Bondgate IT is urging North East businesses and organisations to strengthen cyber security measures after hackers breached Twitter’s internal system to target a host of high-profile accounts including those of Barack Obama, Bill Gates and Kanye West in an apparent ‘double your money’ Bitcoin scam.
Other targets included billionaires Elon Musk, Jeff Bezos and Kim Kardashian, whose official accounts tweeted out requests for donations using the untraceable crypto currency.
Garry Brown, managing director of Darlington-based Bondgate IT, said this was an example of a social engineering attack whereby cyber criminals gain access to a business’s internal systems by effectively tricking its employees.
He said: “This may be the biggest security breach in Twitter’s history and is not only a major embarrassment but will have damaged its reputation and credibility with users.
“It is most likely the result of an email phishing attack, whereby staff with access to its internal systems were tricked into clicking on a malicious link or attachment, which allowed access to sensitive information.
“This is a not just a problem confined to large corporate organisations in America, but one faced by businesses and organisations in the North East on a daily basis.
“Most people will have been the recipient of a phishing email, which underlines how widespread the practice is and the urgent need for businesses to take this threat seriously.”
Earlier this year, the UK’s National Cyber Security Centre revealed the public had flagged up 160,000 suspicious emails in one 14-day period.
Businesses, organisations, and individuals can take several simple steps to strengthen their cyber security by updating antivirus software, securing networks and cloud services, updating all software and apps, investing in email security solutions, ensuring staff use a password management tool, and enforcing multi-factor authentication for business applications.
The same precautions should be taken on individual devices including laptops, desktops, tablets, and smartphones.
Twitter described it as a co-ordinated attack targeting its employees “with access to internal systems and tools”.
The hackers posted tweets appearing to promote a crypto currency scam and used high profile accounts to solicit Bitcoin donations.
Garry Brown added: “Such social engineering attacks can not just damage a company’s reputation but cost many thousands or millions of pounds. This incident highlights the need for businesses to invest in comprehensive, multi-layered cyber security measures if they too are not to risk becoming a victim.”