The FBI is investigating Wednesday’s Twitter hack, which led the accounts of Democratic presidential candidate Joe Biden, former President Barack Obama, and icons in business and entertainment to solicit money through Bitcoin.
Leaders in cybersecurity say the wave of prominent account takeovers is diminishing trust in the platform.
"The thing that people are using for authenticity, the verified accounts, the high-profile names, that was eroded," Oren Falkowitz, CEO of Area 1 Security says. "And that's the thing that we learned from the 2016 election that’s most damaging, is this kind of inability to determine what's really happening on these social media platforms. And that was directly attacked last night."
The cyberattack began Wednesday afternoon, and Twitter quickly tried to shut it down. The company announced it locked certain accounts and limited the ability of users to post messages.
Hours later, Twitter said it detected “what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools.” CEO Jack Dorsey called it a “tough day.”
"It is such an odd attack to blow that kind of access on," says Maggie MacAlpine, a founding partner at Nordic Innovation Labs. "Cybersecurity experts are wondering why this low-level type of obvious scam was used for such a powerful vulnerability."
The scheme garnered an estimated $100,000. But it’s unclear who is behind it — and how much information may have been stolen in the process. Fears abound that false information could be posted by verified accounts on Election Day.
"If election administrators try to say, ‘Hey, here's when the polling station opens,' or, 'Here's the address of the polling station,’ and it's coming from the verified account but it's really not, this could cause a lot of challenges," Falkowitz says.
"You could drive a lot of voter suppression that way. You could drive a lot of uncertainty and unrest around, 'Did my candidate win?' even on a more local level," MacAlpine says. "And this has actually led to riots in other countries. Riots where people have died."
One account that appears to not have been breached: President Donald Trump’s. That prompted Republican Sen. Josh Hawley of Missouri to ask Twitter for more information, including whether the president’s account had been threatened.
"It could be that there's more security. It could be that they just didn't want to commit, like, the kind of federal crime that would get, you know, very serious consequences on their doorstep," MacAlpine says.
The FBI’s San Francisco Division told Newsy the accounts “appear to have been compromised in order to perpetuate cryptocurrency fraud.” Cybersecurity experts say Twitter needs to step up its protections.
"Nine in 10 cyberattacks, over 95% of damages around the world, begin with phishing. They're not doing enough. Today, Twitter doesn't use any advanced phishing capabilities to protect their staff from email-borne attacks," Falkowitz says, adding, "Anything is possible."
Sasha Ingber, Newsy, Washington.