Question

Were you surprised that a company as techie as Twitter failed victim to cyber security attacks? In your view, did Twitter do a great job identifying that attack? In your view, did Twitter recover form the attack in a timely manner? Please explain.

Answer 1

A phishing attack on twitter 2020:

It is saitthat twitter went through serious cyber attack that took place earlier in July 2020 has found that cyber attackers gained access to its systems through a well-planned targeted social engineering spearphishing attack on its own employees. The attack took place over the phone of an employee, using a technique known as vishing which is also a part of phishing, and succeeded in gaining specific employee confidentail details that which are used gain access to Twitter’s internal support tools. From there, attackers targeted higher-level employees who had access to critical account support tools.

In words of Twitter, attackers took control of 130 Twitter accounts, tweeting malicious messages from 45 of those, accessing the direct messages of users and downloading unwanted data. This attack relied on a significant and concerted attempt to mislead certain employees and exploit human vulnerabilities to gain access to Twitter's internal systems. They specified that they have communicated directly with the impacted account owners and worked to restore access to any accounts that may have been temporarily locked during their.

In my point of view, We cannot say that it is totally Twitter's mistake inspite of handling large number of data of users the company is trying their best to provide security. But as it have the data of people who are wellknown so many attackers tend to attack and steal the information for many purposes. I think that not only organisation but also each and every employee should be responsible. They have to careful when they are sharing any data which is confidential. Such incidents will also raise concerns about its tools and levels of employee access. So it better to grant access for very limited tools which are actually required.

It is so insane that the data got caught even though there ia zero tollerence policy of misuse of these tools and credentials, and actively monitors and audits the permissions it grants. However, clearly these safeguards failed to account for malicious actors moving laterally through its systems.

Apart from this it is a good thing taht they have identified the threat fastly. That the attackers olny has gained access to 130 accounts evethough it contains some millions of accounts. It is also tough to identify the threat and where it is actually started. So I can say that thye organisation is having the greate risk identifying and mangaing system. After knowing the attack they immediatly took action and stoped the irrelevent access. They also said that they are accelerating several of their pre-exixting security workstreams and improvements to their tools.

They improved the security software and limited the access by disabling the ports which are actually causing concerns to have no attacks in future.

Thank you.