Another year, another great security breach. This time, however, the attack, targeting some of the most high profile users in the world – including Elon Musk and Barack Obama – underscored not only our absolute reliance on Twitter as our primary means of communication, but the precariousness of it.
It takes an attack such as this to jolt us upright; to awaken the world from its habitual apathy towards cybersecurity, and the sheltered belief that attacks happen to others – the careless and less prepared – and not to us. While we’re still learning the details of the attack, the hackers reportedly gained access to the employee internal dashboard. The how points to what any network security professional was already aware: the greatest vulnerability to networks is that of human error. No matter how guarded and monitoring a network, humans create ingresses. They make mistakes, are susceptible to trickery, can be flattered or otherwise coerced, and ultimately introduce a risk that can be mitigated, but is nevertheless unavoidable as long as essential systems require human involvement.
Infinite consequence: small stones start avalanches
In this case, once the door was open, little damage was done. The hackers achieved a relatively small pay off of $100,000 in Bitcoin payments – the requested form of currency in messages posted from high-profile accounts, which promised to double any payment sent. But the potential consequences were enormous. The platform is used by the sort of figures that with a Tweet can crash the stock market, or cause, in the space of a page refresh, international chaos. And that’s why the attack has left many security professionals open-mouthed: it’s guaranteed that every account infiltrated had numerous layers of security. Their phones weren’t taken. Passwords weren’t left on the kitchen counter. By accessing employee accounts, the hackers were able to bypass all other forms of individual security. We don’t still know what additional damage has occurred. If the attack happened from the inside – with access gained from the outside, possibly with inside help – then millions of private messages might have also been downloaded.
Watchful observation, and rehearsing policy
Faith in online platforms is easily disturbed. Onlookers expect change, but not all problems provide an immediate solution. If humans must be involved – and they must, to make sure the platform is monitored and moderated – then what additional steps can be taken to mitigate the danger. There’s no doubt that monitoring and expedient incident detection and resolution stopped this attack from being much worse. That’s where it starts, in the network traffic, using solutions such as Scrutinizer by Plixer to receive detailed metadata from traffic, and nBox recorder, for full capturing of the traffic for subsequent incident resolution, diagnosis and learning.
The partial identities of many of the hackers have already been ascertained through these methods. The future, however, will require something more. It’ll require new employee network security policies to not only be created, and which account for the myriad of creative ways hackers will seek to gain critical access, but regularly rehearsed. The hacks of tomorrow aren’t the hacks of today. It’s not enough to be watchful of what’s happened before; vigilance is necessary, to be watchful of what’s happening inside and outside the workspace (with the growth of remote working, this is truer than ever). As attackers become more creative, leveraging even social connections to gain an advantage, employees must understand what’s at stake and, subsequently, the extraordinary lengths that will be taken.
To learn more about network security solutions that protect your business and network from the unforeseen, and which provide the monitoring and analysis insight required to stay vigilant and proactive, contact us today.