Takeaways from Twitter's Recent Spear Phishing Breach
If you've payed attention to the news lately, you've probably heard about the recent twitter breach that allowed criminals to hijack 130 accounts belonging to prominent figures and used the handles to peddle a bitcoin scan. There has now been more information released into how these hackers were able to access these accounts.
The company's recent investigation revealed that the hackers used social engineering to target a handful of it's employees via a "phone spear phishing attack". A normal spear phishing attack allows a criminal to masquerade as a trusted entity where they then send a tailored email or instant message to a well-researched target in hopes of stealing the victim's sensitive information such as login information or to help deliver malware.
Twitter's recent experience appears to involve phone calls. The phone calls came in multiple phases and according to twitter's report "Not all of the employees that were initially targeted had permissions to use account management tools, but the attackers used their credentials to access our internal systems and gain information about our processes. This knowledge then enabled them to target additional employees who did have access to our account support tool".
The attackers then used these stolen credentials to access the tools they needed for their grand scheme which included infiltrating 130 accounts, tweeting from 45 of them, accessing the direct messages or 36, and downloading data from 7.
While twitter is a social media giant, small and mid sized businesses continue to see an increase of attempted social engineering schemes as well. In fact a recent study showed that 43% of cyber attacks now target small businesses and because they don't have the resources that giants like Twitter have, about 60% of the small businesses that fall victim are forces to close their business within 6 months. It is important to be aware of how these attacks happen and regularly educate your users on how to avoid falling victim to these schemes to avoid your own company falling victim to a scheme similar to the one twitter was recent a part of.
A couple takeaways from the recent Twitter breach:
User education is IMPERATIVE to your company's cybersecurity standing. You must make sure your users know of the risks and how to avoid giving account access or downloading malware.
We suggest a regular education program including testing your users to see how they perform when they are targeted in a phishing scheme. For more information on our phishing user education and testing schedule a free consultation today.
You should regularly check which users have access to which accounts and operate under the principle of least privilege at all times. We can help you set up proper access for the correct users. Contact us today for a free consultation.
As always we are here to help give you expert advice and assistance in protecting your business from cybersecurity threats. Contact us today for a free consultation to learn more about protecting your business and avoiding situations like Twitter recently found themselves in.