security

Twitter Distributes Phishing-Resistant Security Keys to Employees toPrevent Another High-Profile Attack – Tech Times


Twitter has increased its security features as it now distributes security keys to employees to avoid another cyberattack, particularly before the election season.

Twitter has been targeted by cyberattackers who took over high-profile accounts on July 15, which include former President Barack Obama to tech superpowers Elon Musk, Bill Gates, and Jeff Bezos, to celebrity couple Kanye and Kim Kardashian West, and other companies and big names in the tech industry, entertainment, and politics.

Twitter now distributes phishing-resistant security keys to employees after July high-profile attack

(Photo : Joshua Hoehne/Unsplash)
Twitter now distributes phishing-resistant security keys to employees after July high-profile attack

Twitter said in the blog post that hackers have “successfully manipulated a small number of employees” to use their access into an internal administrative tool. They hijacked these accounts to run a Bitcoin scam and easily raked up to $118,000 within hours.

To avoid another cyberattack, Twitter posted a blog how the social media company has been keeping it secure, particularly as the election season in the United States is approaching. Primarily, the company has started issuing security keys to its employees worldwide who are required to use these phishing-resistant codes.

In 2018, Google said it had “no reported or confirmed account takeovers” after making it mandatory for employees to use physical security keys for two-factor authentication in 2017.

A U2F Security Key by Yubico

(Photo : Bautsch/Wiki Commons)
Yubico FIDO U2F Security Key

Also, Twitter has put its security teams who have access to customer data under rigorous training. While these employees can only access user data to help those who were locked out of their accounts and other valid reasons, the company had to further strengthen its security measures and avoid another social engineering attack.

Meanwhile, new employees had to go through privacy, data protection trainings, and security trainings, including sessions on how to avoid becoming phishing targets by cyberattackers. Moreover, Twitter also said it has been constantly improving its internal detection and monitoring tools to warn the company for unauthorized access.

Read also: Musk, Gates, Bezos, Others Subjected to Recent Hack that Tricked People to Send Over $100,000 to a Bitcoin Wallet

Twitter: prepping for the U.S. election

Earlier this month, Twitter shared another blog that it has increased its security measures for election-related Twitter accounts in the U.S. On September 17, the company started sending in-app notifications to high-profile account advising them about the new security requirements such as enabling password reset protection by default as well as urging account handlers to use two-factor authentication to prevent unauthorized logins.

Twitter notification sent to high-profile accounts

(Photo : Twitter)
Twitter notification sent to high-profile accounts

Among these high-profile accounts are political parties, presidential campaigns, and candidates running for U.S. house representatives, senators; current members of the executive branch and congress; governors and secretaries of state as well as major news outlets and political journalists in America.

Twitter believes that employing these security measures is critical in preventing any cyberattack or unauthorized access. “You will continue to see us introduce new protections and features to help safeguard accounts,” Twitter noted.

Meanwhile, Twitter promised to roll out improvements to its privacy settings in the future and to further invest in technologies, resources, and the teams to support this critical job. The company also said it is enhancing its design and navigation improvements for the privacy settings to make it easier for users to use the settings and controls it offers. “You’ll see these improvements in Twitter soon,” the post said.

Read also: Twitter Confirms Direct Messages of 36 High Profile Accounts were Compromised in Recent Hack

This is owned by Tech Times

Written by CJ Robles

 

ⓒ 2018 TECHTIMES.com All rights reserved. Do not reproduce without permission.





READ SOURCE

Leave a Reply