CTO Perspective: 3 Biggest Lessons From Twitter Hack

Data breaches and ransomware are major threats to enterprise security, but they aren’t the only ones. July’s high-profile Twitter hack highlighted why insider threats should be top of mind as we head into 2021. Pulse Secure Global CTO Mike Riemer lays down three key lessons security leaders should bear in mind as we look into the future. Gain a new perspective on building a remote secure access approach rooted in Zero Trust in this thought leadership piece. 

One of the most high-profile hacks in recent memory happened to Twitter in July, when the accounts belonging to several influential users, including former U.S. president Barack Obama, President-Elect Joe Biden, Kanye West, and Elon Musk, were compromised and began tweeting out messages about Bitcoin. 

We now know that this attack, allegedly carried out by a 17-year-old from FloridaOpens a new window , was successfully executed by creating a fake VPN portalOpens a new window and stealing employee credentials. The attackers leveraged social engineering techniques, which involves manipulating people into giving up sensitive information, in order to pose as internal IT staff and convince Twitter employees to enter their login information.   

Twitter learned the hard way that a comprehensive remote secure access approach founded on the concept of Zero Trust is crucial to remain secure, and there are lessons all enterprises can learn from this high-profile hack. 

Learn More: Preparing for the Next Wave of U.S. Data Protection Regulations

Here are three key takeaways for security leaders: 

Validating User Credentials Alone Is No Longer Sufficient 

The work environment created in the wake of COVID-19 means security teams are faced with protecting a workforce that is both remotely connecting or physically in the office on any given day. Solely relying upon validated user credentials is no longer sufficient as the usually defined employee behavior parameters have had to be completely re-evaluated. Organizations must operate with the knowledge that user credentials could potentially be stolen and cannot be trusted to validate and authenticate employees. It is also critical for businesses to have the infrastructure in place to distinguish the device type and log in location before permitting access to a company network. If at any point during one of the above verification steps something comes back that is not within the newly-defined normal parameters then the access attempt must be rejected and documented. 

Organizations Must Begin Implementing a Zero Trust Model

What happened to Twitter could have been prevented if the company had implemented a policy that removed any inherent trust and set up context-based access permissions. By embracing Zero Trust, organizations can move to a new era of contextual security that continuously verifies and re-verifies users to guarantee their identity and thwart any bad actors before they can gain unauthorized access to the network.

When thinking about Zero Trust, two key areas must be validated before access can be granted: the endpoint must be confirmed, and application access must be authenticated every time. It can feel overwhelming to implement Zero Trust in an organization, but it is achievable with the right process. A recent survey revealed that COVID-19 has pushed organizations to take a hard look at Zero Trust, with 60% indicating they have accelerated their implementation plans during the pandemic. 

Organizations should start by ensuring they have complete visibility over all of their data stores and understand employee roles at a granular level. Once that is completed the security team can begin to construct the Zero Trust framework, which involves writing rules on how data should be segmented based on the prior understanding of expected behaviors. 

Learn More: Is the Latest Twitter Hack Just the Tip of the Iceberg in the Cybersecurity Skills Gap?

Employee Education Is Critical for Success

The massive uptick in remote work over the last eight months has forced businesses of every size to seek out secure access methods that allow for any device, whether it be a phone, tablet, laptop or desktop, to connect to corporate networks from anywhere. This creates challenges that can effectively be addressed with Zero Trust security measures. However, employees must also be appropriately educated and trained on the various phishing techniques, which have seen a significant increaseOpens a new window amid COVID-19. 

If Twitter’s employees had received regular training on social engineering techniques and other phishing intrusions, they would have been less likely to share credentials over the phone with someone they cannot prove is a part of their IT team. Without proper awareness, many employees incorrectly assume they will be safe from these attacks when using company devices and networks. 

They let their guard down, and that’s when social engineering attacks find success. Using security awareness programs in coordination with enhanced access security techniques helps businesses succeed in significantly reducing their overall threat landscape. It also prevents their security team from being stretched too thin, which can put an organization at risk. They can instead focus closely on the remaining attack vectors within their networks. 

2020 has shown us how nimble cybercriminals can be. They react and respond to current events very quickly, and we can expect to see them become more sophisticated and more aggressive in future attacks. That is why organizations must advance their VPN and secure access policies towards a Zero Trust approach of continuous verification and authorizations while also ensuring their employees are educated on the current threat landscape. 

Let us know if you liked this article on LinkedInOpens a new window , TwitterOpens a new window , or FacebookOpens a new window . We would love to hear from you!