Re­cent Twit­ter Hacks: Re­al­iz­ing the Im­por­tance of So­cial Me­dia Se­cu­rity?

Cy­ber se­cu­rity is a ma­jor con­cern in the dig­i­tal space and needs to be pro­tected at any cost

DQ Channels - - Contents -

Now-a-days, the im­por­tance of so­cial me­dia is im­mense as most of our lead­ers and celebri­ties use it to make a state­ment or in­ter­act with their fol­low­ers. Any se­cu­rity breach to a so­cial me­dia ac­count can tar­nish their im­age and can even trig­ger un­prece­dented war of words be­tween them and the ri­val groups. A hacker’s group, Le­gion, re­cently hacked the twit­ter ac­counts of per­son­al­i­ties and or­ga­ni­za­tions such as Rahul Gandhi, Vi­jay Mallya, the In­dian Na­tional Congress (INC), Bharkha Dutt and Rav­ish Kumar. The hack­ing comes as a re­minder that every­one needs to prop­erly man­age their so­cial me­dia pres­ence and use re­quired ad­e­quate se­cu­rity mea­sures.

To avoid hack­ing in the fu­ture, or­ga­ni­za­tions and en­ter­prises with which they are as­so­ci­ated with should make sure that the ac­counts are se­cured and guarded as th­ese at­tacks can trig­ger havoc in their groups or fol­low­ers.


Nilesh Jain, Coun­try Man­ager (In­dia and SAARC), Trend Mi­cro said that there are some of the com­mon hack­ing tools that hack­ers use: Guess­ing the pass­words of un­sus­pect­ing vic­tims. Lever­ag­ing pass­words re­use – Peo­ple of­ten keep the same user­name and pass­words for mul­ti­ple sites. Hack­ers hack into some ran­dom site and then use the same com­bi­na­tions to hack into mul­ti­ple ac­counts.

So­cial en­gi­neer­ing – Hack­ers also trick users to gain ac­cess into sites.

E-mail ac­counts – Many so­cial net­work­ing sites like Face­book and Twit­ter uses e-mail ac­counts for ver­i­fi­ca­tion of iden­tity of users. Hack­ers of­ten hack the e-mail ac­count first and then click “for­got my pass­word” link, cap­ture the e-mail with in­struc­tions on re­set­ting the pass­word, and re­set it as per their choice. E-mail ac­counts are also in­ter-

cepted us­ing the afore­men­tioned meth­ods.


Le­gion used an e-mail ser­vice called Sigaint which helps them pro­vide users anonymity. They claims to pro­vide e-mail ids which are se­cure on Tor browser which is free soft­ware and an open net­work that helps users de­fend against traf­fic anal­y­sis - “a form of net­work sur­veil­lance that threat­ens per­sonal free­dom and pri­vacy; con­fi­den­tial busi­ness ac­tiv­i­ties and re­la­tion­ships; and state se­cu­rity.” Sigaint also claims that e-mails cre­ated by the net­work can only be ac­cessed by down­load­ing Tor browser.


Users more of­ten than not, care only about credit card frauds and the like and not much about their so­cial net­work ac­counts.

Us­ing strong pass­words: Apart from us­ing so­phis­ti­cated “brute-force” pro­grams, hack­ers of­ten guess pass­words. Blog­ging-is-like-jog­ging is a sig­nif­i­cantly se­curer pass­word than a ‘HuB&p07.’ Peo­ple mostly ac­cess Twit­ter on phones and they pre­fer to use sim­ple words that they can type eas­ily with a fin­ger, in­stead of spe­cial char­ac­ters and a string of word etc. But it is worth it.

Twit­ter two-step ver­i­fi­ca­tion: Twit­ter now also has an op­tional fea­ture that adds a sig­nif­i­cant ad­di­tional layer of se­cu­rity by re­quir­ing lo­gin ver­i­fi­ca­tion through a mo­bile de­vice.

Stay away from short­ened URLs: On Twit­ter, peo­ple of­ten use short­ened URLs and link man­age­ment plat­form. If you doubt the au­then­tic­ity, use a URL ex­pander, such as LongURL to see what the link has.

Check­ing URL: Hack­ers of­ten clone a web­site, like Twit­ter and send peo­ple there to cap­ture their lo­gin in­for­ma­tion. Cloning Twit­ter’s lo­gin page is sim­ple. The un­sus­pect­ing user may miss the slight change in the URL.

E-mail phish­ing: Re­frain from click­ing links of sites you do not trust and also check the source of the mail you re­ceive. Never share your per­sonal in­for­ma­tion over e-mail. No com­pany asks for such in­for­ma­tion over an email. Use of pub­lic com­put­ers: Re­frain from us­ing pub­lic com­put­ers. Soft­ware like key log­gers tracks and records ev­ery key stroke and its con­text. Your pass­word and user­name can thus be recorded and used by hack­ers.

Sim­i­larly, try and avoid pub­lic Wi-Fi while ac­cess­ing bank ac­counts, pri­vate in­for­ma­tion.

Ritesh Cho­pra, Coun­try Man­ager, Nor­ton by Sy­man­tec, In­dia also gives some ad­vice to the peo­ple to pro­tect and se­cure their ac­counts from such at­tacks.

Cre­ate a strong and unique pass­word: It is likely that many of the com­pro­mised ac­counts used weak pass­words or re-used pass­words on other ser­vices.

Be vig­i­lant: Be care­ful about what per­sonal in­for­ma­tion you re­veal via so­cial net­works. Check your pri­vacy set­tings on your so­cial ac­counts to be sure that in­for­ma­tion is only vis­i­ble to trusted friends and fam­ily.

Use a pass­word man­ager: To cre­ate and se­curely store your pass­words, we sug­gest us­ing a pass­word man­ager. While there are plenty to choose from (Last­Pass, 1Pass­word, Dash­lane, KeePass, Pass­word Safe, Nor­ton Iden­tity Safe), we sug­gest you use one that best meets your needs and your bud­get. Con­sider en­abling Twit­ter Lo­gin Ver­i­fi­ca­tion: Lo­gin Ver­i­fi­ca­tion re­quires you to en­ter a code that is sent to your mo­bile phone. This adds an ex­tra layer of se­cu­rity and helps pre­vent unau­tho­rized ac­cess to your ac­count.

Swipe clean be­fore dis­card­ing: Be sure to com­pletely wipe all in­for­ma­tion from the de­vice while dis­pos­ing of old tech­nol­ogy.

Re­port com­pro­mised ac­counts to Twit­ter: If you be­lieve that some­one you know or fol­low has been com­pro­mised, you can re­port their ac­count to Twit­ter by se­lect­ing the gear icon on their pro­file and click­ing on Re­port. From there, se­lect the op­tion “Their ac­count may be hacked” to pro­ceed.

In the cur­rent state of cash­less In­dia due to de­mon­e­ti­za­tion, cy­ber se­cu­rity is an even big­ger is­sue. Till now we had the ed­u­cated class us­ing in­ter­net bank­ing but now there is a wave of first time users who have no knowl­edge of the threats. Now our mo­bile phones have be­come our wal­let but what hap­pens if we lose our mo­bile or if there is any se­cu­rity breach. All th­ese fears are very real as they will have to be sorted quickly to gain the con­fi­dence of the com­mon man. No one wants to lose their hard earned money and the gov­ern­ment will have to take strin­gent steps to curb this prob­lem.

Newspapers in English

Newspapers from India

© PressReader. All rights reserved.