The General Service Administration is buckling down on cybersecurity for federal agencies’ social media accounts, after this month’s embarrassing hack of CENTCOM’s Twitter and Youtube accounts in the middle of the president’s big speech on cybersecurity.
During Obama’s speech, CENTCOM’s official account tweeted pro-ISIS messages like “AMERICAN SOLDIERS, WE ARE COMING, WATCH YOUR BACK” and “ISIS is already here, we are in your PCs, in each military base. With Allah’s permission we are in CENTCOM now. We won’t stop! We know everything about you, your wives and children. U.S. soldiers! We’re watching you!”
The GSA has now released a “Toolkit” for agencies to shore up on their security, BuzzFeed reports. The document refers to incidents like CENTCOM’s hacking as “cyber-vandalism” or “cyber-hijacking,” and suggests a number of steps agencies can take to strengthen against them.
Some of the suggestions are obvious tips: regularly update passwords, be sure that former employees no longer have access to accounts and passwords, have a “secure method” of storing sensitive information like account names and passwords, and don’t post from unsecured wifi networks.
The GSA also recommends making the most of individual platforms’ pre-existing security tools, like additional approval and security features in Facebook, and using .mil or .gov addresses for accounts.
Even these simple measures might have helped to make CENTCOM less vulnerable–the Wall Street Journal reported that, according to anonymous sources, CENTCOM’s accounts were linked to someone’s personal email account, rather than a more secure government address, and did not use “secondary authentication.” Secondary authentication provides an an optional added layer of security, where Twitter sends a verification code to the official user’s phone number.
The “Toolkit” further suggests establishing a “social media stakeholder team” to respond to potential “cyber-vandalism.” This would involve a social media team, a public affairs representative, and IT security, among others, all of whom would form “a direct chain of responsible managers” with pre-planned roles in the event of an attack.
The document stresses the importance of immediate reaction to any future attack: “If the social media cyber-security stakeholder team or responsible manager determines an incident is in progress, remember that minutes and even seconds count. Within minutes you’ll need to alert internal stakeholders, alert outside stakeholders to help you regain control, and act to isolate the compromise.”
Although no agency is required to adopt the guidelines, at least one government official told BuzzFeed that agencies do “plan to use” it.
