Just ten days after one of the biggest hacks in the history of Twitter, while both internal and external investigators continue to try figuring out exactly what happened, the social network is once again the subject of brand-tarnishing headlines, this time centered on the company’s poor internal security highlighted by the recent case of Twitter sub-contractors spying on celebrities.
What happened? Historic attack on 130 business and celebrity accounts
Following the serious incident some weeks ago, Twitter explained that cybercriminals had targeted employees through social engineering techniques in order to access the social network’s internal dashboard. It is still unclear whether all employees were aware of the hackers’ intentions. It has been claimed that more than 1,000 users, including employees and sub-contractors, had access to this internal tool used to compromise several of the platform’s most famous accounts, including those of Barack Obama, Kim Kardashian, Bill Gates, and Elon Musk.
The latest incident. Several celebrities spied on by Twitter sub-contractors
The investigation now includes a new spy scandal where Twitter sub-contractors were able to see phone numbers, emails, and even the approximate location of users by creating false help-desk inquiries. Security team members were able to gain unauthorized access to personal details from celebrities’ accounts such as that of Beyoncé, according to a Bloomberg article published this week.
When this large number of personnel with authorized access to internal management tools is added to inadequate internal security policies and protocols, along with the desire of cybercriminals to attack the social network, it is virtually impossible for Twitter to protect itself from cyberattacks like this.
Twitter has announced that the company does not tolerate misuse of its internal tools, and that what was revealed so far may lead to dismissals, although they have declined to give further details on the case.
Insiders: key measures to protect against internal threats
The most common type of insiders are negligent employees or contractors. As we have mentioned before, 62 percent of insider incidents correspond to this profile, and each incident has an average cost of $307,111. Given their frequency, negligent insiders are responsible for the highest annual cost, an average of $4.58 million (€4,144,991). Yet the risks to companies and institutions from this type of attack are not just directly financial, there is also the damage to reputation and the difficult task of recovering user trust, as highlighted by the case of Twitter after these intrusions and exfiltration of sensitive data. You can however avoid these situations by following a series of basic tips:
- Change the security model. Today, it is essential to understand where your customers’ data is and how to protect it, as well as your devices and applications. The basic rule is never to trust and always to check, i.e. the Zero-Trust model.
- Restrict the number of users with privileges and access to sensitive data. Tasks should be organized by assigning credentials so as to limit the number of privileged accounts, restricting access to sensitive information where possible, and thereby creating a difficult environment for malicious activity to prosper.
- Risk assessment carried out periodically, and also when any major changes are made to security or network infrastructure.
- Risk awareness among employees. As negligence is the most common cause of an insider incident, it is vital to educate employees about the importance of keeping passwords safe or ensuring sensitive information isn’t sent to the wrong email addresses.
- Ensure also that access to internal platforms and applications is fully password-protected, and that the passwords are unique and strong, changed frequently, and backed up where necessary with two-factor authentication.
- Another essential component of any strategy is an advanced cybersecurity solution. Panda Adaptive Defense proactively monitors all activity on IT systems, including legitimate processes. This means it can prevent malicious activity that uses a legitimate process. Moreover, with Panda Data Control, Panda Adaptive Defense’s data protection module, you can locate all unstructured personal data on your company’s endpoints. This will let you know where this data is and give you full visibility of it, as well as about the users, employees, or contractors, and computers or servers that access it.
Detecting and protecting against the threat of insiders may seem like an impossible task. Yet with the right strategy and an advanced cybersecurity solution, your company can be safe from all internal and external threats.