One of the latest high-profile hacks of the media world targeted New York Post’s Twitter account this January. Hackers tweeted that China fired missiles at a U.S. Navy ship, the USS George Washington; another message suggested the implementation of an unprecedented U.S. interest-rate policy. At the same time, another news agency had their Twitter access compromised – hackers posted on behalf of United Press International: quote “Pope: World War III has begun.” end quote
These attacks are surprisingly commonplace. Leading security expert Pierluigi Paganini, from the European Union Agency for Network and Information Security, believes that fake news stories are linked to targeted attacks on personal data:
“In many cases, when we’re faced with targeted attacks, you have to consider that the malicious code behind the attacks is what we call ‘zero-day’ attacks. This means that they’re able to exploit vulnerabilities in targeted systems that are not known by a defense system… there is no way to protect yourself from the attacks.”
Another notable hack occurred a bit earlier, when The US Central Command Twitter account was hijacked by a group claiming to represent ISIS. The cybercriminals linked to information which allegedly contained leaked Pentagon plans for potential military action in China and North Korea. They've also posted lists of American generals with their private addresses. Central Command was quick to regain access to the account and assure that the attack had no operational impact, calling it “a case of cyber vandalism” — although we can't know for sure whether it's true, given the whole cloak and dagger nature of military intelligence.
Dr. Sandro Gaycken, a researcher in technology and security at the European School of Management and Technology, on how these attacks happen and their severity:
“It doesn’t really hit any critical systems… the point of this hack is that the attackers hit the twitter account and these accounts are just basically media outlets of the military so they’re not under a lot of scrutiny for high security… we’re seeing this repeatedly that hackers are trying to hijack these media outlets… In these cases it’s mostly the military, and governmental organizations outsource this kind of activity because it’s not relevant for themselves….it’s comparatively easy to break the passwords…”
The purpose of such attacks, which target news outlets and governmental agencies, can be many-fold: spreading false information or leaks, raising awareness, discrediting the organization, or something that is not very obvious. For example, in April 2013: The Associated Press’ Twitter account was hacked. The fake posts claimed there had been explosions at the White House and that President Barack Obama had been injured. The now-obviously false tweets caused the stock markets to decline, briefly causing $136 billion in losses. The Syrian crisis was at the top of the international political agenda at the time and, everyone was on edge. But imagine that – one tweet has the power to incur billions of dollars in damages.