Recent Twitter Hacks: Realizing the Importance of Social Media Security?
Cyber security is a major concern in the digital space and needs to be protected at any cost
Now-a-days, the importance of social media is immense as most of our leaders and celebrities use it to make a statement or interact with their followers. Any security breach to a social media account can tarnish their image and can even trigger unprecedented war of words between them and the rival groups. A hacker’s group, Legion, recently hacked the twitter accounts of personalities and organizations such as Rahul Gandhi, Vijay Mallya, the Indian National Congress (INC), Bharkha Dutt and Ravish Kumar. The hacking comes as a reminder that everyone needs to properly manage their social media presence and use required adequate security measures.
To avoid hacking in the future, organizations and enterprises with which they are associated with should make sure that the accounts are secured and guarded as these attacks can trigger havoc in their groups or followers.
HACKING TOOLS USED BY HACKERS
Nilesh Jain, Country Manager (India and SAARC), Trend Micro said that there are some of the common hacking tools that hackers use: Guessing the passwords of unsuspecting victims. Leveraging passwords reuse – People often keep the same username and passwords for multiple sites. Hackers hack into some random site and then use the same combinations to hack into multiple accounts.
Social engineering – Hackers also trick users to gain access into sites.
E-mail accounts – Many social networking sites like Facebook and Twitter uses e-mail accounts for verification of identity of users. Hackers often hack the e-mail account first and then click “forgot my password” link, capture the e-mail with instructions on resetting the password, and reset it as per their choice. E-mail accounts are also inter-
cepted using the aforementioned methods.
SIGAINT - WEBSITE USED FOR HACKING
Legion used an e-mail service called Sigaint which helps them provide users anonymity. They claims to provide e-mail ids which are secure on Tor browser which is free software and an open network that helps users defend against traffic analysis - “a form of network surveillance that threatens personal freedom and privacy; confidential business activities and relationships; and state security.” Sigaint also claims that e-mails created by the network can only be accessed by downloading Tor browser.
HOW CAN PEOPLE PROTECT THEIR ACCOUNTS
Users more often than not, care only about credit card frauds and the like and not much about their social network accounts.
Using strong passwords: Apart from using sophisticated “brute-force” programs, hackers often guess passwords. Blogging-is-like-jogging is a significantly securer password than a ‘HuB&p07.’ People mostly access Twitter on phones and they prefer to use simple words that they can type easily with a finger, instead of special characters and a string of word etc. But it is worth it.
Twitter two-step verification: Twitter now also has an optional feature that adds a significant additional layer of security by requiring login verification through a mobile device.
Stay away from shortened URLs: On Twitter, people often use shortened URLs and link management platform. If you doubt the authenticity, use a URL expander, such as LongURL to see what the link has.
Checking URL: Hackers often clone a website, like Twitter and send people there to capture their login information. Cloning Twitter’s login page is simple. The unsuspecting user may miss the slight change in the URL.
E-mail phishing: Refrain from clicking links of sites you do not trust and also check the source of the mail you receive. Never share your personal information over e-mail. No company asks for such information over an email. Use of public computers: Refrain from using public computers. Software like key loggers tracks and records every key stroke and its context. Your password and username can thus be recorded and used by hackers.
Similarly, try and avoid public Wi-Fi while accessing bank accounts, private information.
Ritesh Chopra, Country Manager, Norton by Symantec, India also gives some advice to the people to protect and secure their accounts from such attacks.
Create a strong and unique password: It is likely that many of the compromised accounts used weak passwords or re-used passwords on other services.
Be vigilant: Be careful about what personal information you reveal via social networks. Check your privacy settings on your social accounts to be sure that information is only visible to trusted friends and family.
Use a password manager: To create and securely store your passwords, we suggest using a password manager. While there are plenty to choose from (LastPass, 1Password, Dashlane, KeePass, Password Safe, Norton Identity Safe), we suggest you use one that best meets your needs and your budget. Consider enabling Twitter Login Verification: Login Verification requires you to enter a code that is sent to your mobile phone. This adds an extra layer of security and helps prevent unauthorized access to your account.
Swipe clean before discarding: Be sure to completely wipe all information from the device while disposing of old technology.
Report compromised accounts to Twitter: If you believe that someone you know or follow has been compromised, you can report their account to Twitter by selecting the gear icon on their profile and clicking on Report. From there, select the option “Their account may be hacked” to proceed.
In the current state of cashless India due to demonetization, cyber security is an even bigger issue. Till now we had the educated class using internet banking but now there is a wave of first time users who have no knowledge of the threats. Now our mobile phones have become our wallet but what happens if we lose our mobile or if there is any security breach. All these fears are very real as they will have to be sorted quickly to gain the confidence of the common man. No one wants to lose their hard earned money and the government will have to take stringent steps to curb this problem.