Twitter Employees Handed Over VPN Credentials That Led To Infamous July Hack

The huge Twitter hack that occurred back in July came about due to stolen VPN credentials, according to TechRadar. It has now been revealed that Twitter employees were tricked into handing over their account details by hackers that had managed to create a site that looked identical to the genuine VPN login page. The hackers pretended to be from the social network’s internal IT department, telephoning members of staff to ask for the relevant credentials. Such claims were believed because VPN issues were commonplace at the time.

Experts Comments

October 20, 2020
Jake Moore
Cybersecurity Specialist
ESET
Most successful cyberattacks are far from simple – instead, they require multiple elements that must work simultaneously to pull off a full-blown attack, especially for a hack of the magnitude we saw against Twitter. In this current moment, with millions of employees working remotely, it is easier than ever for cybercriminals to socially engineer their intended targets, and taking on the guise of remote IT workers gave Twitter’s attackers a level of legitimacy that allowed this element of.....Read More
Most successful cyberattacks are far from simple – instead, they require multiple elements that must work simultaneously to pull off a full-blown attack, especially for a hack of the magnitude we saw against Twitter. In this current moment, with millions of employees working remotely, it is easier than ever for cybercriminals to socially engineer their intended targets, and taking on the guise of remote IT workers gave Twitter’s attackers a level of legitimacy that allowed this element of the hack to be successful. This tactic clearly fooled those involved, which highlights just how important constant vigilance and awareness are in all companies, no matter how big or small. We are seeing increasing numbers of high profile attacks, and organisations need to remember that cybercriminals will persistently look for cracks in the system. All too often, cybercriminals find it far simpler to hack a human than a network. Companies must equip staff with the tools they need to protect them from social engineering, especially if they are working remotely. Updated security is vital when many employees are forced to work outside of the better-protected office environment. Threat actors are quick to adapt to changes in the workplace.  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.