It's often wondered just how much digital interactions on Twitter truly impact the physical world. An instance this week showed a small taste of just how powerful the website can be in the wrong hands, as The Associated Press' Twitter feed was hacked to display the message "Breaking: Two Explosions in the White House and Barack Obama is injured" to the organization's nearly 2 million followers.
One effect of this hacking was the Dow Jones Industrial Average plummeting by approximately 140 points. Although the market quickly recovered when the AP revealed that they were the victim of an attack, CNBC's Sue Herera said that this shows how sensitive the market is right now, as any report of a terror-related attack can send it into a tailspin.
Politico said the Syrian Electronic Army, which supports the government of Syrian President Bashar al-Assad, has claimed responsibility for the erroneous Tweet, writing on its own website that it wrote the fake tweet about an explosion in the White House. The SEA boasted that this tweet created chaos and started a decline in U.S. stocks. This same group has claimed they were responsible for attacks on NPR and CBS News Twitter accounts in previous instances.
Lessons can be learned from this attack on Internet security, according to Matthew Schwartz on InformationWeek. In this instance, it seems as though the cause of the password leak was a phishing email sent to multiple AP employees, which one worker said was "impressively disguised" to look like a real email from a co-worker.
"How can businesses prevent an AP-style Twitter account hijacking?" Schwartz said. "The short answer is that it's very difficult for users to spot every phishing attempt, and also difficult to adequately protect Twitter accounts against hijackings, whether you're an individual or a business. For starters, that's because only a username and password are required to log into a Twitter account, and the username is already publicly known, because it's a user's Twitter handle."
It is more difficult especially for Twitter accounts that have multiple people with access to the master password, as this makes two-factor authentication much harder to use in a secure way. Each company that uses accounts like this will need to learn a lesson from this event and make sure they are diligent with regard to keeping the passwords secure by only giving access to individuals that need it and being wary of suspicious emails.
Security News from SimplySecurity.com by Trend Micro