Shortcomings in security or making sure that the domain namer server (DNS) services were secure caused the Twitter redirection on Friday morning.
John Pescatore, vice president and research fellow in Gartner Research, claimed that he was not a Twitter user, but the reality of its redirection seems to be that someone with legitimate Twitter administrative credentials logged in to Twitter's DNS account at DynDNS and redirected DNS to the hacker site.
He claimed that the attack was caused by a bad choice of password, particularly when DynDNS only requires a six character password for its free accounts so that the Twitter DNS administrator could have been using an easily guessable password.
Alternatively he said that a bot or phish could have captured the password from a Twitter employee, the DynDNS password could have been reset by social engineering tactics or the DynDS administrative servers were compromised.
Pescatore said: “Each of those areas either point out Twitter shortcomings in security, or Twitter shortcomings in choosing a DNS service provider and making sure that service was secure enough for Twitter's business needs.
“Bottom Line: DNS services are mission critical. If you are using an external DNS supplier, you have to make sure they will run DNS as securely as you need to run it.”
Danny McPherson, chief security officer at Arbor Networks, said: “I suspect most organisations spend far more in a single day (at a single location) on coffee filters or toilet paper than they do annually on DNS provisioning function security.
“Yet they throw millions at tape backups, site security, and all those sexier components, when what most matters [first] to keep their internet presence functioning – the availability and integrity of that DNS provisioning data, is sorely neglected.”