If past scandals involving security lapses at major internet companies are any guide, what Twitter (TWTR) - Get Report experienced on Wednesday isn’t going to have a major long-term impact on its user growth.
But just as Facebook (FB) - Get Report significantly upped its content security spend following its 2018 Cambridge Analytica scandal, Twitter will likely now be motivated to dial up its security investments -- both in people and technology -- over the next couple of years.
As most readers are probably aware by now, Twitter was subject to a large-scale hack on Wednesday -- one in which many high-profile accounts, including those of Elon Musk, Bill Gates, Barack Obama, Joe Biden, Apple and Uber -- were hijacked and used to promote a Bitcoin scam. In response, Twitter temporarily restricted a number of features, including the ability of all verified accounts to tweet, as it tried to get a handle on the situation.
For the time being, Twitter’s stock isn’t being too badly affected by the hack. Though shares opened down over 4%, they’re currently down just 1%, nearly matching the Nasdaq’s 0.9% drop.
In a tweet thread from the Twitter Support account, Twitter said it thinks the attack was “a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools.” The company added that it has “taken significant steps to limit access to internal systems and tools” as it continues its probe of the incident.
However, an article from Vice, which reports having contacted two of the people involved in the hack, suggests that the hackers received help from a Twitter insider who had access to an internal tool that can be used to take over accounts. One of the sources added that the Twitter insider was paid by the hackers.
Vice also published screenshots of the tool that it reported obtaining from sources “close to or inside the underground hacking community,” and added (citing two sources) that the tool was used to change the ownership of some verified accounts. A Twitter spokesperson told Vice that the company is probing whether an employee directly hijacked user accounts or provided hackers with access to the tool.
Given what’s known about the hack, which is now also being investigated by the FBI, there are concerns that the hackers could have obtained more than just the $121,000 that they’re believed to have netted from the Bitcoin scam, such as the direct messages of the targeted accounts. And given the high-profile nature of the accounts the hackers managed to briefly take over, there are naturally concerns that a future attack could lead to the sharing of misinformation that has serious political, military and/or economic consequences.
All of this undoubtedly isn’t lost on Twitter, which one can expect will make it a priority in the coming months to prevent a repeat of what happened on Wednesday. Among other things, the company might revamp its procedures for accessing account-monitoring tools, as well as restrict what these tools can be used to do.
And more broadly, the hack could be a wake-up call for internet platforms that are used by high-profile individuals and organizations to put aggressive safeguards in place to prevent the accounts of such users from being taken over by bad actors.
FireEye (FEYE) - Get Report, whose stock is up 2.6% as of the time of this article, is one company that could benefit from efforts by Twitter and others to prevent a repeat of Wednesday’s hack. Among other things, FireEye’s security offerings include forensics and incident-response solutions.
CyberArk (CYBR) - Get Report, which provides software used to protect privileged employee accounts, is another potential beneficiary. And Splunk (SPLK) - Get Report, whose machine data analytics platform is often used to detect and/or investigate security incidents, could benefit as well.