On Tuesday, hackers demonstrated how easy it is to take over a key Twitter account when they took over an Associated Press feed and tweeted that President Obama had been injured in an explosion. The group claiming credit for the attack, as well as other recent hacks, identifies itself as the Syrian Electronic Army, which supports the Syrian government,
When the phony AP tweet posted, the stock market reacted immediately, and prices plummeted for a moment until the newswire alerted on the hack:
The tweet popped up on traders’ screens shortly after 1 p.m. The AP used social media, its Web site and its corporate blog to announce that its Twitter account had been hacked. The company said it was investigating the matter with Twitter, and the White House weighed in to calm nerves.
“The president is fine,” White House spokesman Jay Carney said. “I was just with him.”
But in the investing world, where super-high-speed computer trades dominate the market, the reassurances did not come quickly enough to prevent momentary chaos. The Dow Jones industrial average fell more than 100 points between 1:08 p.m. and 1:10 pm. (Read the complete article here.)
On the day before the AP hack, World Views’ Max Fisher wrote about other attacks claimed by the Syrian Electronic Army:
Last week, they hacked into National Public Radio’s site and its Twitter feeds, criticizing NPR’s coverage of the Syrian civil war.
On Saturday, hackers identifying as members of the Syrian Electronic Army defaced four Twitter accounts owned by CBS News, including the “60 Minutes” account, which had 320,000 followers until it was disabled by Twitter in apparent response to the hacks. The messages were among some of the pro-Assad hackers’ most elaborate, a long string of messages that accused the United States of supporting terrorism in Syria as part of a larger plot to impose a one-world government.
Last month, the group took responsibility for defacing the Web site of Human Rights Watch in retaliation for the organization’s reports on the Syrian government’s abuses. Fisher asked in a Tuesday post whether such vandalism should be considered an act of aggression:
What if the hackers had been smart enough to simultaneously hijack multiple news organizations’ Twitter feeds, sustaining the fiction from seconds to minutes? It’s not as outlandish as it sounds; multiple news organizations have been hit by the Syrian Electronic Army in recent weeks. . .
A recent study, commissioned by NATO, argued that any cyberattack that causes real-world physical property damage or death would merit a military retaliation. So, based on that definition, a temporary stock market dip would certainly not seem to rise to the level of demanding a real-world military [response] as a terrorist attack might.
Tuesday’s hackers appear to have gained access to the AP account using a phishing scam, the wire service reports. The Washington Post’s Hayley Tsukayama offers suggestions on how to protect your identity on Twitter :
If you get an e-mail from Twitter that says there’s a problem with your account or that it has been hacked, immediately delete the e-mail, head to Twitter.com and change your password. If it’s a genuine e-mail from Twitter, you’re doing exactly what you should in that situation. If it’s a phishing attempt, you’ve just made it more difficult for hackers to take over your account.
Never click on links in those e-mails, and never reply with an e-mail that includes your username and password. Like most reputable online services, Twitter won’t ask you to share your login information through e-mail.
(Read the rest of the article here.)
Sign up today to receive #thecircuit, a daily roundup of the latest tech policy news from Washington and how it is shaping business, entertainment and science.