back Back

Don’t be the weak link: recent one-account safety disasters

data breach usa trump election 2020 cyber security cyber threat

On October 16, 2020, a Dutch ethical hacker Victor Gevers figured out the password to Donald Trump’s Twitter account. Gevers says that the two-factor authentication (2FA) was turned off and the password was as easy as “maga2020!” (“maga” stands for the Trump campaign’s slogan “Make America Great Again”). The hacker published the following tweet on behalf of the President:

Victor Gevers is the head of the GDI.foundation, a non-commercial group of 38 volunteers that warn the general public about data breaches, weak passwords and other digital vulnerabilities. He claims that he had tried to contact social media managers of Trump, but his attempts weren’t successful. However, after the attack, the password was changed and the 2FA was set up. Then, on October 20, American cybersecurity specialists got in touch with him. Gevers supposes that   2FA was switched off during the time when Donald Trump was hospitalized with the COVID-19 so that his media managers could publish his tweets. Twitter stated that they do not have information to support the hacker’s claims.

Also, in October 2020, the New York Department of Financial Services published a report investigating a recent Twitter hack. The officials concluded that the service “lacked adequate cybersecurity protections”. The attack took place within 24 hours on July 14, 2020. The criminals used a simple phishing tactic: they called Twitter employees and asked for their log-in credentials claiming to be from Twitter’s IT department. Then they hijacked the profiles of politicians, celebrities, and entrepreneurs, including Barack Obama, Kim Kardashian West, Jeff Bezos, Elon Musk, and several cryptocurrency companies. The scammers also tweeted “double your bitcoin” advertisements, with a link to cryptocurrency payments. The group managed to steal over $118,000 worth of bitcoins from Twitter users.   

As you can see, falling victim to such attacks means not only losing money, but also huge reputational damage and problems with regulatory bodies. 

 

Everyone is a potential target

It is important to understand that cybercriminals are not interested exclusively in the data of presidents and celebrities. Even if you don’t own a business, your data still can serve as a gateway to the company’s systems. So one’s careless online behavior can lead to the person being legally and financially responsible for the losses of their organization.

Recently, a skilled hacker group managed to steal $15 million from an American company only through one employee’s compromised e-mail. They accessed the e-mail conversation about a financial transaction, then provided altered details for the money transfer. They also carefully concealed the traces of this e-mail exchange, and immediately moved the money to an undetectable foreign bank. The specialists of Mitiga, who investigated the incident, found out that the list of this criminal group victims might be in the dozens, including organizations in finance, retail, construction, and legal sectors. 

This year we’ve seen a spike in ransomware attacks. And in many cases, the scammers don’t breach the corporate systems themselves, they just buy the access on the dark web. The offers like this appear on the forums almost on the daily basis:

Another accelerating trend is the hackers exploiting the vulnerabilities of the public wi-fi networks. More and more people are working remotely outside of secure corporate systems. Very often the networks in libraries, cafes, conference spaces and hotels cannot ensure protection of confidential user data. FBI even published a public service announcement about hotel guests security risks, warning people about such scams as “evil twin networks” and false login pages.

 

The motivation behind attacks on ordinary users

Cybercriminals are interested in all sorts of data. So you might get attacked even if you don’t have access to some valuable corporate information.

What are the incentives of the attackers? There are many of them, such as:

  • Sending spam through social networking sites to trick your friends and family to transfer them money;

  • Stealing your credit card credentials;

  • Accessing your personal data and important documents;

  • Collecting information about you and your family to plot other scams;

  • Selling your compromised accounts to the dark web brokers;

  • Accessing the software and services that you use;

  • Watching your house to commit a burglary.

For instance, in October 2020 a hacker group put for sale access to the footage of 50,000 home security cameras. Also, in December last year, the credentials for 3,572 Amazon Ring cameras were exposed, including owners’ e-mails, passwords, time zones and camera names, such as “front door”, “kitchen” or “bedroom”. It allowed the intruders to access live camera footage as well as the video history of the users.    

 

What to keep in mind to stay safe

How can you protect yourself against such threats?

  • Use strong and unique passwords for all services.

  • Set up two-factor authentication where possible.

  • Monitor the safety of your data, act immediately if your accounts are compromised and published on the dark web. This can be done with the help of professional services such as Breach Report.

  • Don’t connect to public wi-fi. If you really have to, use a VPN.

  • Delete the accounts that you no longer need.

  • Install regularly updated anti-virus software.

  • Use critical thinking when you receive a disturbing message about your card or account being suspended. A key phishing tactic is to play on emotions to fool the victims. Take some time to verify the information and keep a cool head.

  • Be careful when surfing the web. Do not visit websites that look suspicious and unsafe. Do not follow the links from untrusted sources. Always check the URL when receiving a link to the trusted website, it can have a one-letter difference and lead you to the phishing address.

  • Pay attention to the sender’s name and address. The criminals often try to pose as legitimate organizations.

  • If a message from your friend, relative, employer or bank looks suspicious, call them directly (NOT via the number in the message).

To sum up, the Breach Report team recommends you to stay informed and on top of the latest security trends to keep yourself, your families and your organizations safe.