thursday that the Twitter incident underlined “the need to take action now to protect Americans, our assets, and allies.”

“We cannot be timid in our response to this cyber aggression,” he said.

Rep. Cedric Richmond (D-La.), the chairman of the House Homeland Security Committee’s cyber panel, told The Hill that Congress had an “obligation to protect the internet and our constituents who use social media.” Rep. John Katko (R-N.Y.), the ranking member of the panel, told The Hill that social media users need to “remain vigilant and utilize best practices and good cyber hygiene.” ` Software group Check Point was among those tracking the Twitter hacking incident as it occurred. Mark Ostrowski, the head of engineering at Check Point US East, told The Hill that in light of millions working remotely, the hack is a reminder for companies to step up their game and educate employees on how to spot malicious cyber activity.

“This is an eye-opening moment, where companies have to be better equipped for things like spear phishing and limiting access to their internal tools so these things can be avoided in the future,” Ostrowski said.

Many unanswered questions about the hacking incident remain.

Twitter gave an update on Thursday afternoon saying no passwords were accessed, but did not answer questions about whether hackers accessed direct messaging for accounts or stole other information.

For Theresa Payton, the White House chief information officer during the George W. Bush administration, these questions kept her up through the night Wednesday, wondering what the hackers were able to access.

“We don’t actually know what the attackers did with the accounts yet,” Payton, who currently serves as CEO of cyber consultancy group Fortalice Solutions, said. “To me, the jury is out until we understand who the attackers truly were and Twitter does a full forensic investigation of what the attackers did with each and every individual account while they owned them.”

“It will be interesting to see if this was only a cryptocurrency scam,” she said.


TOPICS: Computers/Internet
KEYWORDS: amazon; billgates; bitcoin; blumenthal; cedricrichmond; checkpointuseast; clowncar; connecticut; cryptocurrency; delaware; elonmusk; falcon9; falconheavy; falseflag; garypeters; jamescomer; jeffbezos; jimjordan; jimlangevin; joebiden; joeclowncarbiden; johnkatko; joshhawley; kentucky; louisiana; maggiemiller; markostrowski; markwarner; michigan; microsoft; mississippi; missouri; newyork; ohio; oregon; reichstagfire; rhodeisland; richardblumenthal; rogerwicker; ronjohnson; ronwyden; russia; spacex; tesla; theresapayton; twitter; twitterbigtech; virginia; wisconsin

1 posted on 07/16/2020 8:26:50 PM PDT by RandFan
[ Post Reply | Private Reply | View Replies]

To: RandFan

Target nearly destroyed!


2 posted on 07/16/2020 8:28:54 PM PDT by DarthVader (Not by speeches & majority decisions will the great issues of the day be decided but by Blood & Iron)
[ Post Reply | Private Reply | To 1 | View Replies]

To: RandFan

Does the bartender show her stuff? If no, fegedaboudit.


3 posted on 07/16/2020 8:30:23 PM PDT by Libloather (Why do climate change hoax deniers live in mansions on the beach?)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Libloather

They didn’t ask her ...


4 posted on 07/16/2020 8:33:30 PM PDT by RandFan (3C)
[ Post Reply | Private Reply | To 3 | View Replies]

To: AdmSmith; AnonymousConservative; Arthur Wildfire! March; Berosus; Bockscar; cardinal4; ColdOne; ...

5 posted on 07/16/2020 8:54:30 PM PDT by SunkenCiv (Imagine an imaginary menagerie manager imagining managing an imaginary menagerie.)
[ Post Reply | Private Reply | View Replies]

To: RandFan

Who dunnit?

My money is on China.


6 posted on 07/16/2020 8:58:59 PM PDT by READINABLUESTATE
[ Post Reply | Private Reply | To 1 | View Replies]

To: READINABLUESTATE

Why would China need $100k?

Probably some hacking group not affiliated with a govt’.,,


7 posted on 07/16/2020 9:06:08 PM PDT by RandFan (3C)
[ Post Reply | Private Reply | To 6 | View Replies]

To: RandFan

Blumenthal is just worried his pedo-file may get hacked...


