Some of Twitter’s biggest accounts got hacked. It could have been much worse.
Share Now on:
Wednesday, the Twitter accounts of prominent people like Barack Obama, Elon Musk and Bill Gates were hacked. The tweets by hackers were all similar, asking followers to send Bitcoin and receive double the amount in return. The Bitcoin wallets promoted in these tweets received Bitcoin worth more than $100,000.
Marketplace host Kai Ryssdal spoke with Zeynep Tufekci, an associate professor at the University of North Carolina at Chapel Hill, about how the hacks could have played out. The following is an edited transcript of their conversation.
Kai Ryssdal: So let’s say these people yesterday who did this Twitter hack were more clever, more evil, more malicious, and decided instead of doing the Bitcoin thing they wanted to do actual economic damage. How do you suppose that might have gone down?
Zeynep Tufekci: Well, let me up that for you. Let’s say that they tweeted from the president’s account that the missiles are on their way to China, and then went to news accounts like the Associated Press or NPR and other places and confirmed it. China would have about 20 minutes to figure this out, and hopefully they would figure it out, but the kind of role Twitter plays in our information ecology, especially with the president and many other official agencies first tweeting without necessarily other quick ways of verification, there’s so many scenarios. I just gave you a terrible one to say how high the stakes are, but they could have done a lot.
Ryssdal: This is something that we kind of already knew, right? I mean, hacks happened right and left, the president is inconsistent on Twitter and there’s a case to be made you wouldn’t know he’d been hacked based on what the content of the tweet was. What does this tell us about our vulnerability?
Tufekci: Well, the important thing to remember here is we keep telling people, you know, use two-factor authentication, do this, do that, to protect yourself. But the reality is the biggest threat is an insider threat like this, some employee inside the company that has access to what the computer science people would call the God view — you get to see everything at the same time. And that’s just scary because imagine they had tweeted out a coordinated and subtle thing that there was some, you know, major crisis somewhere and the stock market tanked, and in the 15 minutes the stock market tanked, they made a lot of money. And since this thing has happened before, insider attacks have happened before, it just means that we should remember this next time we see something like this, but we haven’t really prepared for it, unfortunately.
Ryssdal: You have been speaking and writing and trying to get your thoughts on this out for a very long time. Do you think we have it in us to fix this? Or to not fall victim, I guess?
Tufekci: I’m almost happy that these people tried a Bitcoin scam, to be honest. I’m sorry that some people may have lost a little bit of money. Hopefully it wasn’t too much, but I hope that it’s a warning because they could have done so much more damage so quickly, and we wouldn’t even realize what they had done until it was too late. So the fact that they tried to just get a little bit of money is actually a favor to us to say, whoa, we are not ready. We are heading into an election, and we have too many chokepoints in our information ecology that are concentrated in a few companies. I’m not saying let’s not use these, but we need to not have them be this important a chokepoint with little accountability.
As a nonprofit news organization, our future depends on listeners like you who believe in the power of public service journalism.
Your investment in Marketplace helps us remain paywall-free and ensures everyone has access to trustworthy, unbiased news and information, regardless of their ability to pay.
Donate today — in any amount — to become a Marketplace Investor. Now more than ever, your commitment makes a difference.