Saturday, September 10, 2011

FBI begins probes into NBC Twitter account hack involving faked Ground Zero attack Tweets

The United States is on high alert after what have been called credible threats made for the 10th anniversary of 9/11. Thus, a set of Tweets made to the Twitter account of NBC News reporting an airliner attack on Ground Zero were taken seriously on Friday. They were, however, faked by hackers.

The first Tweet said, "Breaking News! Ground Zero has just been attacked. Flight 5736 has crashed into the site, suspected hijacking. More as the story develops," on Friday afternoon. It was followed by two others, one mentioning a flight 4782, and another that began "This is not a joke."  The first and last Tweets were accompanied by avatars that should have been a clue, though.

To those concerned about an actual attack, it wasn't a joke, but to the perpetrators, it was. The next Tweet from the account said, "NBCNEWS hacked by The Script Kiddies."

It's an interesting name for the group. The term Script Kiddie is a derogatory one among hackers; it refers to those who use scripts or programs developed by others to attack websites and computer systems, and thus is usually applied to those not talented enough to hack on their own.

Graham Cluley of security firm Sophos said that Twitter should offer extra security measures to prevent these sorts of incidents, which otherwise will continue to occur, or even accelerate. Two-factor authentication is a possibility, with Cluley saying,

"Twitter should be applauded for taking such quick action (in suspending the accounts), but isn't it time that there was better security available to accounts which have a large number of followers, or who (like media organizations) may cause public panics if someone breaks in and starts tweeting false news stories about terrorist attacks? I, for one, would like to see Twitter and other social media sites offer an additional level of authentication for those who want to better defend their accounts. I fear that, unless that happens, we will continue to see high-profile accounts hacked and brands damaged as hackers run rings around them."

Only three NBC executives have the password for that Twitter account.

On Friday night, FBI officials confirmed that agents from the bureau's computer crimes unit were investigating the incident. The Script Kiddies are hackers who recently split from two better-known hacking collectives, ones which we have discussed numerous times: "Anonymous" and "LulzSec."

Both of those groups have been the targets of law enforcement investigations globally.

The Script Kiddies seems to have it in for mainstream media. In July, the same group targeted the Twitter account of Fox News, defacing it with Tweets that U.S. President Barack Obama had been shot and killed.

No comments: