In the eyes of government regulators, critical services and lax cybersecurity don’t mix — especially when those services support the online accounts of former president Barack Obama, former vice president Joe Biden, and current president Donald Trump.
The embarrassing and costly Twitter hack this past July served as more than just a wake-up call for the scores of public figures who trusted the social media giant to keep their accounts safe. In a comprehensive report released Tuesday, New York State’s Department of Financial Services argues that the hack proved that, left unregulated, “systemically important institutions” such as Twitter pose a “risk to society.”
The report breaks down, in detail, both how Twitter was hacked and the security lapses which allowed a Florida teenager to (allegedly) mastermind the entire thing. Notably, it doesn’t exactly paint Twitter’s executive team in a favorable light.
“The problems started at the top: Twitter had not had a chief information security officer (“CISO”) since December 2019, seven months before the Twitter Hack,” reads the report. “A lack of strong leadership and senior-level engagement is a common source of cybersecurity weaknesses.”
According to the report, Twitter’s security “problems” were only exacerbated by the push to remote work necessitated by the coronavirus pandemic. Like many other newly remote workers, Twitter’s employees experienced tech problems working from home. Hackers were able to capitalize on this, tricking at least one Twitter employee into believing the hacker was a member of Twitter’s IT team.
The Twitter hack, notes the report, shows why antitrust regulation is only one part of the regulatory puzzle when it comes to social media companies. Without some form of basic cybersecurity standards, and the power to enforce them, we set ourselves up for more breaches, data leaks, and hacks of prominent figures. If the hackers are after more than just bitcoin, that could spell all kinds of disaster.
That argument becomes only more timely as social media continues to serve as a conduit for misinformation…