“One of the worst cybersecurity disasters” in history occurred on the social media platform, Twitter, on July 15th, 2020. Twitter, of course, is a ‘microblogging’ site that is the service of choice for many people due to its freedom and personal connection with short word posts. However, Twitter fell victim to a cyberattack that promoted a cryptocurrency scam under Bitcoin. The hackers utilized Twitter’s internal systems to hack multiple Twitter accounts belonging to some of the largest names in the world, including Elon Musk, Apple, Barack Obama, Kim Kardashian, and many others. The hackers responsible tweeted on behalf of these accounts, prompting millions of unknowing followers to send money to Bitcoin accounts, with enticements of a twofold return. What is now apparent is that there will be no return, with a reported monetary value of $116,000 gone as of this morning. Simply put, it was a phishing scheme we have seen before, but on a high-profile level.
The larger problem, beyond that of missing money, is the sheer scale of the attack. When combining the number of followers of the affected accounts, these hackers had a reach of over 350 million people. Questions are now being raised about cybersecurity, specifically on platforms like Twitter, where personal information and communications in the form of Direct Messages are held. Though most people are wary of online scams, the use of these specific accounts leads to a gateway for the hackers; these high-profile names seem to be promoting this scam. The identities of the hackers are unknown at this point, though an investigation is ongoing.
Almost half of the world is a member of one form of social media more, with around 3.81 billion users. If a hacker can easily attack groups of well-known, and assumedly, well-protected people, what does this mean for the average person or business? What seems to be the largest worry is the impact on image, credibility, and safety. What if a series of bomb threats or racist remarks were made in your name? Or, what if some of your clients or customers gave money to a scam that your business page seemingly promoted? The reported shares of Twitter dropped by 3% in after-hours trading. The same loss of faith and trust could result in the same loss of business.
There are ways to protect yourself. First, limit the personal information you may (unknowingly) share online. Providing this information can lead cybercriminals to steal your identity or financial information. As an example, if you posted about your parents’ anniversary, a cybercriminal may surmise your mother’s maiden name, an answer to a common security question. In 2018, the Identity Theft Resource Center discovered that 52 percent of social media users shared identifying information online. 33 percent of users shared location information. The answer to oversharing your personal information lies in the information itself. Ignore “About Me” fields, including inputting your birthday, where you were born, etc. Many sites also have privacy settings where you can limit who view your posts.
The next step is to create good passwords. There are many programs that will generate lengthy passwords that are incredibly hard, if not impossible, to crack. An example of this is LastPass, which generates your password, and then keeps it in a “binder tab” on your internet browser for easy access on the web. VPNs (virtual private networks) are also a wonderful way to protect your information, especially if you utilize public WIFI networks frequently. The VPN creates a private network from the public network you are accessing, giving you a blanket of security.
The last tip in protecting yourself from cybercrime is to keep your mobile device updated. Many people ignore the notification prompts to update their phones, usually because it takes some time. However, these updates include protections against the newest viruses. Ignoring these updates leaves your device, and thus yourself, vulnerable to cyberattacks. Please reach out to our team if you have any questions!