Effective and robust security controls and access management are integral to the effective running of any organization. The recent Twitter hack proves it. Twitter paid the price of having unrestricted employee access through this coordinated social engineering attack that involved multiple employees and prominent account owners. So, that raises a question–As a business organization, are you doing enough to limit potential insider threats?
Social media continues to be gaining prominence and becoming an integral part of the U.S. communications infrastructure. Therefore, a single gap or error of judgment in designing effective security controls can lead to greater mishaps, and perhaps even threaten national security. In this article at SCMagazine, Bradley Barth explores this incident’s possible reasons and discusses the future roadmap to better security.
Are You Paying Attention to Insider Threats?
The hacking incident incited a cryptocurrency scam and infiltrated the accounts of renowned personalities like Joe Biden, Barack Obama, Elon Musk, Bill Gates, Jeff Bezos, Apple, Uber, and more. Reports are considering two prominent theories for the hacking mechanism. One could be that hackers bribed the employees, gained access to the back-end administrative tools, and took over the accounts. Another way could be to lead a classic phishing attack to deceive the employees and gain their privileged credentials.
Access management can be a concern for a small-sized local firm, but access and security protocols should never be a vulnerability for an organization like Twitter. With passing time, people will get to know more about the extent of protocols existing on Twitter. As a company, Twitter must now start asking itself the right set of questions about its existing security infrastructure, internal audit checks, access log monitoring, and incident responses.
If an employee can directly access the admin console without an extra layer of scrutiny, it could be really dangerous for any organization. Marc Rogers, executive director, cybersecurity at Okta states that while admin consoles are necessary, organizations must pay attention to their authorization and access.
Kiersten Todt, president and managing partner of risk management firm Liberty Group Ventures, and managing director of The Cyber Readiness Institute believes in having regular internal assessments to filter security gaps like these. He strongly advocates monitoring people with privileged access to back-end admin.
How Serious are Insider Threats?
Insider threats are much more dangerous than they appear. This is why Twitter failed to answer the most basic questions regarding the origin and mechanism of this hacking incident.
Superficially, the Twitter hack seems nothing more than a cryptocurrency scam, but there could be more to it than meets the eyes. Reports indicate that attackers could have done this primarily for extortion or cyber espionage. This could be true as one of the hacked accounts belongs to presidential candidate Joe Biden. Getting access to Biden’s private messages can help to threaten his election campaign, like what happened to Hillary Clinton’s campaign in 2016.
Insider threats can penetrate deep into an organization’s security infrastructure and weaken it from the ground-zero. Thus, every organization needs to implement end-to-end encryption and an insider threat program to maintain data privacy. A 2018 Insider Threat Report also states that today, attackers are more interested in targeting trusted and negligent insiders than malicious outsiders.
Tarik Saleh, senior security engineer and malware researcher at DomainTools, believes the Twitter hack to be more of a deception than a scam. Saleh opinions that maybe these hacked accounts were used for some greater evil on a national scale under the cover. The attackers could use their admin-level access to lead major economic and social damages than one can ever imagine.
To prevent further mishaps, Sen. Josh Hawley, R-Mo, has asked Twitter to collaborate with federal law agencies and scale their critical infrastructure.
To read the original article in details, please click the following link: https://www.scmagazine.com/home/security-news/insider-threats/twitter-hack-is-a-reminder-of-the-dangers-of-unfettered-employee-access/
