A prime sample of the weekend hack is this tweet: “Exclusive: Terror is striking the #USA and #Obama is Shamelessly in Bed with Al-Qaeda.” Another read, “New Evidence of CIA Arming Al Qaeda Terrorists in #Syria.” Aside from pushing out the fake news, the tweets also included links, which AllThingsD reported were believed to lead to malware-carrying web pages.
CBS was quick to denounce the phony feeds from its uncompromised @CBSnews account: "We have experienced problems on Twitter accounts of #60Minutes & @48Hours; We apologize for the inconvenience; Twitter is resolving issues.” The offending tweets have been taken down.
The Syrian Electronic Army, cyber-supporters of Syrian President Bashar Assad – is making news hacks its go-to M.O. Last week it compromised feeds from National Public Radio, while last month it commandeered the BBC's weather service, of all things. In the past, Reuters and Al-Jazeera have been victims.
Sophos Security’s Graham Cluley noted that Twitter is now playing what he terms “Whack-a-Mole” with the SEA as it tries to shut down the group’s account. The @Official_SEA has now been suspended, but the SEA just created a new account, called @SyrianCyberArmy.
“And when that one was shut down, they created yet-another-Twitter-account - @SEA_Official3,” Cluley said. “Guess what? Yep, that one has been shut down too. And, as certain as night follows day, the SEA responded by creating @Official_SEA5. You can probably guess what happens next in this story. That's right, @Official_SEA5 was suspended by Twitter. Not that that has stopped the hackers, of course.”
While Twitter does not yet have two-factor authentication, these kinds of hacks do point out the critical necessity to adopt more stringent login procedures whenever possible.
“Other organizations who are worried about their own accounts being hacked might want to consider more secure password policies and the possibility of turning on two factor authentication,” Cluley said.