Social media companies need a dedicated regulator and more forceful oversight to prevent their weaponization by cybercriminals. This was one of the recommendations made by the New York Department of Financial Services (NYDFS) in its report on this year’s Twitter hack. The regulator further criticized the lack of leadership at Twitter which made it easier for the hackers to infiltrate the platform.
Titled ‘Twitter Investigation Report,’ it looked at how the hackers were able to infiltrate one of the world’s most popular and influential social media platforms, how Twitter was able to regain control, what could have been done better to prevent the incident and the way forward for social media companies. The report also talked about how NYDFS-regulated digital currency exchanges were involved and praised their quick reaction which mitigated the damage.
As CoinGeek reported previously, the alleged teen Twitter hackers didn’t use any sophisticated hacking tools. Instead they relied on social engineering techniques, getting some of the Twitter employees to input their login credentials on a clone website.
This kind of attack stems from a lack of leadership at Twitter, the NYDFS stated. Twitter has not had a chief information security officer (CISO) since December 2019, it revealed.
“A lack of strong leadership and senior-level engagement is a common source of cybersecurity weaknesses.”
Twitter has also turned to remote working this year due to the COVID-19 pandemic, a factor that the hackers exploited. While switching to remote working was a great move, the company could have done more to mitigate the heightened risk to its remote workforce, NYDFS stated. However, the Jack Dorsey-led company has informed the NYDFS that it’s taking measures to ensure such vulnerabilities aren’t exploited in the future.
The regulator also made some recommendations on how digital currency companies can prevent such attacks in the future. They include blocking addresses associated with scammers, a step that four NYDFS-regulated exchanges took quickly following the hack. Coinbase reportedly blocked 5,670 transfers valued at $1.3 million, Square blocked 358 transfers valued at $51,000, with Gemini and Bitstamp blocking $1,800 and $250 respectively.
The regulator further called on public oversight of social media companies. Currently, regulators only focus on anti-trust and content moderation issues, but this isn’t enough. The NYDFS proposed the setting up of a social media regulator, either as a new institution or as a new department in an existing regulatory body.
Watch the CoinGeek Live panel, Re-Invent the Internet: New Models for Digital Media & User Content.
New to Bitcoin? Check out CoinGeek’s Bitcoin for Beginners section, the ultimate resource guide to learn more about Bitcoin—as originally envisioned by Satoshi Nakamoto—and blockchain.