Verdict lists five top tweets on cybersecurity in May 2022 based on data from GlobalData’s Technology Influencer Platform.

The top tweets are based on total engagements (likes and retweets) received on tweets from more than 841 cybersecurity experts tracked by GlobalData’s Technology Influencer platform during May 2022.

The most popular tweets on cybersecurity in May 2022: Top five

1. Brian Krebs’s tweet on a US law enforcement portal breach

Brian Krebs, an investigative reporter at a computer security and cybercrime blog KrebsOnSecurity.com., shared an article on the US Drug Enforcement Administration (DEA) examining reports of hackers gaining unauthorised access to a law enforcement portal, esp.usdoj.gov, which is the Law Enforcement Inquiry and Alerts (LEIA) system managed by the DEA.  The agency portal handles 16 different federal law enforcement databases, the article detailed.

The LEIA system was accessed using a name and password of an authorised user of the esp.usdoj.gov portal. Investigations revealed that the site can be penetrated via a personal identification number or PIV card, which is generally used across the US government to tap into federal facilities and information systems, the article noted. Researchers claim that the screenshots revealed by the hackers show that they can view sensitive information, as well as provide false records to intelligence and law enforcement databases.

Username: briankrebs

How well do you really know your competitors?

Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.

View profiles in store

Company Profile – free sample

Thank you!

Your download email will arrive shortly

Not ready to buy yet? Download a free sample

We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form

By GlobalData

Submit

UK USA Afghanistan Åland Islands Albania Algeria American Samoa Andorra Angola Anguilla Antarctica Antigua and Barbuda Argentina Armenia Aruba Australia Austria Azerbaijan Bahamas Bahrain Bangladesh Barbados Belarus Belgium Belize Benin Bermuda Bhutan Bolivia Bonaire, Sint Eustatius and Saba Bosnia and Herzegovina Botswana Bouvet Island Brazil British Indian Ocean Territory Brunei Darussalam Bulgaria Burkina Faso Burundi Cambodia Cameroon Canada Cape Verde Cayman Islands Central African Republic Chad Chile China Christmas Island Cocos Islands Colombia Comoros Congo Democratic Republic of the Congo Cook Islands Costa Rica Côte d"Ivoire Croatia Cuba Curaçao Cyprus Czech Republic Denmark Djibouti Dominica Dominican Republic Ecuador Egypt El Salvador Equatorial Guinea Eritrea Estonia Ethiopia Falkland Islands Faroe Islands Fiji Finland France French Guiana French Polynesia French Southern Territories Gabon Gambia Georgia Germany Ghana Gibraltar Greece Greenland Grenada Guadeloupe Guam Guatemala Guernsey Guinea Guinea-Bissau Guyana Haiti Heard Island and McDonald Islands Holy See Honduras Hong Kong Hungary Iceland India Indonesia Iran Iraq Ireland Isle of Man Israel Italy Jamaica Japan Jersey Jordan Kazakhstan Kenya Kiribati North Korea South Korea Kuwait Kyrgyzstan Lao Latvia Lebanon Lesotho Liberia Libyan Arab Jamahiriya Liechtenstein Lithuania Luxembourg Macao Macedonia, The Former Yugoslav Republic of Madagascar Malawi Malaysia Maldives Mali Malta Marshall Islands Martinique Mauritania Mauritius Mayotte Mexico Micronesia Moldova Monaco Mongolia Montenegro Montserrat Morocco Mozambique Myanmar Namibia Nauru Nepal Netherlands New Caledonia New Zealand Nicaragua Niger Nigeria Niue Norfolk Island Northern Mariana Islands Norway Oman Pakistan Palau Palestinian Territory Panama Papua New Guinea Paraguay Peru Philippines Pitcairn Poland Portugal Puerto Rico Qatar Réunion Romania Russian Federation Rwanda Saint Helena, Ascension and Tristan da Cunha Saint Kitts and Nevis Saint Lucia Saint Pierre and Miquelon Saint Vincent and The Grenadines Samoa San Marino Sao Tome and Principe Saudi Arabia Senegal Serbia Seychelles Sierra Leone Singapore Slovakia Slovenia Solomon Islands Somalia South Africa South Georgia and The South Sandwich Islands Spain Sri Lanka Sudan Suriname Svalbard and Jan Mayen Swaziland Sweden Switzerland Syrian Arab Republic Taiwan Tajikistan Tanzania Thailand Timor-Leste Togo Tokelau Tonga Trinidad and Tobago Tunisia Turkey Turkmenistan Turks and Caicos Islands Tuvalu Uganda Ukraine United Arab Emirates US Minor Outlying Islands Uruguay Uzbekistan Vanuatu Venezuela Vietnam British Virgin Islands US Virgin Islands Wallis and Futuna Western Sahara Yemen Zambia Zimbabwe Kosovo

Industry * Academia & Education Aerospace, Defense & Security Agriculture Asset Management Automotive Banking & Payments Chemicals Construction Consumer Foodservice Government, trade bodies and NGOs Health & Fitness Hospitals & Healthcare HR, Staffing & Recruitment Insurance Investment Banking Legal Services Management Consulting Marketing & Advertising Media & Publishing Medical Devices Mining Oil & Gas Packaging Pharmaceuticals Power & Utilities Private Equity Real Estate Retail Sport Technology Telecom Transportation & Logistics Travel, Tourism & Hospitality Venture Capital

Tick here to opt out of curated industry news, reports, and event updates from Verdict.

