Verdict lists ten of the most popular tweets on cybersecurity in Q4 2020 based on data from GlobalData’s Influencer Platform. The top tweets were chosen from influencers as tracked by GlobalData’s Influencer Platform, which is based on a scientific process that works on pre-defined parameters. Influencers are selected after a deep analysis of the influencer’s relevance, network strength, engagement, and leading discussions on new and emerging trends.
Top tweets on cybersecurity in Q4 2020
1. Andy Greenberg’s tweet on US charging Russian hackers’ group for cyberattacks
Andy Greenberg, senior writer for WIRED, a monthly technology magazine, shared an article about the US Department of Justice formally charging six members of the Russian hackers group, Sandworm, for carrying out dangerous cyberattacks over the past five years.
Sandworm carried out a slew of destructive attacks including the launch of NotPetya worm originating from Ukraine and later spreading across the world causing damages to the tune of $10bn. The group also temporarily damaged the information technology (IT) backend of the Winter Olympics held in South Korea in 2018.
The members indicted by the justice department were confirmed to be the employees of Russia’s Organisation of the Main Intelligence Administration (GRU) military intelligence agency. The charges mark the first indictment of Sandworm hackers at the global level.
Big news: DOJ today unsealed charges against Sandworm, naming the Russian GRU hackers who have for 5 years crossed every red line in cyberwar from blackouts to disrupting the Olympics to unleashing the NotPetya worm that cost $10 billion. https://t.co/2eviueSKT5 < Updates to come
— Andy Greenberg (@a_greenberg) October 19, 2020
Username: Andy Greenberg
Twitter handle: @a_greenberg
2. Mikko Hyponnen’s tweet on hacker attacking a psychotherapy clinic
Miko Hyponnen, a computer security expert, tweeted on a hacker stealing therapist notes of around 40,000 patients from a private psychotherapy clinic in Finland. The attacker who addresses himself as ‘ransom_man’ emailed the details to patients, demanding a ransom of $243 from each of them in Bitcoin.
The hacker manages a Tor site where therapy session notes of 300 patients have already been published. The fact that some of the victims are minors is a cause for serious concern, Miko added.
Highly unusual ransom case underway here in Finland: a private psychotherapy clinic was hacked, and the therapist notes for maybe even 40,000 patients were stolen. Now the attacker has emailed the victims, asking each for 200 € ransom in Bitcoin. #vastaamo
— @mikko (@mikko) October 24, 2020
Username: Mikko Hypponen
Twitter handle: @mikko
3. Lorenzon Franceschi Bicchieai’s tweet on Apple paying hackers to detect bugs in their products
Lorenzo Franceschi Bicchierai, senior writer at Motherboard, a technology website, shared an article about Apple paying hackers a whopping $288,500 for tracking down 55 potentially threatening bugs in the company’s products in a span of 90 days. The hackers revealed that they could gain access to Apple’s source code repository, where codes for various applications, iOS and macOS are stored.
The most dangerous bug discovered by hackers had the potential to allow criminals to produce a worm that can easily steal the entire information including documents, videos and photos from an Apple user’s iCloud account and do likewise with the target’s contacts.
NEW: Apple paid five hackers a grand total of $51,500 for finding 55 bugs in three months.
One vuln could have allowed hackers to make a worm that could steal all iCloud data, another allowed the researcher to access an Apple source code repo. https://t.co/xYvKnLVJYA
— Lorenzo Franceschi-Bicchierai (@lorenzofb) October 8, 2020
Username: Lorenzo Franceschi Bicchierai
Twitter handle: @lorenzofb
4. Kevin Beaumont’s tweet on ransomware attack in Michigan
Kevin Beaumont, senior threat intelligence analyst at Microsoft, tweeted on Mt. Pleasant city in Michigan, US bearing the brunt of a remote ransomware attack. The attack was discovered on the city’s phone and computer systems, but the city’s firewall was not affected.
The Michigan State Police are investigating into the cyberattack and are not considering a ransom payment, as currently there is no evidence of infringement of personal information.
“The city’s firewall remained secure” https://t.co/Fh4vNROzi5
— Kevin Beaumont (@GossiTheDog) October 13, 2020
Username: Kevin Beaumont
Twitter handle: @GossiTheDog
5. Briankrebs’ tweet on US treasury department warning firms against making ransom payments
Briankrebs, an independent investigative journalist, shared an article about the treasury department of US issuing a warning to companies about the repercussions they could face for negotiating with ransomware sharks. The treasury’s Office of Foreign Assets Control (OFAC) announced that payment of ransom to ransomware extortionists could result in hefty fines on businesses, especially if the attackers are already facing economic sanctions.
With financial losses caused by cybercriminals to digital companies increasing steeply over the last few years, the treasury imposed economic sanctions on the attackers by freezing their interests and properties. Firms that go against the OFAC sanctions without holding a treasury ‘license’ could face fines of up to $20m, the article noted.
