The brazen security compromise at Twitter this week underscored the broad and lingering vulnerabilities of U.S. elections to sophisticated cyberattacks.
A number of accounts of political, technology and business figures were captured apparently from within Twitter’s own systems — as opposed to via individual attacks against the end users — and the social network’s response included silencing nearly all of its highest-profile users for a time.
The incident delivered a reminder about how much the U.S. information environment depends on one service in Twitter, how disruptions to it can cascade into the broader world, and how many targets an adversary has from which to choose in order to cause disruption.
“We’re lucky this didn’t happen election night,” tweeted Laura Rosenberger, the director of the Alliance for Securing Democracy, after the attack was over.
In all seriousness though, this attack shows just how vulnerable our infrastructure is to attack – regardless of motive. We’re lucky this didn’t happen election night. But remains to be seen if any info was compromised as part of this. https://t.co/1ppM4jPyaQ
— Laura Rosenberger (@rosenbergerlm) July 16, 2020
“I hope it was a one-time incident,” said Lawrence Norden, director of the election reform program at the Brennan Center for Justice at New York University Law School. “There are plenty of nightmare scenarios you can spin out.”
In Wednesday’s attack, the attackers posted messages asking for transfers of the electronic cryptocurrency Bitcoin. It quickly became obvious that the big accounts had been compromised, and Twitter CEO Jack Dorsey — whose account also was seized for a time — said administrators “were working to make this right.”
As they were doing so, Twitter froze many of the accounts of its most prominent users, ones ostensibly “verified” to confirm that the person or organization using it is truly what it claims.
Such verified users include President Trump, Vice President Pence, members of Congress, political candidates, heads of Cabinet departments, local governments, celebrities and journalists.
In the past, foreign attackers have used Twitter from the outside in and the bottom up, creating fake accounts to pose as Americans to spread disinformation and aggravate discord.
In one case, a number of accounts linked to Russian influence-mongers existed for years and posted what appeared to be normal local news headlines.
That kind of activity remains in effect across social media. Twitter, Facebook and Google report regularly on their efforts to expunge, report or “down-rank” material following years of pressure from national security officials and Congress.
What this week’s compromise confirmed was that the social networks also are vulnerable to attacks from within that could compromise many accounts, with implications for the U.S. information environment in the remaining months of the presidential campaign.
Norden also observed that the Twitter incident shows how…