Cyberattack On Twitter Raises Concerns About Safety Of Upcoming Elections

Jul 17, 2020
Copyright 2020 NPR. To see more, visit https://www.npr.org.

SARAH MCCAMMON, HOST:

You may have seen a tweet this week that made you ask, why is Bill Gates asking me for Bitcoin? Well, he wasn't. Twitter suffered a big cyberattack this week, a scam involving high-profile accounts. The company says it's investigating, but it's already clear that this has exposed a big vulnerability in the way many Americans get and share information. NPR election security editor Phil Ewing is here with us now.

Hi, Phil.

PHIL EWING, BYLINE: Hi, Sarah.

MCCAMMON: What can you tell us about what actually happened?

EWING: Well, these attackers were able to take control of big accounts with millions of followers, including those of Joe Biden, who's likely going to be the Democrat nominee for president; former President Obama; technology heavyweights like Elon Musk and others. And they posted messages - you described - asking to be sent an electric cryptocurrency called Bitcoin and promising to double people's money. But, of course, that was a big scam.

MCCAMMON: Sure enough. And how did the scammers get into these accounts?

EWING: We don't know exactly the answer to that question. But Twitter has said they used what it describes as social engineering, which basically means targeting someone you know has the privileges inside a target network and then trying to talk your way in. And so I might say, oh, Sarah, you know Mary Louise Kelly, too. I love her. She's a friend of mine.

MCCAMMON: Absolutely.

EWING: Here's a Google Photos album of our kids playing together. Why don't you click on it? You can look at these pictures. And I would try to get you using those connections that you thought we had to click on a link, and that might take you to a suspicious website or download malware. Twitter says it's investigating. So is the FBI. And members of Congress also have asked for briefings from Twitter on this, so we may learn more as those investigations move on.

MCCAMMON: And there have been other hacks, of course, Phil, in which people's accounts were compromised. Is this one any different?

EWING: It is. The story we're used to seeing with Twitter is somebody compromising an account at the user level. So if I did that little scam that you and I just did a minute ago, I might be able to take control of your account and post and pretend to be you, at least for a while. But with this cyberattack, the hackers attacked Twitter at the headquarters level. They got the keys to the kingdom, basically, at least for a time. And so they could take control of many of these big accounts from the server level, at the headquarters level and post from there. So even if you had a strong password or multi-factor authentication, that wouldn't have made a difference here.

MCCAMMON: And, of course, this was a cryptocurrency scam, but it seems like the ability to take control of these big official Twitter accounts could really be a big deal.

EWING: Yeah - potentially, a very big deal. You can imagine what kind of chaos somebody might be able to cause with a single compromised account or many of them, like in this case. You know, they could make it appear there was a crisis when there really wasn't or spread false information about polling places, for example, or any number of things.

You know, talking to people this week in the election security and cybersecurity world, the other theme coming back up is how much of the infrastructure in our elections depend on that which exists outside the government - companies that make voting machines, vendors that handle registration or records, et cetera. In normal times, it adds up to a system that helps us run elections. But we haven't really been living in normal times for the past few years. And there were cyberattacks that targeted these kinds of systems in the 2016 presidential race, and then we had this incident with Twitter. So we're just probably going to continue to live in that world in which adversaries are always testing and targeting these kinds of networks.

MCCAMMON: Not to mention that during the response this week, for a lot of people who had verified accounts on Twitter, they couldn't tweet.

EWING: Yeah. That's an excellent point. And that may be one unexpected proof of concept out of this whole thing. This showed that, for at least a couple of hours while Twitter was working to get this under control, many of the people who have these accounts couldn't post. That means members of Congress, government agencies and - certainly the best-known Twitter user - President Trump either couldn't say anything if they wanted to, or they had to go someplace else to talk to the audience they wanted to reach. You know, it was an inconvenience this time, but the prospect this raises is that in the critical hours ahead of a big event like a debate or Election Day itself, there could be big disruptions.

MCCAMMON: Very interesting - that's NPR's Phil Ewing.

Thanks so much, Phil.

EWING: Thank you. Transcript provided by NPR, Copyright NPR.