Twitter CEO Jack Dorsey’s Twitter Account Hack: Cybersecurity Expert Explains

The Twitter account of Twitter CEO Jack Dorsey, known by twitter handle @jack was apparently hacked last friday. The suspected method o fthe account takeover is a SIM swap, whereby attacker intercept the SMS message by changing teh association of SIM card number to different device.

Experts Comments

September 02, 2019
Alexander García-Tobar
CEO and Co-founder
Valimail
This incident is a perfect example of the risks associated with communication – any form of communication – when sender identity is not authenticated. A hacker or hackers were able to take over or spoof Jack Dorsey’s phone number, probably by impersonating him in a call to his mobile service provider. The spoofed tweets sent through Dorsey’s account are despicable and offensive, yet far greater damage can be done using similar techniques. We see this play out over and over again.....Read More
This incident is a perfect example of the risks associated with communication – any form of communication – when sender identity is not authenticated. A hacker or hackers were able to take over or spoof Jack Dorsey’s phone number, probably by impersonating him in a call to his mobile service provider. The spoofed tweets sent through Dorsey’s account are despicable and offensive, yet far greater damage can be done using similar techniques. We see this play out over and over again with email communication. A hacker leverages impersonation to send extremely convincing spear phishing emails to a company employee, and in no time, fake invoices are paid, consumers’ data exposed, wire transfers are made to fake companies - the list is endless. To stop these attacks, we must focus on validating and authenticating sender identity, no matter the form of communication. With email, we can do this by taking steps like properly enforcing DMARC and implementing advanced anti-phishing solutions that confirm senders’ identities before allowing emails to enter employees’ inboxes. Until we prioritize these initiatives as a society, we will continue to see attacks and an erosion of trust in our main forms of communication: phone, text, email, and social media.  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.