Twitter’s acknowledgement that a “coordinated social engineering campaign” involving multiple employees was behind a hack of prominent verified accounts raises significant questions as to whether business organizations are implementing effective security controls that limit potential insider threats’ access to back-end administrative tools.
The hacking incident — which promoted a cryptocurrency scam and victimized the accounts of Joe Biden, Barack Obama, Elon Musk, Bill Gates, Jeff Bezos, Apple, Uber and more — also raises concerns that a future attack could have even more serious ramifications, and perhaps even cause a national security scare, as social media evolves into a core component of U.S. communications infrastructure.
Spotlight on Access Management and Controls
While Twitter hasn’t confirmed the details of the social engineering plot, reports suggest that hackers may have paid employees to help compromise the accounts, possibly by changing the email addresses linked with them so the malicious actors could take them over. Reports also indicate that the hackers had either direct or indirect access to back-end employee administrative tools that enabled the ac ..
Support the originator by clicking the read the rest link below.
