The hack on the Associated Press was a trivial exploit using employee access credentials to gain access to the news agency's Twitter account to place a bogus tweet about an attack on the seat of the US Government. Being such an authoritative new source, the AP tweet was taken seriously and send shock waves across America which resulted in a brief dip in the country's stock markets which only recovered when it became clear this was a hoax.
Commenting on the hack, security expert Charles McColgan of TeleSign told us: “Twitter historically has not had the best reputation for security and with the hack of the AP’s Twitter account today it’s arguable that this compromise had the largest financial impact of any Twitter attack to date. Given that news feeds are incorporated into real-time trading systems, it’s also likely that the brief sell off that happened right after the posting could have been from automation built at brokerages who have linked their trading systems into news events.
Unfortunately the problem that Twitter has is common across the industry, but there is hope. Companies like Apple, Google and Microsoft are now starting to offer optional two-factor authentication into accounts since they have begun to fully embrace the fact that a user name and password simply aren’t sufficient to protect online accounts.
While the details are sparse it appears that the exploit today was directed against employees of AP by a 3rd party instigating a “spear” phishing attack against them. Spear Phishing is where high value individuals are targeted with Phishing attacks in order to get information from them, get credentials from them, or fool them into installing software or exposing them to zero day exploits that will compromise the underlying systems. Once the attack is successful the attacker can take action with the information he has or wait in the background until the right time. Seems like the attackers today took action quickly however often the more effective attack can be where the attackers exploit the target and then wait for the most opportune moment.
Given what we know there isn’t one solution to the issue we saw today other than to emphasize to the internet community that security and security awareness need to be a top priority for everyone. Twitter needs to understand this and should follow the lead set by Google, Apple and Microsoft and they should very publicly increase the security offered to their customers.”