The confluence of COVID-19 and advanced social engineering techniques poses a growing threat - CyberCube
The potential for a hacked tweet from a senior business figure’s account to move a company’s share price was highlighted on Wednesday after a dozen high-profile celebrities had their Twitter accounts hijacked.
Darren Thomson, head of Cyber Security Strategy for cyber analytics leader CyberCube, said that a sophisticated social engineering attack had been used by the criminals to gain access to Twitter’s own systems.
According to Thomson, the outcome of the attack was not as serious as it could have been. Latest estimates suggest over $100,000 has been lost by individuals sending bitcoins in response to fake messages offering to double their money.
Thomson said: “This attack highlights two key points. First… the Twitter employees whose accounts were compromised were working from home, where it may have been easier for criminals to manipulate their targets. The confluence of COVID-19 and advanced social engineering techniques poses a growing threat.”
“Second, it shows just how much influence high-profile figures’ accounts have. We’ve already seen how genuine tweets from the likes of Elon Musk can affect a share price. One can foresee a similar kind of attack whose objective is primarily to damage a business’s market valuation or its reputation. There’s the potential to do real harm to an organisation here. Perhaps of even greater concern is that potential political consequences of a world leader’s social media account being compromised.”
The CyberCube team said more of this type of attack should be expected, particularly if this hack was a test by criminals.