Submit and download

Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.

Twitter handle: @briankrebs

Likes: 690

Retweets: 395

2. Kim Zetter’s tweet on military-made cyberweapons to be available on the dark web

Kim Zetter, an investigative journalist, tweeted on the distinction between military-made weapon, cybercrime malware or a commercial entity like NSO, stating that the difference depends on the sophistication, intent, and manner in which a weapon is used. Zetter further shared an article on Interpol Secretary General Jurgen Stock’s warning of military-made cyberweapons likely to be available on the dark web in some years from now. The dark web or darknet, he describes, is the concealed part of the internet which Google or other search engines cannot access in the coming years.

Interpol officials warned that digital tools developed and used by the military for cyberwarfare is likely to be misused by cybercriminals. The article further highlighted that cyberweapons come in various forms along with ransomware, where hackers lock down a company’s computer systems and demand a ransom payment to restore control.

The Russia-Ukraine has further led to renewed concerns over cyberwar, with cyberattacks having more than doubled worldwide in 2021, as per the World Economic Forum’s Global Cybersecurity Outlook report, the article detailed. The report further highlighted that ransomware attacks continue to be the most popular, with organisations being targeted 270 times a year on an average. Therefore, government officials believe that cyber incidents are likely to pose serious risks for both supply chains and critical energy infrastructure.  

Username: Kim Zetter

Twitter handle: @KimZetter

Likes: 200

Retweets: 38

3. Graham Cluley’s tweet on GoodWill ransomware asking victims to perform good deeds

Graham Cluley, a cybersecurity expert, shared an article on GoodWill ransomware does the same by encrypting the usual file types, such as databases, documents, videos, and photographs, thereby locking the one’s access to content, but in return for acts of kindness and not to extort money from its victims. The ransomware requests its victims to perform three acts of goodwill in order to retrieve their files and the decryption key, the article noted.

For example, the first request is to offer blankets and new clothing to the homeless. The second request is to take five underprivileged children, under the age of 13, to any eatery like the Domino’s, Pizza Hut, or KFC and allow them to order food of their choice. The third act of goodwill is to offer financial support to individuals who require immediate medical attention but cannot afford the treatment. When convinced with the proof of the videos of the goodwill acts, the ransomware attackers return with a decryption tool, which is either a video or a key, to help victims recover their scrambled filed, the article highlighted.

Username: Graham Cluley

Twitter handle: @gcluley

Likes: 131

Retweets: 39

4. Zack Whittaker’s tweet on hacker scraping an internal database of Verizon employees

Zack Whittaker, security editor at a news website TechCrunch, shared an article on a hacker tricking an employee of the telecommunications company Verizon into giving remote access to their corporate computer. This allowed the hacker to then steal an internal database of hundreds of Verizon employees, the article detailed. The data contains information, including full name, corporate ID numbers, email addresses, and phone numbers, which experts believe can be used in social engineering and SIM swapping attacks.

The article further noted that the hacker approached Verizon and shared the email sent to the company about the hack, requesting an offer of $250,000 in return for the leaked files. The hacker also threatened to release the employee directory information if not paid the ransom, and was in contact with the company, a Verizon spokesperson confirmed.

Username: Zack Whittaker

Twitter handle: @zackwhittaker

Likes: 78

Retweets: 44

5. Stephanie Carruthers’s tweet on the US DoD losing $23.5m to a phishing operation

Stephanie Carruthers, a chief people hacker at X-Force Red, a global team of ethical hackers and security professionals at the technology company IBM, tweeted on the US Department of Defence (DoD) being deceived into paying a phishing actor $23.5m in damages. The 40-year-old Sercan Oyuntur was convicted by the US Department of Justice (DoJ) for numerous counts related to a phishing operation, where he diverted DoD funds meant for a jet fuel supplier to his personal bank account, the article highlighted.

The article further detailed that the phishing fraud occurred in September 2018, where Oyuntur and his co-conspirators registered the domain dia-mil.com, to resemble the original dla.mil to send phishing emails. An eight-day trial at Camden, California, charged Oyuntur for bank, wire and mail fraud, unauthorised device access, false statements, and aggravated identity theft, to federal officers. He is expected to face a maximum sentence of 30 years in prison, along with a fine of $1m, or double the gross profits of the loss resulting from his fraudulent activities, the article noted.

Username: Stephanie Carruthers

Twitter handle: @_sn0ww

Likes: 84 Retweets: 25