Over the past few years, Twitter has coarsened the political discourse, aided outrage mobs, exposed the bias and ignorance of many media figures, and provided a forum for a president to vent his unfiltered thoughts. But the social media platform is increasingly turning into something much worse — a national security risk.
Earlier this month, scammers were able to access the accounts of high-profile users and send out tweets from their accounts imploring people to transfer them money. They only managed to steal about $120,000, but more worrisome was the fact that outsiders were able to gain temporary control of the accounts of Barack Obama, Joe Biden, Jeff Bezos, Bill Gates, and Elon Musk.
At the time, Twitter said that they believe the attackers orchestrated a “social engineering scheme” in which Twitter employees were manipulated, allowing the hackers to gain access to their credentials, which were then used to access the accounts. Twitter said that 130 accounts were targeted, and scammers were able to gain access to 45 accounts, enabling them to reset passwords, log in, and send tweets. In up to 36 cases, the hackers were able to gain access to users’ private communications with other users, known as direct messages. One of those was an elected official in the Netherlands.
Further, Reuters reports that as of earlier this year, more than 1,000 Twitter employees and contractors had access to the tools needed to commandeer accounts in this manner. That is a startling revelation, given the number of high-profile users on the platform, as well as the incredible incentives that bad actors would have for taking them over.
First, there is the incredible financial incentive. While the cash haul was paltry in this case, the possibilities are enormous. A single Trump tweet has been known to trigger significant short-term fluctuations in markets, as when the Dow tumbled in response to his escalating trade war talk with China. Regulatory and other unilateral actions he could take would have massive effects on individual companies, oil, currency, and so on. Or imagine a Bezos tweet that he’s stepping down from Amazon or unloading his stock. A hacker with a sufficient bankroll could make huge bets just before sending out a tweet, then cash in.
Far more worrisome are the national security implications.
Currently, all world leaders use Twitter in some way. A single tweet has the ability to create major diplomatic issues. Even if the offending tweet is removed quickly, it may not be enough to correct the damage, particularly when adversarial countries are involved who distrust one another.
Imagine if, for instance, during the height of the Cuban Missile Crisis, hackers had been able to gain temporary control of the accounts of JFK or Nikita Khrushchev. To use a more recent example, think about some of the tense moments between the United States and Iran — when Trump was on the brink of launching an attack on Iran in response to downing an American surveillance drone, after the operation that killed Qassem Soleimani and after Iran’s retaliation.
It also remains unclear what sort of personal information hackers may be able to gain from accessing Twitter accounts, or what sort of secrets could be in user direct messages.
Should prominent individuals, and especially world leaders, continue to use Twitter as a platform, the company needs to have some sort of special status for elite users whose accounts could, if hacked, alter world events in such manner. That would involve additional security precautions and a more limited number of employees with the security clearance to access the relevant tools. A smaller number of employees would be easier to vet. It would also be easier to monitor their actions and make them more fearful of getting caught if they let themselves be manipulated into providing credentials to hackers.
The bottom line is that Twitter currently poses a national security threat that must be addressed.