In an advisory today, The Treasury Dept. warned that companies victimized by ransomware and those that facilitate ransom payments could face steep fines if they end up paying crooks who are already under economic sanctions https://t.co/SEGX42wSSB pic.twitter.com/0voczla1NN
— briankrebs (@briankrebs) October 1, 2020
Twitter handle: @briankrebs
6. Robert M. Lee’s tweet on OFAC imposing sanctions on Russian government research agency
Robert M. Lee, CEO of Dragons, an industrial cybersecurity company, shared an article on US treasury’s OFAC imposing sanctions on a Russian government research institution for its connection with Triton malware. Triton was exclusively created for targeting and manipulating industrial safety systems, which enable safe stoppage of industrial processes in emergencies at important infrastructure units.
The Triton malware was earlier used against US allies in the Middle East, when the cybercriminals were involved in scanning and probing of US facilities. In the recent years, Russian hackers also targeted international agencies like the Organisation for the Prohibition of Chemical Weapons and the World Anti-Doping Agency.
This style of sanctioning is significant and honestly entirely appropriate against those involved in the first ever cyber attack to intentionally try to kill people in civilian infrastructure. #TRISIS #TRITON https://t.co/dVzAn0kusq
— Robert M. Lee (@RobertMLee) October 23, 2020
Username: Robert M. Lee
Twitter handle: @RobertMLee
7. Thaddeus T. Grugq’s tweet on Microsoft dismantling Russian hacking network
Thaddeus T. Grugq, an information security researcher, shared an article on Microsoft joining forces with various cybersecurity firms to take down Russia’s hacking network, Trickbot, which is the world’s biggest botnet. Trickbot had the potential to disturb the US elections and was responsible for a ransomware attack that locked up systems at hundreds of US hospitals in the past.
The US military also launched cyberattacks on Trickbot recently, but the operation dismantled the hacking network for only 72 hours, whereas the takedown executed by Symantec, ESET, Black Lotus Labs, NTT and FS-ISAC in collaboration with Microsoft could have a long-term effect.
How could the next thing have been elections? Why? Ransomware is financial. Elections generate no money and get countries mad at you. Not everything in cyber is about elections. https://t.co/euldqIOiYN
— thaddeus e. grugq (@thegrugq) October 13, 2020
Username: Thaddeus E. Grugq
Twitter handle: @thegrugq
8. Zack Whittaker’s tweet on governments urging tech companies to reduce security level
Zack Whittaker, security editor at TechCrunch, a tech news website, tweeted on how it is not secure for tech giants to reduce their level of security despite the requests of several international governments.
The governments of the US, UK, Canada, Australia, New Zealand, India and Japan expressed concern over using end-to-end encryption by tech companies, that could make it difficult for countries to detect dangerous information like terrorist attacks and also obstruct police investigation.
The head of UK’s National Cyber Security Centre (NCSC) called for a fair dialogue on the issue but Whittaker differs with the former’s viewpoint as he avers that security experts apprised governments in the past that securing backdoor encryption was not feasible without allowing hackers into the network.
No it doesn't (and not an unexpected take from the former head of NCSC). Cryptographers and security experts have been telling governments for years that there's no secure way to backdoor encryption for law enforcement without giving hackers a way in, but you refused to listen. https://t.co/HEHYCO4w6N
— Zack Whittaker (@zackwhittaker) October 19, 2020
Username: Zack Whittaker
Twitter handle: @zackwhittaker
9. Eric Geller’s tweet on Russia targeting US government and aviation networks
Eric Geller, cybersecurity reporter at POLITICO, a political journalism website, shared an article about different state, local, territorial, and tribal (SLTT) governments in the US and aviation networks being targeted by Russia’s government sponsored advanced persistent threat (APT) actor activity. The US government’s Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) released this information in a joint cybersecurity advisory.
The APT actor known by various names in open-source reporting organised a campaign against a wide range of US targets, tried to infringe upon various SLTT agencies and disrupted network infrastructure in the past few months, apart from extracting data from two target servers.
Two new alerts just now from @CISAgov about foreign governments targeting U.S. networks.
First, CISA names Russia as the actor it previously described targeting state & local govt & aviation: https://t.co/oMs6369M4W
The hackers have stolen data from at least 2 victim servers. pic.twitter.com/sNwDuCdSfA
— Eric Geller (@ericgeller) October 22, 2020
Username: Eric Geller
Twitter handle: @ericgeller
10. Troy Hunt’s tweet on hacking of Trump’s twitter account for the second time
Troy Hunt, a web security consultant, shared an article on former US President Donald Trump’s twitter account being hacked for the second time in October 2020. Three Dutch hackers had previously accessed Trump’s twitter account in the run up to US presidential elections in 2016.
The article noted that the official twitter account of the President of The United States (POTUS) not having two-factor authentication enabled is very shocking and exposed the lackadaisical approach on the account handlers’ part, as the social networking site mandates authentication process for verified accounts.
Trump’s account was unaffected in July 2020’s Twitter hack, when accounts of former president Barack Obama and the current US President Joe Biden were compromised.
— Troy Hunt (@troyhunt) October 22, 2020
Username: Troy Hunt
Twitter handle: @troyhunt