Saudi, Italian interior ministers discuss countering drug trafficking    Exhibition in Riyadh marks 80th anniversary of historic Saudi-US meeting    Riyadh Metro records 18 million users in 75 days since launch; Blue Line the busiest route    NSG eyes satellite expansion to strengthen Saudi Arabia's space economy    EU Commission promises 'firm, immediate' reaction to US reciprocal tariffs    Jhon Duran's brace powers 10-man Al Nassr to thrilling 3-2 victory over Al Ahli    Saudi Arabia confirms alcohol ban for 2034 FIFA World Cup    Iran is rearming its missile program, Western sources say    Thousands of probationary employees fired as Trump administration directs widespread layoffs    Prince Badr holds bilateral meetings with Islamic ministers on the sidelines of ICESCO conference    Acting attorney in New York, five others quit after being told to drop Eric Adams case    NMC forecast: Thunderstorms will hit most Saudi regions until Monday    'Haram. Haram. Haram!' — Riyadh Air CEO slams lack of direct flights from Saudi Arabia to major global cities    Honda-Nissan multi-billion dollar merger collapses    Maya Diab joins Arab stars and celebrities in celebrating the Centrepoint Ramadan 2025 collection launch at Riyadh Boulevard    Oilatum tackles rise in Eczema and Dry Skin in Saudi Arabia    HONOR brings together AI and luxury with PORSCHE DESIGN HONOR Magic7 RSR at LEAP 2025    Eagles win Super Bowl LIX to end the Chiefs' dream of a three-peat    Chinese film stirs national pride, rakes in $1bn in days    Sharifa Al-Sudairi makes historic debut at Asian Winter Games    Bollywood star Saif Ali Khan 'out of danger' after attack at home in Mumbai    Order vs. Morality: Lessons from New York's 1977 Blackout    India puts blockbuster Pakistani film on hold    The Vikings and the Islamic world    Exotic Taif Roses Simulation Performed at Taif Rose Festival    Asian shares mixed Tuesday    Weather Forecast for Tuesday    Saudi Tourism Authority Participates in Arabian Travel Market Exhibition in Dubai    Minister of Industry Announces 50 Investment Opportunities Worth over SAR 96 Billion in Machinery, Equipment Sector    HRH Crown Prince Offers Condolences to Crown Prince of Kuwait on Death of Sheikh Fawaz Salman Abdullah Al-Ali Al-Malek Al-Sabah    HRH Crown Prince Congratulates Santiago Peña on Winning Presidential Election in Paraguay    SDAIA Launches 1st Phase of 'Elevate Program' to Train 1,000 Women on Data, AI    41 Saudi Citizens and 171 Others from Brotherly and Friendly Countries Arrive in Saudi Arabia from Sudan    Saudi Arabia Hosts 1st Meeting of Arab Authorities Controlling Medicines    General Directorate of Narcotics Control Foils Attempt to Smuggle over 5 Million Amphetamine Pills    NAVI Javelins Crowned as Champions of Women's Counter-Strike: Global Offensive (CS:GO) Competitions    Saudi Karate Team Wins Four Medals in World Youth League Championship    Third Edition of FIFA Forward Program Kicks off in Riyadh    Evacuated from Sudan, 187 Nationals from Several Countries Arrive in Jeddah    SPA Documents Thajjud Prayer at Prophet's Mosque in Madinah    SFDA Recommends to Test Blood Sugar at Home Two or Three Hours after Meals    SFDA Offers Various Recommendations for Safe Food Frying    SFDA Provides Five Tips for Using Home Blood Pressure Monitor    SFDA: Instant Soup Contains Large Amounts of Salt    Mawani: New shipping service to connect Jubail Commercial Port to 11 global ports    Custodian of the Two Holy Mosques Delivers Speech to Pilgrims, Citizens, Residents and Muslims around the World    Sheikh Al-Issa in Arafah's Sermon: Allaah Blessed You by Making It Easy for You to Carry out This Obligation. Thus, Ensure Following the Guidance of Your Prophet    Custodian of the Two Holy Mosques addresses citizens and all Muslims on the occasion of the Holy month of Ramadan    







Thank you for reporting!
This image will be automatically disabled when it gets reported by several people.



