Twitter and Washington Post targeted by hackers

 

Social media giant Twitter is among the latest US companies to acknowledge that it is among a growing list of victims of Internet security attacks, saying that hackers may have gained access to information on 250,000 of its more than 200 million active users. And now, The Washington Post is joining the chorus, saying that it discovered that it was the target of a sophisticated cyberattack in 2011.

Twitter said a blog post on Friday it detected attempts to gain access to its user data earlier in the week. It shut down one attack moments after it was detected.

But Twitter discovered that the attackers may have stolen user names, email addresses and encrypted passwords belonging to 250,000 users they describe as 'a very small percentage of our users.“

Nonetheless, the company reset the pilfered passwords and sent emails advising the affected users.

The online attack comes on the heels of recent hacks into the computer systems of US media and technology companies, including The New York Times and The Wall Street Journal. Both American newspapers reported this week that their computer systems had been infiltrated by China-based hackers, likely to monitor media coverage the Chinese government deems important.

On Friday, The Washington Post disclosed in an article published on its website that it was the target of a sophisticated cyberattack, which was discovered in 2011. The company's spokeswoman, Kris Coratti, didn't offer any details including the duration of the attack or the origins. But according to sources that the paper quoted, who it said spoke on condition of anonymity, the intruders gained access as early as 2008 or 2009.

The cyberattack was first reported by an independent cybersecurity blog on Friday.

“Like other companies in the news recently, we face cybersecurity threats,” Coratti was quoted as saying. “We have a number of security measures in place to guard against cyberattacks on an ongoing basis.”

According to Coratti's comments made to the newspaper, the company worked with security company Mandiant to “detect, investigate and remediate the situation promptly at the end of 2011.”

Coratti couldn't be reached immediately for comment by The Associated Press.

China has been accused of mounting a widespread, aggressive cyber-spying campaign for several years, trying to steal classified information and corporate secrets and to intimidate critics. The Chinese foreign ministry could not be reached for comment, but the Chinese government has said those accusations are baseless and that China itself is a victim of cyber-attacks.

“Chinese law forbids hacking and any other actions that damage Internet security,” the Chinese Defense Ministry recently said. “The Chinese military has never supported any hacking activities.”

Twitter's director of information security, Bob Lord, said in the blog that the attack “was not the work of amateurs, and we do not believe it was an isolated incident.”

“The attackers were extremely sophisticated, and we believe other companies and organizations have also been recently similarly attacked,” Lord said. “For that reason we felt that it was important to publicise this attack while we still gather information, and we are helping government and federal law enforcement in their effort to find and prosecute these attackers to make the Internet safer for all users.”

One expert said that the Twitter hack probably happened after an employee's home or work computer was compromised through vulnerabilities in Java, a commonly used computing language whose weaknesses have been well publicized.

Ashkan Soltani, an independent privacy and security researcher, said such a move would give attackers “a toehold” in Twitter's internal network, potentially allowing them either to sniff out user information as it traveled across the company's system or break into specific areas, such as the authentication servers that process users' passwords.

The relatively small number of users affected suggested either that attackers weren't on the network long or that they were only able to compromise a subset of the company's servers, Soltani said.

Twitter is generally used to broadcast messages to the public, so the hacking might not immediately have yielded any important secrets. But the stolen credentials could be used to eavesdrop on private messages or track which Internet address a user is posting from.

That might be useful, for example, for an authoritarian regime trying to keep tabs on a journalist's movements.

“More realistically, someone could use that as an entry point into another service,” Soltani said, noting that since few people bother using different passwords for different services, a password stolen from Twitter might be just as handy for reading a journalist's emails.

Voices
Barn owls are among species that could be affected
charity appeal
Sport
After another poor series in Sri Lanka, Alastair Cook claimed all players go through a lean period
cricketEoin Morgan reportedly to take over ODI captaincy as ECB finally wield the axe
Arts and Entertainment
a clockwork orange, stanley kubrick
film
News
news... you won't believe how bad their skills were
PROMOTED VIDEO
Life and Style
ebookNow available in paperback
Life and Style
ebooksA superb mix of recipes serving up the freshest of local produce in a delicious range of styles
Latest stories from i100
Have you tried new the Independent Digital Edition apps?
Independent Dating
and  

By clicking 'Search' you
are agreeing to our
Terms of Use.

