Twitter — a leading Social Network provider hacked by Social Engineering in 2020!?
First, clarification — I am NOT a network security expert, so maybe I am wrong here.
The richest man Jeff Bezos is one among the hacked Twitter accounts, and below message was sent by the hacker during the attacking.
The recent hacking to the high-profile accounts that Twitter suffered shocked me. Not because I do NOT know this type of attacks could happen, we all know the tries are happening every second to all types of target, and surely Twitter is on the target list. I was shocked because as a leading social network operator, Twitter should have prevented this type of accident if they have a solid security red team like all other their silicon valley competitors.
Key fact: A system is always as secure as its weakest part is. And it’s common knowledge that people is usually the *weakest* part on the chain since it will never match the level of discipline and consistency as their machine counterparts. Hence, all the modern systems should have built in solid anti-social-engineering measure since it’s almost inevitable. While this Twitter attack showed clearly that Twitter has NOT solved this key problem in their system.
Second, which is more serious problem here is that this showed Twitter does have internal tools for their authorized employees to “post message as it’s posted by the account owner like Jeff Bezos” — This should have never existed exactly for the reason of this type of attack.
A long way for Twitter to go, and a painful lesson for every internet players to learn from! Good news is all the security folks in silicon valley now is checking their systems’ loophole now based on the learning from this attack.
A side note, hats off to *Satoshi Nakamoto(The known inventor of Bitcoin)*, the excellence of the technical design of Bitcoin — it has become the go-to mean to collect dirty money by hackers like this one and still nobody could touch the money sent to the well-known wallet address other than the hacker itself!
