Twitter is latest media company to suffer cyber attack
Twitter is latest media company to suffer cyber attack

The social media giant was hacked last week and is the most recent US company to be targeted, following the high-profile security breaches of The New York Times and The Wall Street Journal.

According to Twitter's director of information security Bob Lord, approximately 250,000 users were affected, with hackers able to access their data including usernames, email addresses, session tokens and encrypted/salted versions of passwords.

He said in a blog post: “We detected unusual access patterns that led to us identifying unauthorised access attempts to Twitter user data. We discovered one live attack and were able to shut it down in process moments later.”

Lord confirmed that Twitter had reset passwords and revoked session tokens for the affected accounts, and encouraged users to ensure they had strong passwords.

He also advised users to follow Apple and Mozilla and disable Java in their browsers, following Java's well-documented zero-day flaw and the subsequent advice of the US Department of Homeland Security.

“This attack was not the work of amateurs, and we do not believe it was an isolated incident. The attackers were extremely sophisticated, and we believe other companies and organisations have also been recently similarly attacked,” said Lord.

Cyber security specialist Sourcefire said that the risk of suffering these types of attacks might be mitigated through the use of retrospective security capabilities.

“This incident is the latest example of how attackers and their tools have advanced to evade traditional defences. The reality is that it's no longer a matter of if attackers get in, but when,” Martin Roesch, founder and interim CEO of Sourcefire, said.

“Point-in-time security that only has one shot to determine if a file is malware does not work by itself. A new model that also collects telemetry for continual analysis of what is happening in your environment is needed. This analysis can be used to determine scope, contain and ultimately remediate the malware automatically. This is what is called retrospective security.”