Welcome to The Cybersecurity 202! I concur with the latest episode of the âItâs Always Sunny Podcastâ: When you have a bad day, go look at cat memes.
Published on January 25th, 2023 📆 | 7031 Views ⚑
0‘GodMode’ access is still a problem at Twitter, another whistleblower alleges
More allegations bubble up about Twitterâs âGodModeâ cyber problems
Any Twitter engineer today can still activate a program that would allow them to tweet from any account, according to a new whistleblower who has emerged and filed a complaint with the Federal Trade Commission.
It backs up claims in an earlier whistleblower complaint by Peiter âMudgeâ Zatko, who made more extensive allegations about Twitter security problems, my colleague Joseph Menn reports. The program in question in the latest complaint was once known as âGodModeâ at the company.
Furthermore, âTwitter does not have the capability to log which, if any, engineers use or abuse GodMode,â the new complaint says.Â
One very notable element of the complaint is that it was filed in October â after billionaire Elon Musk purchased the company â and the problem allegedly continues.
- Musk inherited his share of security woes from the prior leadership of the social media platform, from a 2011 FTC consent decree to the subjects of Zatkoâs headline-catching congressional testimony and complaint.Â
- Much (albeit not all) regulatory scrutiny of Twitter security thus far has been for things that didnât happen under his ownership. Twitter recently rebuffed claims about an alleged data breach that surfaced online last month.
- Recently departed security staffers told The Washington Post matters have gotten worse, rather than better, under Musk.
As with Zatkoâs complaint, which contended Twitter was in violation of the 2011 FTC consent decree that followed breaches at the company, the latest whistleblower complaint contends that Twitterâs activity could put it in legal jeopardy.
âAfter the 2020 hack in which teenagers were able to tweet as any account, Twitter publicly stated that the problems were fixed,â the new complaint says. âHowever, the existence of GodMode is one more example that Twitterâs public statements to users and investors were false and/or misleading.â
âOur client has a reasonable belief that the evidence in this disclosure demonstrates legal violations by Twitter,â it says.
The companyâs current head of trust and safety, Ella Irwin, didnât respond to an email seeking comment on the latest claims in the story by Joe. Former CEO Parag Agrawal, the chief executive for a year before Musk fired him in October, did not respond to a Twitter message seeking comment.
The whistleblower, who spoke with the Senate Judiciary Committee last week and the House Energy and Commerce panel before that, âalso spoke with The Post on the condition of anonymity because other former employees have been threatened and harassed,â per Joeâs story.
- âIn that interview, the new whistleblower said that following internal objections about the program, engineers had changed its name to âprivileged mode.â The whistleblower said the purpose of the program was to allow Twitter staff to tweet on behalf of advertisers unable to do it themselves.â
- â[T]he new whistleblower complaint says the GodMode code remains on the laptop of any engineer who wants it. All they would have to do is change a line of the code from FALSE to TRUE and run it from a production machine that they could reach through an easily accessible communications protocol known as SSH.â
- âThe complaint includes screenshots of the code in question. The program line that allows a GodMode user to delete tweets contains the capitalized comment: âTHINK BEFORE YOU DO THIS.ââ
- Said the whistleblower: âThey removed this from one interface, but it still existed in other ways. They just changed the lock on one of the many front doors.â
A worrisome element of this access, the whistleblower said in the interview, is that Twitter engineers have been hacked in the past.
The nonprofit law firm Whistleblower Aid filed both complaints â Zatkoâs and the latest.
Ticketmaster blames cyberattack for chaotic Taylor Swift ticket sale
A wave of malicious bots launched an âattackâ on Ticketmaster servers as Taylor Swift fans tried to land presale tickets last fall, a Live Nation executive is set to tell the Senate Judiciary Committee this morning.
âWe were ⊠hit with three times the amount of bot traffic than we had ever experienced, and for the first time in 400 Verified Fan onsales they came after our Verified Fan access code servers,â reads the prepared testimony from Joe Berchtold, president and chief financial officer of Live Nation Entertainment, which was formed in 2010 by the merger of Live Nation and Ticketmaster. âWhile the bots failed to penetrate our systems or acquire any tickets, the attack required us to slow down and even pause our sales.â
Berchtold is also set to argue to the Judiciary Committee that âindustrial scalpersâ are âbreaking the law using bots and cyberattacks to try to unfairly gain tickets,â which âcontributes to an awful consumer experience.â
Ticketmaster said at the time that high demands on the ticketing system forced them to suspend ticket sales for the pop megastarâs tour. Berchtoldâs accounting of what happened adds further explanations, such as a volume of bot traffic â which have a history of bedeviling the broker â that was three times what it had ever experienced. But it also adds questions about the specifics of the âcyberattacksâ that Ticketmaster is alleging.
South Dakota governor says phone was hacked
South Dakota Gov. Kristi L. Noem (R) linked the apparent hack to the disclosure of her Social Security number by the House committee investigating the Jan. 6, 2021, attack on the U.S. Capitol, but she hasnât offered evidence for how she knows they were related, the Associated Press reports. Noem has asked the Justice Department and Congress to investigate the publication of her Social Security number, which was first reported by The Post.
âCallous mishandling of personal information has real world consequences,â Noem said in a statement. âIf you get such a phone call from my number, know that I had no involvement.âÂ
The South Dakota Fusion Center has been notified of the incident, Noem said in the statement.
European law enforcement officials say theyâve seized millions in wake of Bitzlato shutdown
Law enforcement officials have seized around 18 million euros ($19.5 million) worth of cryptocurrency and have frozen 50 million euros ($54 million) in at least 100 accounts at cryptocurrency exchanges, Europol said in a statement. The announcement comes days after the U.S. Justice Department announced that it had charged cryptocurrency exchange Bitzlatoâs Russian owner, Anatoly Legkodymov.Â
âWhile the conversions of crypto-assets into fiat currencies is not illegal, investigations into the cybercriminal operators indicated that large volumes of criminal assets were going through the platform,â Europol wrote in its statement. It said that investigators found that around 46 percent of assets exchanged with Bitzlato â worth around 1 billion euros ($1.08 billion) â was linked to criminal activity.
- CIA deputy director for analysis Linda Weissgold speaks at an event hosted by the Intelligence and National Security Alliance today at 9 a.m.
- The Senate Foreign Relations Committee holds a hearing on countering Russia on Thursday at 10:30 a.m.
- The R Street Institute hosts an event on privacy and security legislation on Thursday at 4 p.m.
Thanks for reading. See you tomorrow.
Gloss