Lasting Ramifications Predicted by Cybersecurity Experts Following Twitter Breach

Following a ransomware assault, the United States Conference of Mayors overwhelmingly approved a resolution in July 2019 to stop paying hackers' ransom demands. Cybersecurity experts applauded the move, and many businesses have adopted the view that a ransom should never be paid since doing so will almost certainly lead to further assaults from bad actors in the future.

Following a hack that resulted in the theft of user data from hundreds of millions of users last month, Twitter basically disregarded pleas for a ransom to be paid. This week, 200 million records' account information was then freely shared on a hacker forum. Sundar Pichai, Donald Trump Jr., SpaceX, CBS Media, the NBA, and the World Health Organization are a few of the well-known and well-liked individuals and organizations.

The database was 63 GB in size and contained information on the account name, handle, creation date, number of followers, and even email address. Researchers have cautioned that the data breach might be exploited for social engineering or "doxxing" campaigns as well as to hack into Twitter users' accounts.

At cybersecurity company Cybrary, senior director of threat intelligence David Maynor stated, "It's easy to shrug and say, 'That's life in the big metropolis.' "How many people have had their data exposed for the first time as a result of this Twitter breach? "Based on all the breaches my data has been exposed to, I have free credit monitoring for the rest of my life."

The API Issue

It's also important to know how the breach actually happened and what customers might anticipate happening next in order to comprehend its impact.

According to Sammy Migues, lead scientist at Synopsys Software Integrity Group, "API security is the actual story here."

In essence, the application programming interface (API) is how two or more computer applications may talk to one another. Any public-facing API must be secure, and more secure systems frequently demand that users be given an API key. The services decline to provide data in the absence of such a key.

Twitter, it seems, was an exception to that rule.

According to Migues, "as the world of building cloud-native apps increases, so does the world of restructuring monolithic programs into hundreds of thousands of APIs and microservices."

This is simply the most recent illustration of how a developer-designed, unprotected API may continue to be unprotected since, in terms of security, what is out of sight is all too frequently out of memory.

According to Jamie Boote, an associate software security consultant at Synopsys Software Integrity Group, "Humans are poor at guarding things they can't see."

The problem is that this endeavor is expanding far more quickly than the number of application architects with the necessary abilities to create functional, zero-trust, and secure API designs.

It's also expanding quicker than the time available to do proficient security testing and threat modeling, cautioned Migues.

This path has also been taken by Twitter in the past.

People first learned in 2021 that it was possible to utilize the Twitter API to leak other people's email addresses as well as other semi-public information, such as the Twitter handle associated with the email address. Then, a number of organizations began mining hacked email dumps for handles, from which they could later collect data from Twitter profiles, including follower numbers, the date a profile was created, and other details.

It appeared that the problem had been resolved last year and was no longer an issue.

Following Musk's purchase of Twitter, Bootle stated, "dumps of these started appearing for sale as hackers were hoping to get rewarded for their services." It looks like someone gathered a few of them and made an attempt to persuade Musk to make good on his debt.

The data has been made public because that didn't happen. What may happen next is the question.

A Lingering Concern?

This may now be a persistent issue for many Twitter users. Many people can even believe they are safe if nothing awful happens right away, only for something bad to occur later.

The risk of account takeover for impacted customers is a serious issue, according to Benjamin Fabre, CEO of security vendor DataDome.

Without the victims' knowledge, fraudsters are able to carry out unlawful transactions when they successfully take control of an internet account.

Fabre cautioned that they "often go undiscovered for a long time since signing in isn't a suspicious behavior." "Any website having a login page would be expected to have one. Once a hacker has gained access to a user's account, they can steal identities by using the associated bank accounts, credit cards, and personal information."

Those who suspect their data may have been hacked must exercise caution at all times.

Boote said, "As usual, criminal actors have your email address. "Users should update their Twitter password and make sure it isn't used on any other websites in order to be safe. To prevent phishing attempts going forward, it's usually advisable to just delete any emails that appear to be from Twitter."