http://www.digitaljournal.com/tech-and-science/technology/twitter-s-hack-causes-a-stir-in-the-cybersecurity-community/article/574960

Twitter’s hack causes a stir in the cybersecurity community Special

Posted Jul 19, 2020 by Tim Sandle
The extent of the Twitter hack has caused consternation within the cybersecurity community over its extent and ease of operation. Naturally, those impacted are also feeling vulnerable. This means it is important to boost security.
Beijing has denied US claims that Chinese hackers have attempted to steal coronavirus vaccine resear...
Beijing has denied US claims that Chinese hackers have attempted to steal coronavirus vaccine research
NICOLAS ASFOURI, AFP
With the Twitter hack, key accounts of prominent figures, including Biden, Musk, Obama, Gates and West (Kanye) compromised were compromised, but strangely not that of Trump. The FBI has launched an investigation following the hijacking of Twitter, in what is an apparent Bitcoin scam. Twitter has come under criticism for not possessing sufficient internal controls to prevent the attack, according to the BBC.
Looking into the security implications together with some idea to prevent future attacks is Tom Patterson, security expert and Chief Trust Officer of Unisys.
Patterson tells Digital Journal: "This Twitter hack highlights a current weakness in the identity process, expanding risks of work from home, lack of sufficient internal segments, and the continued effectiveness of social engineering."
There are other things that can be done in order to minimize the risk to individuals and businesses, says Patterson. He goes on to explain: "Beyond the social engineering of employees, this hack exposed more security issues. When employees work from home, companies frequently don’t have the same levels of security controls available, and thus employees get ‘too much access’ just to ensure they get enough."
Drawing on an example, Patterson considers a working from home vulnerability: "This is most commonly seen in the rush to open virtual private networks from corporate offices to employee homes. It’s critical that companies recognize that the issue is not just about educating their employees, but they have a fiduciary responsibility to implement proper security controls that work in today’s work from home environment."
Patterson's recommendations are that: "This can and should be done with new security methodologies including Zero Trust, new technologies led by microsegmentation, and new identities based on the latest FIDO standards."
With a final note of caution, Patterson says: "If it can happen to Twitter, it can happen to you."