A dozen celebrities had their Twitter accounts hijacked Wednesday – an event that highlights the potential for a hacked tweet from a senior business executive’s account to damage a company’s share price, according to cyber analytics firm CyberCube.
According to Darren Thomson, head of cybersecurity strategy for CyberCube, hackers gained access to Twitter’s own system using a sophisticated social engineering attack. Estimates suggest that more than $100,000 was lost by people sending bitcoins in response to fake messages from celebrities offering to double their money. However, Thomson said the outcome of the attack wasn’t as serious as it could have been.
“This attack highlights two key points,” Thomson said. “First, CyberCube’s recent report on the effects of the pandemic found that home working was creating new avenues for criminals to use in their attacks. In this case, Twitter employees whose accounts were compromised were working from home, where it may have been easier for criminals to manipulate their targets. The confluence of COVID-19 and advanced social engineering techniques poses a growing threat.
“Second, it shows just how much influence high-profile figures’ accounts have. We’ve already seen how genuine tweets from the likes of Elon Musk can affect a share price,” he said. “Once can foresee a similar kind of attack whose objective is primarily to damage a business’s market valuation or its reputation. There’s the potential to do real harm to an organisation here. Perhaps of even greater concern is [the] potential political consequences of a world leader’s social media account being compromised.”
CyberCube said similar attacks should be expected in the future – especially if this hack was just a test run by cyber criminals.