Skip to main content

Twitter warns users of state-sponsored hack attacks

Twitter is joining the Google / Facebook bandwagon and has started warning its users that they may be potential targets for "state-sponsored” hack attacks, the media have reported on Monday.

A Canadian non-profit organisation Coldhak has tweeted a copy of an email they had received from Twitter, warning them about a possible cyber-attack.

“As a precaution, we are alerting you that your Twitter account is one of a small group of accounts that may have been targeted by state-sponsored actors”, it says in the email.

“We believe that these actors (possibly associated with a government) may have been trying to obtain information such as email addresses, IP addresses, and / or phone numbers”.

According to Twitter, it is possible that the hacks may not have been targeting these users. "At this time, we have no evidence they obtained your account information, but we're actively investigating this matter. We wish we had more we could share, but we don't have any additional information we can provide at this time," says the email sent by the company.

Facebook has implemented a similar practice in October this year. “We do this because these types of attacks tend to be more advanced and dangerous than others, and we strongly encourage affected people to take the actions necessary to secure all of their online accounts,” Facebook’s chief security officer Alex Stamos said then.

State-sponsored attacks have become a thing nowadays, with hacking groups from China, North Korea, Russia being openly criticised for their alleged co-operation with the government.

David Emm, principal security researcher at Kaspersky Lab commented: "This potential attack underlines the importance of not over-sharing in social networks: i.e. not posting anything sensitive that could be used by a would-be attacker, and also making sure your account is secure should an attacker wish to target you.

"If you wouldn’t like to see something on the front page of a national newspaper, it’s best not to share it on Twitter or in any other social network. This includes information about the company you work for in case it could be used by an attacker to sneak their way into your employer’s network. This is evidenced in the Twitter attack, as it is believed that many of the users targeted work for, or are active in, activism and privacy groups, or those using Tor, the browser used to access the web anonymously. Targeted attacks of all kinds use social engineering tricks to gain an initial foothold in the organisation they want to attack, so it would be interesting to know why Twitter believes these attacks are “state-sponsored”. No one should assume that their social network accounts are immune from attack just because they think no nation-state could possibly be interested in them, and it is important to remember that you lose control instantly of anything you post online as it becomes public property.

"I would recommend that anyone using Twitter takes this opportunity to change their password - including changing them on any other sites where the same password has been used. It’s a growing concern that many use the same password and personal details across multiple online accounts, meaning that if their details have been compromised by one attack they could find other accounts suffer too.

"Customers should also be cautious about any e-mails they receive purporting to be from Twitter. The hackers behind the attack may already have been able to formulate phishing emails, so consumers must think carefully about whether the emails they receive are legitimate. I would caution against clicking links in emails you are unsure of – it’s always better to type the website address manually, to avoid the risk of being redirected to a phishing site.

"People should also be aware that scammers may also approach people via telephone, claiming to be from Twitter and requesting remote access to the computer. Do not give out any of your personal details, or access to your computer, to anyone."