Securitythreat management

Cybersecurity Learnings from the Recent Twitter Heist

Ransomware, malware, phishing attacks-you might have often come across these terms since the outbreak. However, the recent cryptocurrency scam using Twitter’s administration tool is a proof that the cybersecurity hackers are proactive now. The social media giant’s security failures could have caused far more damage than this. In this article at Compliance Week, Aaron Nicodemus makes you aware of the possible infectious loops within your system.

Twitter in a Big Fix

Though the attackers did not manage to extract money from Twitter, they successfully ruined the company reputation. Now, the users are unsure whether to trust the tweets or not. The FBI investigation is on while the company’s stock prices are going down.  

Experts believe that the heist was a coverup for something unexpected that may occur soon. It is an attempt to plant the seed to return later and make a profound disruption.

Yet Another Shot

This is not the first time that Twitter hit the headlines for its poor cybersecurity measures. The hackers took over the official account of CEO Jack Dorsey for a brief time last year. In 2017, an employee managed to delete President Donald Trump’s account for a short duration.

In the recent successful attacks, the hackers used spear phishing. It is a social engineering ploy to force employees to give access to the system. The hackers later bragged about this strategy on a Motherboard blog.

The Learning Curve

Mark the incident as an eye-opening experience and take these essential measures right way:

  • Find ways to strengthen your existing security protocols as more than half of the workforce is working remotely.
  • Educate and train employees to be more proactive about cyber-hygiene. The most prominent mistake organizations keep on doing is neglecting the internal loopholes. They focus too much on external threats.
  • Garner deep understanding of the vulnerable internal controls by conducting internal penetration testing. Hire a third-party consultant to test and evaluate your core control units, assess it, and suggest improvements.
  • Follow the less-privileged, narrow-access rule, and narrow access rule and closely monitor the internal IT system to continue adhering to your governance protocols. Trim down the risk of staff being manipulated or exploited by criminals.
  • Let the employees seek written permission from the senior authorities to access internal tools. Also, ensure they give a genuine reason and specific time duration to access it.
  • Form a robust monitoring system that discovers whether something has been stolen or left behind to completely disrupt the system. It must send an automatic alert once an unidentified element inappropriately accesses it.

Click on the following link to read the original article:

Related Articles

Back to top button

We use cookies on our website

We use cookies to give you the best user experience. Please confirm, if you accept our tracking cookies. You can also decline the tracking, so you can continue to visit our website without any data sent to third party services.