Sorry!! The article you are trying to read is not available now.
Thank you very much;
you're only a step away from
downloading your reports.

How Twitter Accounts -- Like the AP's -- Get Hacked

By

While the people who run the AP's social media accounts are surely reviewing their security procedures even now, it's worth pointing out that defending against such attacks is relatively simple.

PrintPRINT
The Twitter account belonging to the Associated Press was just hacked and used to tweet that there were explosions at the White House. Markets immediately reacted accordingly, with the Dow (INDEXDJX:.DJI) dropping 144 points before recovering in minutes, demonstrating the power that such hacks have.

While the people who run the AP's social media accounts are surely reviewing their security procedures even now, it's worth pointing out that defending against such attacks is relatively simple. Twitter's official page on what to do when an account is compromised has a helpful section on the subject, which cites everything from computer viruses to handing out your Twitter credentials to malicious websites as sources of Twitter hacks.

But the truth is, across all password-protected sites on the Web, the mostly likely way for an account to be compromised is simply bad password hygiene, aka password re-use. When hackers compromise a site with weak security, they get their hands on huge databases of password and email address pairs. Then, when they want to attack a site with good security, like Twitter, they simply try out passwords gained in the previous attack. It works because the passwords are often the same across sites-i.e., humans are lazy.

We all do it: Who can remember a different password for every site that we visit? Fortunately, you don't have to. There are some straightforward ways to make your passwords on critical sites much less likely to be exposed in attacks on other sites.

But if Twitter wants to get serious about the astonishing amount of hacking that happens on the site, it really needs to implement another layer of security. Google (NASDAQ:GOOG) has already, and so has Microsoft (NASDAQ:MSFT): It's called two-factor authentication. In the case of Google, it means that when you try to log into your account, it won't let you in until you've also entered a six-digit code that Google texts to you. Just adding that extra layer of security-how likely is it that a hacker also has physical access to your phone or has compromised it?-reduces successful hacks to almost zero, at least for now.

This story by Christopher Mims originally appeared on Quartz.

More from Quartz:


Someone Could Have Just Made a Ton of Money Hacking the AP's Twitter Account

How the Syrian Electronic Army Hacked the AP-And Who Are These Guys Anyway?

Markets Briefly Plunge After AP's Hacked Twitter Account Falsely Reports White House Explosions




No positions in stocks mentioned.
PrintPRINT
 
Featured Videos

WHAT'S POPULAR IN THE VILLE