In the recent years, and to more extent in the past few months, we have witnessed a surge of Social Media account hijacks, which targeted organizations from various industries (from Media through Fast-food to Government). The most breached Social Media service in the past year is Twitter, with some high-profile takeovers of mainly media accounts. Unlike Facebook, Google+ and others, Twitter has yet to deploy a Two-Factor Authentication tactic, which could have prevented many of the attacks. Most attacks included Phishing tactics, used to steal credentials.
The most significant attack in recent times was the hijacking of AP’s Twitter account and the false publication of explosions in the White House – a hoax that caused US markets to plummet and lose over 130 Billion USD in minutes, before recovering.
In the past year, this tactic has been a “weapon of choice” for Hacktivist groups, such as The Syrian Electronic Army (SEA), which target Media accounts in order to plant information and “news” content.
Twitter itself was hacked last February and admitted that some 250,000 accounts were compromised. The attack on Twitter was much more sophisticated than the attacks on the specific accounts, and came as part of a wave of attacks against IT giants such as Facebook and Apple.
Such attacks against Social Media accounts, which began as a nuisance, are becoming more and more potentially threatening to economic, security and political statuses. Despite that, Twitter announced (May 5th) that for the time being there’s nothing to be done, and users are to expect more hacks.