1. Home
  2. Nation
  3. PM Modi’s Twitter account hacking is more dangerous than what we think

PM Modi’s Twitter account hacking is more dangerous than what we think

By Saima Siddiqui 
Updated Date

New Delhi: Early on Sunday, a tweet was send from Prime Minister Narendra Modi’s Twitter account announcing that “India has officially adopted bitcoin as legal tender”. The tweet, which comes at a time when India is looking to prohibit private cryptocurrencies, was quickly removed and the PM’s handle said the matter had been “escalated to Twitter”.

Also Read :- Crackdown on child marriage continues in Assam, number of total arrests rises to 2,441

It’s almost laughable that yet another Twitter Inc. hack – this time on the account of Indian Prime Minister Narendra Modi – should once again become the vehicle for spruiking Bitcoin. “India has officially adopted bitcoin as legal tender,” the tweet sent by hackers from his account read. “The government has officially bought 500 BTC and is distributing them to all residents of the country.”

According to Twitter, however, the PM’s account was not compromised due to any breach in the social platform’s system.

“We have 24X7 open lines of communication with the PM’s Office and our teams took necessary steps to secure the compromised account as soon as we became aware of this activity,” a Twitter spokesperson told ThePrint via e-mail. “Our investigation has revealed that there are no signs of any other impacted accounts at this time.”

Notably, Twitter took responsibility last year when several high-profile accounts were compromised in a crypto scam.

Also Read :- Bihar: 3 New Vande Bharat trains are likely to be launched in April. Check routes here

As implausible as that message sounds, the entire incident – from exploit to outcome – tells us a lot about hacking culture and the variety of actors out there trying to break into computer systems.

It’s not the first time. 

In July 2020 more than 100 famous accounts were breached including those of Barack Obama, Joe Biden, Bill Gates, Elon Musk, Kanye West and Apple Inc. Once they got access, the attackers went on to promote a Bitcoin scam to millions of these victims’ followers. 

The details of that incident are dripping with delicious irony. First up, the hackers’  use of Bitcoin was in fact their undoing — U.S. law enforcement officers tracked down the cryptocurrency accounts and found that they’d used their driver’s licenses for authentication. And, the breach was conducted through old-fashioned social engineering — tricking Twitter staff into giving login credentials, which allowed access to the target accounts.

So even though this was a prank, a somewhat well-trodden one at that, there is a serious side to it. It should be of grave concern that one of the most powerful outlets in the world was once again breached, allowing unauthorized access to the media equivalent of the nuclear codes. What’s immediately obvious about this specific event is that the perpetrators were more mischievous than malicious. Pitching Bitcoin has become the Rick Roll of the hacking community — a funny prank rather than a nasty attack.

Also Read :- Delhi Mayor election disrupted for 3rd time amid huge protest

One can only image what might have happened if the Twitter account of the democratically elected leader of an increasingly authoritarian government decided to declare a second demonetization or an escalation of its conflicts with China or Pakistan. We should be thankful that the attackers chose Bitcoin as the subject of their tweets, not economic or military destruction.

The world might not be so lucky next time. A few hacks of Twitter has proven to the rest of the community that this is a target with vulnerabilities, and others — possibly with state backing or terrorist links — will think of better ways to abuse that weakness than promoting crypto scams. And clearly Twitter itself continues to drop the ball on the fundamental task of keeping its system robust as it balances usability with security.

May we laugh and appreciate the prankster nature of the best hackers around. But let’s keep in mind that breaching social media is all fun and games until someone gets hurt.

If not a Twitter security lapse, then what?

It is “unlikely” that PM Modi’s account would have been compromised if two-factor authentication had been enabled, said an expert adding that, ideally, for such an important account, an “air-gapped device” should be used, which means that the device should be used only for Twitter and not for browsing other sites since this would make it harder for the account to be compromised.

Twitter also explains that accounts may be compromised by a “malicious third-party application or website” you have shared username and password with. It further warns that you should be “especially” cautious about sharing details with third parties who promise “to get you followers, make you money, or verify you”.

Also Read :- DGCA fines Vistara Airlines Rs 70 lakh for not operating mandated minimum number of flights to Northeast

The microblogging site adds that compromises may also occur due to malware and viruses on the device, or a weak password that is easy to identify.

Twitter recommends setting a strong password not used anywhere else, and enabling two-factor authentication so that logging in requires, in addition to a password, another factor like a security code. Security keys are another effective option.

According to a transparency report released by Twitter in July this year, only 2.3 per cent of active users reported using at least one method of two-factor authentication between June and December 2020.

For the latest news and reviews, follow us on Facebook, YouTube and Twitter पर फॉलो करे...