Twitter and Washington Post targeted by hackers

 

Social media giant Twitter is among the latest US companies to acknowledge that it is among a growing list of victims of Internet security attacks, saying that hackers may have gained access to information on 250,000 of its more than 200 million active users. And now, The Washington Post is joining the chorus, saying that it discovered that it was the target of a sophisticated cyberattack in 2011.

Twitter said a blog post on Friday it detected attempts to gain access to its user data earlier in the week. It shut down one attack moments after it was detected.

But Twitter discovered that the attackers may have stolen user names, email addresses and encrypted passwords belonging to 250,000 users they describe as 'a very small percentage of our users.“

Nonetheless, the company reset the pilfered passwords and sent emails advising the affected users.

The online attack comes on the heels of recent hacks into the computer systems of US media and technology companies, including The New York Times and The Wall Street Journal. Both American newspapers reported this week that their computer systems had been infiltrated by China-based hackers, likely to monitor media coverage the Chinese government deems important.

On Friday, The Washington Post disclosed in an article published on its website that it was the target of a sophisticated cyberattack, which was discovered in 2011. The company's spokeswoman, Kris Coratti, didn't offer any details including the duration of the attack or the origins. But according to sources that the paper quoted, who it said spoke on condition of anonymity, the intruders gained access as early as 2008 or 2009.

The cyberattack was first reported by an independent cybersecurity blog on Friday.

“Like other companies in the news recently, we face cybersecurity threats,” Coratti was quoted as saying. “We have a number of security measures in place to guard against cyberattacks on an ongoing basis.”

According to Coratti's comments made to the newspaper, the company worked with security company Mandiant to “detect, investigate and remediate the situation promptly at the end of 2011.”

Coratti couldn't be reached immediately for comment by The Associated Press.

China has been accused of mounting a widespread, aggressive cyber-spying campaign for several years, trying to steal classified information and corporate secrets and to intimidate critics. The Chinese foreign ministry could not be reached for comment, but the Chinese government has said those accusations are baseless and that China itself is a victim of cyber-attacks.

“Chinese law forbids hacking and any other actions that damage Internet security,” the Chinese Defense Ministry recently said. “The Chinese military has never supported any hacking activities.”

Twitter's director of information security, Bob Lord, said in the blog that the attack “was not the work of amateurs, and we do not believe it was an isolated incident.”

“The attackers were extremely sophisticated, and we believe other companies and organizations have also been recently similarly attacked,” Lord said. “For that reason we felt that it was important to publicise this attack while we still gather information, and we are helping government and federal law enforcement in their effort to find and prosecute these attackers to make the Internet safer for all users.”

One expert said that the Twitter hack probably happened after an employee's home or work computer was compromised through vulnerabilities in Java, a commonly used computing language whose weaknesses have been well publicized.

Ashkan Soltani, an independent privacy and security researcher, said such a move would give attackers “a toehold” in Twitter's internal network, potentially allowing them either to sniff out user information as it traveled across the company's system or break into specific areas, such as the authentication servers that process users' passwords.

The relatively small number of users affected suggested either that attackers weren't on the network long or that they were only able to compromise a subset of the company's servers, Soltani said.

Twitter is generally used to broadcast messages to the public, so the hacking might not immediately have yielded any important secrets. But the stolen credentials could be used to eavesdrop on private messages or track which Internet address a user is posting from.

That might be useful, for example, for an authoritarian regime trying to keep tabs on a journalist's movements.

“More realistically, someone could use that as an entry point into another service,” Soltani said, noting that since few people bother using different passwords for different services, a password stolen from Twitter might be just as handy for reading a journalist's emails.

Life and Style
ebookNow available in paperback
ebooks
ebookPart of The Independent’s new eBook series The Great Composers
Latest stories from i100
Have you tried new the Independent Digital Edition apps?
Independent Dating
and  

By clicking 'Search' you
are agreeing to our
Terms of Use.

ES Rentals

    iJobs Job Widget
    iJobs Gadgets & Tech

    Recruitment Genius: PHP Developer - Mid / Senior

    £25000 - £40000 per annum: Recruitment Genius: This fast growing digital agenc...

    Ashdown Group: SQL DBA - Croydon - up to £65,000

    £58000 - £65000 per annum: Ashdown Group: SQL DBA - Bromley, South East London...

    Ashdown Group: Service Delivery Manager - Retail / FMCG / WMS Operations

    £55000 - £65000 per annum + Benefits: Ashdown Group: Service Delivery Manager ...

    Recruitment Genius: Software Developer

    £25000 - £35000 per annum: Recruitment Genius: A Software Developer is require...

    Day In a Page

    No postcode? No vote

    Floating voters

    How living on a houseboat meant I didn't officially 'exist'
    Louis Theroux's affable Englishman routine begins to wear thin

    By Reason of Insanity

    Louis Theroux's affable Englishman routine begins to wear thin
    Power dressing is back – but no shoulderpads!

    Power dressing is back

    But banish all thoughts of Eighties shoulderpads
    Spanish stone-age cave paintings 'under threat' after being re-opened to the public

    Spanish stone-age cave paintings in Altamira 'under threat'

    Caves were re-opened to the public
    'I was the bookies’ favourite to be first to leave the Cabinet'

    Vince Cable interview

    'I was the bookies’ favourite to be first to leave the Cabinet'
    Election 2015: How many of the Government's coalition agreement promises have been kept?

    Promises, promises

    But how many coalition agreement pledges have been kept?
    The Gaza fisherman who built his own reef - and was shot dead there by an Israeli gunboat

    The death of a Gaza fisherman

    He built his own reef, and was fatally shot there by an Israeli gunboat
    Saudi Arabia's airstrikes in Yemen are fuelling the Gulf's fire

    Saudi airstrikes are fuelling the Gulf's fire

    Arab intervention in Yemen risks entrenching Sunni-Shia divide and handing a victory to Isis, says Patrick Cockburn
    Zayn Malik's departure from One Direction shows the perils of fame in the age of social media

    The only direction Zayn could go

    We wince at the anguish of One Direction's fans, but Malik's departure shows the perils of fame in the age of social media
    Young Magician of the Year 2015: Meet the schoolgirl from Newcastle who has her heart set on being the competition's first female winner

    Spells like teen spirit

    A 16-year-old from Newcastle has set her heart on being the first female to win Young Magician of the Year. Jonathan Owen meets her
    Jonathan Anderson: If fashion is a cycle, this young man knows just how to ride it

    If fashion is a cycle, this young man knows just how to ride it

    British designer Jonathan Anderson is putting his stamp on venerable house Loewe
    Number plates scheme could provide a licence to offend in the land of the free

    Licence to offend in the land of the free

    Cash-strapped states have hit on a way of making money out of drivers that may be in collision with the First Amendment, says Rupert Cornwell
    From farm to fork: Meet the Cornish fishermen, vegetable-growers and butchers causing a stir in London's top restaurants

    From farm to fork in Cornwall

    One man is bringing together Cornwall's most accomplished growers, fishermen and butchers with London's best chefs to put the finest, freshest produce on the plates of some of the country’s best restaurants
    Robert Parker interview: The world's top wine critic on tasting 10,000 bottles a year, absurd drinking notes and New World wannabes

    Robert Parker interview

    The world's top wine critic on tasting 10,000 bottles a year, absurd drinking notes and New World wannabes
    Don't believe the stereotype - or should you?

    Don't believe the stereotype - or should you?

    We exaggerate regional traits and turn them into jokes - and those on the receiving end are in on it too, says DJ Taylor