Lessons learned from the ‘historic' Twitter hack
Muhammad Khurram Khan Published in The Saudi Gazette on 17 - 07 - 2020

Social media plays an instrumental and more important role as a news source for billions of people around the World. The use of social media platforms, especially Facebook and Twitter, has ramped up significantly in the recent times as they provide fast and inexpensive source of information.
However, the recent wave of high-profile Twitter accounts hacking in cryptocurrency scam is an eye-opening cybersecurity breach for the social media platforms as well as their users.
This historic incident started when Twitter accounts of some senior executives, prominent politicians, leading-tech organizations, and famous celebrities got compromised in a mysterious hacking operation, and started advertising a bitcoin-based Ponzi scheme to millions of their followers.
The hackers posted several messages with a bitcoin wallet to lure the followers that any payments they make would be doubled and sent back to them, which in actual was a tricky crypto scam.
This seems a pre-planned, well-prepared, and a sophisticated kind of cyberattack in which hackers first fully took over the victims Twitter accounts and then changed the associated recovery email addresses to make it more complex to regain access.
Twitter believes that it was a coordinated social engineering attack, in which hackers first successfully hacked some of its employees who have access to the internal systems, softwares and tools, and then compromised the specific high-profile accounts.
Twitter took a timely action and responded to the incident promptly and locked down all the affected accounts and removed malicious Tweets instantly to prevent followers from the scam.
It is estimated that the amount of scam sent to the bitcoin wallet was not too much, but it has raised several questions on the cybersecurity of social media platforms, which are followed by millions of people around the world.
It is a matter of fact that social media platforms undoubtedly put paramount importance to the cybersecurity measures and monitor contents to avoid disseminating fake news, hoaxes, scams, and frauds that could have serious ramifications on our society.
However, neither any website, software or system is immune to bugs and vulnerabilities nor the chances of human error could be ignored in an incident.
Among many other possibilities in the Twitter hack, the work-from-home policy could be one of the reasons in the security breach as it is easier for hackers to exploit vulnerabilities and launch social engineering attack in less-controlled environments.
This seems purely a human error, but a comprehensive forensic investigation will confirm the root causes of the incident.
As far as the users and followers of social media platforms and accounts are concerned, there is a need to learn from this scam and be vigilant while surfing on the Internet.
An opportunity that claims to multiply money is always a guaranteed scam and users should avoid and report such postings and their respective accounts.
It is also important to stop believing everything that appears on social media, even if it is posted by a verified account, a celebrity or any well-known personality.
Furthermore, if a breaking news appears on the social media then users should first verify its credibility through multiple news outlets and mainstream media.
The social media users also need to protect their accounts by basic cybersecurity guidelines and choose strong passwords, enable two-factor authentication, and report any suspicious activity to the social media platform or the computer emergency response team (CERT) in their respective country.
On the other hand, when businesses are following work-from-anywhere or teleworking policies, they are harboring more cybersecurity threats than ever before.
The remote working environment poses a unique challenge to an organization as it does not usually have the same safeguards and preventive security controls as in the office environment, which is more restricted by stringent policies and procedures.
According to a survey of 6,000 employees conducted by a cybersecurity company Kaspersky, 73% of employees working remotely have not yet received any cybersecurity awareness guidance or training from their employers.
Therefore, it is essential for organizations to organize proper training and cybersecurity awareness sessions to their employees tailored for teleworking.
If hackers were successful in their attempt to perform a social engineering attack on Twitter's employees, then it could be due to the discrepancy of the cybersecurity awareness and negligence of cyber hygiene.
— The writer is a professor of Cybersecurity at King Saud University as well as founder & CEO of Global Foundation for Cyber Studies and Research in Washington D.C. He tweets at @khurramcyber

Clic here to read the story from its source.