ES Rentals

    iJobs Job Widget
    iJobs Gadgets & Tech

    Ashdown Group: (PHP / Python) - Global Media firm

    £50000 per annum + 26 days holiday,pension: Ashdown Group: A highly successful...

    Ashdown Group: Part time Network Support Analyst / Windows Systems Administrat

    £30 per hour: Ashdown Group: An industry leading and well established business...

    Ashdown Group: Trainee / Graduate Helpdesk Analyst

    £20000 per annum: Ashdown Group: A highly reputable business is looking to rec...

    Ashdown Group: Application Support Engineer with SQL skills

    £28000 per annum: Ashdown Group: A highly reputable business is looking to rec...

    Day In a Page

    Homeless Veterans appeal: 'You look for someone who's an inspiration and try to be like them'

    Homeless Veterans appeal

    In 2010, Sgt Gary Jamieson stepped on an IED in Afghanistan and lost his legs and an arm. He reveals what, and who, helped him to make a remarkable recovery
    Could cannabis oil reverse the effects of cancer?

    Could cannabis oil reverse effects of cancer?

    As a film following six patients receiving the controversial treatment is released, Kate Hilpern uncovers a very slippery issue
    The Interview movie review: You can't see Seth Rogen and James Franco's Kim Jong Un assassination film, but you can read about it here

    The Interview movie review

    You can't see Seth Rogen and James Franco's Kim Jong Un assassination film, but you can read about it here
    Serial mania has propelled podcasts into the cultural mainstream

    How podcasts became mainstream

    People have consumed gripping armchair investigation Serial with a relish typically reserved for box-set binges
    Jesus Christ has become an unlikely pin-up for hipster marketing companies

    Jesus Christ has become an unlikely pin-up

    Kevin Lee Light, aka "Jesus", is the newest client of creative agency Mother while rival agency Anomaly has launched Sexy Jesus, depicting the Messiah in a series of Athena-style poses
    Rosetta space mission voted most important scientific breakthrough of 2014

    A memorable year for science – if not for mice

    The most important scientific breakthroughs of 2014
    Christmas cocktails to make you merry: From eggnog to Brown Betty and Rum Bumpo

    Christmas cocktails to make you merry

    Mulled wine is an essential seasonal treat. But now drinkers are rediscovering other traditional festive tipples. Angela Clutton raises a glass to Christmas cocktails
    5 best activity trackers

    Fitness technology: 5 best activity trackers

    Up the ante in your regimen and change the habits of a lifetime with this wearable tech
    Paul Scholes column: It's a little-known fact, but I have played one of the seven dwarves

    Paul Scholes column

    It's a little-known fact, but I have played one of the seven dwarves
    Fifa's travelling circus once again steals limelight from real stars

    Fifa's travelling circus once again steals limelight from real stars

    Club World Cup kicked into the long grass by the continued farce surrounding Blatter, Garcia, Russia and Qatar
    Frank Warren column: 2014 – boxing is back and winning new fans

    Frank Warren: Boxing is back and winning new fans

    2014 proves it's now one of sport's biggest hitters again
    Jeb Bush vs Hillary Clinton: The power dynamics of the two first families

    Jeb Bush vs Hillary Clinton

    Karen Tumulty explores the power dynamics of the two first families
    Stockholm is rivalling Silicon Valley with a hotbed of technology start-ups

    Stockholm is rivalling Silicon Valley

    The Swedish capital is home to two of the most popular video games in the world, as well as thousands of technology start-ups worth hundreds of millions of pounds – and it's all happened since 2009
    Did Japanese workers really get their symbols mixed up and display Santa on a crucifix?

    Crucified Santa: Urban myth refuses to die

    The story goes that Japanese store workers created a life-size effigy of a smiling "Father Kurisumasu" attached to a facsimile of Our Lord's final instrument of torture
    Jennifer Saunders and Kate Moss join David Walliams on set for TV adaptation of The Boy in the Dress

    The Boy in the Dress: On set with the stars

    Walliams' story about a boy who goes to school in a dress will be shown this Christmas