March 13, 2021

The Twitter Hack Shows a Major Cybersecurity Vulnerability: Employees

twitter hack

In July 2020, Twitter fell victim to a massive “coordinated social engineering attack” compromising some of social media giant’s highest profile accounts – including those of Barack Obama, Elon Musk, Bill Gates, and Kanye West – to launch a crypto scam targeting those users’ followers. The breach resulted in $120,000 in untraceable Bitcoin payments and, perhaps most seriously, damage to the Twitter brand.

While the attack made headlines, it is just one example of the growing number of cyber-attacks on both small and large companies. These attacks often involve social engineers looking for ways to deceive or trick employees. The employees become unwitting accomplices in an attack that bypasses their own company’s security measures meant to prevent penetration from the outside.

 There are more than a dozen types of social engineering attacks that are being perpetrated. The most common attack would be “phishing emails,” which tend to imitate a trusted source such as a colleague or manager. Given an employee’s small lapse in judgement and lack of discipline to truly recognize the situation, the attacker can obtain a piece of the puzzle he needs to breach company data. Alarmingly, most data is much more actionable and accessible than people recognize. Basic research on social media or Google can reveal just enough for the attacker to recognize a vulnerability and exploit a company’s weakness. The practice of collecting this information, commonly known by experts as cyber-reconnaissance, powers more than 90% of successful cyber-breaches today, according to a report from Verizon.

Cyber security is an industry that continues to grow at an exponential rate – most recently driven by COVID-19’s demand for online work. One recent report predicts that between 2017 and 2021, cybersecurity spending will exceed $1 trillion cumulatively. The next generation of cybersecurity tools needs to focus on cyber-hygiene, actively identifying what information is available to the public and finding ways to reduce that footprint to protect both companies and individuals.


Stay up to date on the latest Picnic developments.

Scroll to Top