Hackers took control of the A.P.’s Twitter account Tuesday afternoon, sending out a phony tweet that claimed the White House was under attack.
To anyone paying attention, the tweet was obviously fake. However, we shouldn’t dismiss the serious questions this raises about security at the nation’s largest media outlets. Take a look at the tweet captured by gizmodo.com.
Signs the Tweet was Fake
To experienced journalists, there were a lot of red flags.
- No news outlet would report that the President was injured in the moments following an explosion. Even if they were right there, the Secret Service would have the President completely surrounded and lock down all communication.
- The A.P. never calls the President “Barack Obama” in a tweet. It’s always the President, or President Obama.
- The A.P. would never only report this type of breaking news through a single tweet. The organization has electronic wire service to every media outlet in the country. It would have sent out a series of messages alerting the media prior to sending out a tweet.
- This came out in the middle of the day, at the same time the White House was holding a normally scheduled press briefing. Every other media outlet in the building would have sent out a notice.
In about five minutes, the A.P. suspended the Twitter account, sent out notification that it had been hacked, and announced the tweet was a fake at the White House press conference. While it seemed a quick enough response to reduce damage control, it was not fast enough for the lightning speed of computers.
I am talking not just about retweets, but about the computers that hold the financial futures of millions of Americans in their hot little circuits.
Fooling the Computers
Within 90 seconds of the erroneous tweet, U.S. markets went into a short, but dramatic free fall. The Dow Jones dropped 143 points, the S&P fell 1%, and traders began buying Treasury 10-year futures.
It wasn’t panicked traders that sparked the selloff. CNBC reports it was the computer algorithms that triggered stock sales based on database searches for combinations of keywords (like explosion + White House) paired with algorithms that react to sudden market trends. When there is an unexplained drop in the market, the programs are designed to sell or buy rapidly.
While media outlets were able to quickly dispel the erroneous tweet, there was no takeback for the automatically triggered trades on Wall Street.
How did the hackers gain access to such a prestigious media outlet as the Associated Press? All signs point to a simple phishing scam. Yep, someone simply answered an email that asked for the company’s Twitter password. Ironic for a news company that prides itself on careful research. But the reality is, journalists are slammed all the time – they barely have time to eat lunch, much as less actually read every email closely.
While it has not been confirmed, the Syrian Electronic Army has claimed responsibility for the hack, as well as recent hacks on social media accounts for CBS, the BBC and NPR. The group supports Syrian President Bashar Assad’s regime, but does not give a reason for the hacks.
For that reason, anyone working in media should have been aware that this group was targeting media outlets. Unfortunately, most large media companies have a lot of people working on the same account, which means a lot of people have the password. Changing the password, or making it too complex, causes a lot of confusion and isn’t likely to occur in the real world unless absolutely necessary. Hackers know this, and count on it. That’s why company-mandated password changes every 60 or 90 days are so valuable. However, rarely do these mandates also include social media.
Plugging the Holes
Twitter previously announced plans for a multi-step authentication process for situations like breaking news, but only time will tell when they will roll it out. It’s unclear if Tuesday’s hack will encourage media outlets to ask for this extra layer of security, but they should.
In the meantime, it would be wise for all companies to remind employees never to respond to an email that asks for a password – and always send suspicious emails to the I.T. department. As for your stocks, you may want to call your broker just to make sure they are top of things like this for the next time hackers take advantage of the unsuspecting (or overworked) media.