What do you think? Leave a respectful comment.

What high-profile hacking attacks say about cybersecurity

Two major cybersecurity intrusions, each with global implications, are in the news. On Wednesday, hackers accessed high-profile Twitter accounts, using them to promote the cryptocurrency Bitcoin. Also, three countries accused Russia of trying to steal research into a possible COVID-19 vaccine. William Brangham talks to the Wilson Center’s Nina Jankowicz and cybersecurity expert Dmitri Alperovitch.

Read the Full Transcript

  • Amna Nawaz:

    We return now to the two cyber-intrusion stories, the hacking of Twitter and the allegation that Russians tried to access vaccine research.

    So, what does all this mean for social media security and for the upcoming election?

    Here's William Brangham.

  • William Brangham:

    Amna, a stark warning came last night from the U.K., the U.S. and Canada: Not only were Russian operatives trying to steal information about the development of a coronavirus vaccine, but it was being done by the same Russian intelligence unit that hacked into the Democratic National Committee back during the 2016 presidential election.

    The British foreign secretary also said Russian agents attempted to interfere in last year's British general election.

    And Twitter suffered a serious intrusion last night. The accounts of Barack Obama, Joe Biden, Bill Gates, Warren Buffett, Michael Bloomberg, and other high-profile people were all taken over by hackers. The hackers tried to get people to pay money to them in the cryptocurrency known as Bitcoin.

    We look at these broader issues that are brought up by these with two experts who are familiar with the methods used, the possible damage and the threat to our democracy.

    Nina Jankowicz is the author of "How to Lose the Information War" and a fellow at The Wilson Center, which is a Washington-based think tank. And Dmitri Alperovitch, he traced the 2016 DNC hack to Russian intelligence while he was at a cybersecurity firm hired to investigate that breach. He's now starting a nonprofit that focuses on cybersecurity and trade.

    Welcome to you both. Thank you very much for being here.

    Dmitri, to you first.

    About this Twitter hack, can you just give us a sense, what is it that we know happened?

  • Dmitri Alperovitch:

    Well, we actually have some breaking news to reveal just in the last few minutes before we went on the air.

    And that is that we may have possible attribution to who may have been behind this attack. This is the worst breach of social media platform on record. And it was quite devastating to Twitter itself, because what the attackers did is, they managed to get access to an internal tool within Twitter known as God Mode that allows internal Twitter employees to manage accounts of anyone on the platform.

    And what it allowed the attackers to do is take over an account, being able to log in as that user, being able to obviously send out tweets, but also potentially look at direct messages that that person may be engaged in, reset the passwords, change their e-mail addresses and the like.

    And what looks like have happened is that someone had gained access to that internal tool, potentially by social engineering Twitter employees, and getting access to that internal Twitter network, and then started reselling access to individual accounts on Twitter.

    So, we may actually have a number of criminal organizations and individuals that have used that access, that have bought it for about $250 in the underground channels, to try to take over accounts of both celebrities and major political figures, in order to perpetrate this Bitcoin scam, but also potentially to do other nefarious things.

  • William Brangham:

    Well, Dmitri, that's some obviously interesting developments we're learning about just this evening.

    Nina, to you.

    This is not the first time that Twitter has been breached. We saw the CEO, Jack Dorsey, of Twitter got his account hacked. This does not look good for Twitter, which is obviously an enormously important social media platform.

  • Nina Jankowicz:

    No, it doesn't look good for Twitter. But, frankly, Twitter is not the only social media platform or the only tech platform or the only company that is dealing with poor data stewardship right now.

    Facebook has had a number of breaches. In one, 90 million accounts were affected, when people used the view as function to exploit a loophole and gain access to accounts.

    The list is very long. And I think this points to a need for some really good regulation, regulation that has teeth, so that our social media platforms that have so much information about our likes, our dislikes, our habits of engagement and consumption, our personal information, are held accountable when this data goes missing or when they aren't protecting it to the degree that they ought to.

  • William Brangham:

    Dmitri, is that your sense? Is there something that we could do to — obviously, these warnings have been shooting off like red flares for years now.

    What are we not doing to encourage and force — force the hands of these companies to try to tighten up their security?

  • Dmitri Alperovitch:

    Well, I do think, when it comes to Twitter, they have had plenty of warnings.

    In fact, just last year, a number of individuals were indicted by the FBI that were working inside Twitter on behalf of the Saudi government, and were providing the Saudi government with private information using their access on various dissidents that the Saudi government was interested in.

    So Twitter had plenty of warnings that, not just criminal groups, but nation states, were interested in the data that the company has on individuals all over the world. So, they really needed to get their security up and monitor very, very closely access to these internal powerful applications that allow you to get private information, but also to take over accounts.

    Clearly, something went wrong here, and more needs to be done.

  • William Brangham:

    Nina, let's turn to this other allegation of cyber-intrusion, which is the allegation that the Russian security forces have been trying to penetrate the computers of companies that are developing coronavirus vaccines.

    What do we know about what happened and what they — what might have gone down there?

  • Nina Jankowicz:

    Well, what we know so far is that the same Russian group that hacked the Democratic National Committee in 2016 was trying to gain access to intellectual property and supply chain information related to the vaccine development for the coronavirus.

    So far, we don't think any public health was affected, likely just economic impact. But this is really a scary indication of where we are in terms of countering Russian information operations. We have had for years to get it together, and we have done very, very little to deter Russia and other bad actors, of which there are many, from these sorts of exploits.

    Not only are they trying to deal with coronavirus vaccine information. They're also still trying to influence our elections, which are approaching ever more quickly. The U.S. government has not done enough to deter these organizations.

    And the Trump administration instead has curried favor with Putin and trusted Putin's word over the word of its intelligence community. I think this is a dereliction of duty. And, certainly, I think we all need to be very worried for what's to come in November.

  • William Brangham:

    Dmitri, you're obviously familiar with this particular Russian unit. You have had some dealings with them, so to speak, in the past.

    What is your sense of what they're trying to get at? Were they simply trying to look at the development of the vaccine? Were they trying to steal something? What do we know about that?

  • Dmitri Alperovitch:

    So, this is actually one of the units that was responsible for the hack of the DNC. And it's not the most well-known unit

    The one that everyone thinks of and the one that was indicted by the Justice Department a few years ago was known as GRU, Russian military intelligence, that not just — didn't just hack the e-mails, but also leaked them out publicly and provided them to WikiLeaks.

    This is a different unit that went into the DNC year prior, and, as far as we know, was not responsible for any leaking of information. It was probably engaged just in political espionage on campaigns.

    And it's believed to be tied to SVR, Russian civilian intelligence agency, that was sort of the precursor — the successor to the KGB. And I'm a lot less concerned, to be honest with you, about this particular attempted hack, because the reality is, every country in the world right now, every intelligence agency is probably tasked with getting information vaccine developments.

    And I would certainly hope that the U.S. intelligence community is doing the same thing against Russia, China and anyone else that is working on vaccines, because it is in the interest of every country to develop a vaccine and solve this crisis as quickly as possible.

    We have thousands of people that are dying every day. So, of all the things to be concerned about — and there's certainly plenty, and the Russians are doing a lot of nefarious things that we should be confronting — this is ranking very, very low on my list of concerns.

  • William Brangham:

    All right, Dmitri Alperovitch and Nina Jankowicz, thank you both very much for being here.

Listen to this Segment