8 posted on 07/16/2020 9:14:08 PM PDT by cgbg (Masters don't want slaves talking about masters and slaves.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: RandFan
A hack of that sort is usually the exit plan for the criminal gangs that do this sort of thing.

You can bet that they have been into the Twitter system for several weeks, scooping up anything interesting that they can find, and selling it to interested parties. This bitcoin scam was probably just their goodbye kiss.

And of course they had inside help - either paid off very or blackmailed, or otherwise threatened.

The perpetrators will be based in a foreign country and have tacit support from their local Government. They will be very hard to capture. If they are captured it will be the result of some very unsavory trades.

It has been done before. It they have antagonized the wrong politicians, it will be done again.

Meanwhile, the security system at Twitter is completely screwed, and the damage is probably far worse than they will admit. Good reason to stay off that platform.

9 posted on 07/16/2020 9:28:02 PM PDT by flamberge (The wheels keep turning)
[ Post Reply | Private Reply | To 1 | View Replies]

To: RandFan

Will Jack get hauled away for lying to Congress about twitter “not” shadowbanning people?
Because he did lie.


10 posted on 07/16/2020 9:29:28 PM PDT by Darksheare (Those who support liberal "Republicans" summarily support every action by same.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: RandFan
From the article:1. Way to go Jack, keeping promises must not be very high on your priority list.

2. Anybody using an unencrypted messaging system is nuts.

11 posted on 07/16/2020 9:46:10 PM PDT by upchuck (D.Horowitz: America did not invent slavery, America ended it. Preserve the American way of life.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: RandFan
Twitter doesn't mean Jack to me. I dumped them years ago. My tax dollars to mean something to me. Do you think congress would launch expensive investigations into a small business being hacked?

Who is doing what for whom here? I would simply be amazed that Twitter donates money to ... nah, they wouldn't do that. And even if they did, the politicians that benefit from such donations are independent enough to not be influenced by money.

In other words, don't believe a single thing you read about this going forward. It doesn't affect our lives, or it shouldn't. I know I don't miss Twitter one iota.

12 posted on 07/16/2020 10:12:30 PM PDT by ConservativeInPA ("War is peace. Freedom is slavery. Ignorance is strength." - George Orwell, 1984)
[ Post Reply | Private Reply | To 1 | View Replies]

To: RandFan

Maybe a red herring, getting sleuths to look at one specific platform, while testing an exploit they plan to run on another during the election . . . maybe not election related, but using the election as cover for the real purpose.


13 posted on 07/16/2020 10:18:39 PM PDT by Sgt_Schultze (When your business model depends on slave labor, you're always going to need more slaves)
[ Post Reply | Private Reply | To 7 | View Replies]

To: upchuck

Believe it or not a lot of companies now use twitter for support etc. and ask you to ‘DM’ their account. It’s nuts like you say.


14 posted on 07/16/2020 10:26:43 PM PDT by RandFan (3C)
[ Post Reply | Private Reply | To 11 | View Replies]

To: cgbg

I don’t like him either.. The only D who talks sense is Wyden. He trapped Clapper in that lie to Congress..

The rest of them are grandstanding or after a contribution. Sad but true.


15 posted on 07/16/2020 10:36:45 PM PDT by RandFan (3C)
[ Post Reply | Private Reply | To 8 | View Replies]

To: ADemocratNoMore; Akron Al; arbee4bush; agrace; ATOMIC_PUNK; Badeye; big bad easter bunny; ...

OHIO PING!

Please let me know if you want on or off the Ohio Ping list

Lawmakers zero in on Twitter following massive hack
7/16/2020, 11:26:50 PM · by RandFan · 14 replies
The Hil ^ | July 16 | BY MAGGIE MILLE


16 posted on 07/17/2020 9:00:12 AM PDT by Lowell1775
[ Post Reply | Private Reply | To 1 | View Replies]

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson