Twitter hack illustrates risk of increased social engineering attacks on businesses: CyberCube
Sophisticated social engineering attacks, such as the recent Twitter hack, are on the rise as widespread homeworking during the global COVID-19 pandemic has created new vulnerabilities for criminals to exploit, and exposed businesses and high-profile executives to higher risk of cyber attacks, says CyberCube.
Earlier this week, dozens of Twitter accounts of prominent business figures and celebrities were hijacked. According to CyberCube, latest estimates suggest that over $100,000 has been lost by individuals sending bitcoins in response to fake messages offering to double their money.
Darren Thomson, head of cyber security strategy for cyber analytics leader CyberCube, said that although the outcome of the attack was not as serious as it could have been, it highlights the potential a hacked tweet from a senior business figure’s account can have on a company’s share price.
The cyber analytics provider warned that "more of this type of attack should be expected", particularly if this hack was a test by criminals.
Thomson said: “This attack highlights two key points. First, CyberCube’s recent report on the effects of the pandemic found that homeworking was creating new avenues for criminals to use in their attacks. In this case, the Twitter employees whose accounts were compromised were working from home, where it may have been easier for criminals to manipulate their targets.
“The confluence of COVID-19 and advance social engineering techniques poses a growing threat.
“Second, it shows just how much influence high-profile figures’ accounts have. We’ve already seen how genuine tweets from the likes of Elon Musk can affect a share price. One can foresee a similar kind of attack whose objective is primarily to damage a business’s market valuation or its reputation. There’s the potential to do real harm to an organisation here. Perhaps of even greater concern is that potential political consequences of a world leader’s social media account being compromised.”