How social engineering caused one of the biggest cyber attacks in 2020. Unpicking the high profile Twitter cyber attack
Did you ever think that anyone would be able to hack Twitter? The major social cyber attack of 2020 proved that even high profile accounts aren’t invincible against cyber criminals’ devious tactics.
Last July, over 130 Twitter accounts including Barack Obama, Elon Musk, Bill Gates and Kanye West, were hacked in a sophisticated phishing attack.
Twitter branded the incident a ‘coordinated social engineering attack’ and had to temporarily suspend all tweets as the incident was investigated.
Like a digital police chase, the action unfolded fast. Let’s take a closer look at what happened…
What happened?
On 15 July 2020, some Bitcoin-related Twitter accounts began requesting donations in cryptocurrency, in exchange for double the amount back. They said they wanted to ‘give back’ to the community and were aiming to trick naïve users into transferring.
The hoax Tweet soon spread to high profile celebrity accounts such as Kanye West and Kim Kardashian, while also targeting political and tech figures such as Joe Biden, Barrack Obama, Elon Musk and Bill Gates.
Twitter took action right away, temporarily suspending all verified users from tweeting. But what they failed to realise, was that the cyber attackers had already gained access to Twitter’s own internal admin tools.
What caused it?
When analysing the aftermath of a cyber attack, sometimes it’s obvious what has happened. But often, because of the increasing sophistication of cyber criminals, the exact technique can be difficult to identify.
In the case of the 2020 Twitter attack, cyber criminals orchestrated a series of social engineering attacks against Twitter staff.
A phone spear phishing attack allowed hackers to gain access to employees’ credentials. Once they had these, they could then use their credentials to act as them and target additional employees. These staff members had access to the internal administrative tools that Twitter can use to recover and reset accounts. Once they had access to these, they could reset the password for anyone!
What would be the role of a cyber security professional in this incident?
During the incident, Twitter responded by immediately locking down the affected accounts and removed Tweets posted by the attackers. They also disabled the ability for verified accounts to send new tweets.
In the wake of an incident like this, a Digital Forensic Analyst might be called upon to urgently respond to a case and act as a trustworthy agent to determine the reliability of evidence. They act as the detective in the world of cyber security, piecing together information to understand what happened and how to move forward amidst chaos and panic.
Think you could be a good Digital Forensics Analyst? Take our personality trait test to see which cyber security role would suit you best!
What can we learn from this?
When we think of a cyber attack, we often think of technological flaws and faults. The Twitter attack reminds us that cyber criminals will constantly exploit human vulnerabilities as well as system weaknesses.
Remaining vigilant, alert and always questioning the credibility of a call, text, social post or email is crucial to protect yourself and businesses.
Experience how cyber attacks just like this unfold with CyberStart Game! The challenges in CyberStart are based on real-world cyber security incidents and allow you to get hands-on experience in dealing with the aftermath of a cyber attack.
Whether you want to be at the forefront of a digital investigation or improve your digital skills to be aware of sophisticated phishing attack, CyberStart can help you progress with fun online learning games and challenges!