With the Twitter hack, key accounts of prominent figures, including Biden, Musk, Obama, Gates and West (Kanye) compromised were compromised, but strangely not that of Trump. The FBI has launched an investigation following the hijacking of Twitter, in what is an apparent Bitcoin scam. Twitter has come under criticism for not possessing sufficient internal controls to prevent the attack, according to the BBC.
Looking into the security implications together with some idea to prevent future attacks is Tom Patterson, security expert and Chief Trust Officer of Unisys.
Patterson tells Digital Journal: “This Twitter hack highlights a current weakness in the identity process, expanding risks of work from home, lack of sufficient internal segments, and the continued effectiveness of social engineering.”
There are other things that can be done in order to minimize the risk to individuals and businesses, says Patterson. He goes on to explain: “Beyond the social engineering of employees, this hack exposed more security issues. When employees work from home, companies frequently don’t have the same levels of security controls available, and thus employees get ‘too much access’ just to ensure they get enough.”
Drawing on an example, Patterson considers a working from home vulnerability: “This is most commonly seen in the rush to open virtual private networks from corporate offices to employee homes. It’s critical that companies recognize that the issue is not just about educating their employees, but they have a fiduciary responsibility to implement proper security controls that work in today’s work from home environment.”
Patterson’s recommendations are that: “This can and should be done with new security methodologies including Zero Trust, new technologies led by microsegmentation, and new identities based on the latest FIDO standards.”
With a final note of caution, Patterson says: “If it can happen to Twitter, it can happen to you.”