San Francisco – Twitter issued a warning to media organisations to improve the security of their tweeting procedures following several high profile hacks in recent weeks.
Meanwhile, federal financial market regulators meeting in Washington discussed risks to the financial market from such cyber attacks on social media channels.
In a memo sent to hundreds of media outlets and posted on the Buzzfeed.com website, the internet company said that the hacking incidents appeared to have stemmed from “spear phishing” attacks that masquerade as legitimate e-mails targeting the journalists running media organisations’ Twitter accounts.
The advisory said that organisations should use a dedicated computer to post to Twitter to reduce the chances of a malware infection and should “minimise the number of people” with access to accounts to prevent human error.
“There have been several recent incidents of high-profile news and media Twitter handles being compromised. We believe that these attacks will continue, and that news and media organisations will continue to be high value targets to hackers,” the memo stated.
Twitter advised users to use strong passwords at least 20 characters long to access the service and different passwords for their e-mail accounts.
Twitter hit the headlines last week when the main feed of The Associated Press was hacked by a group called the Syrian Electronic Army, and a bogus message was posted about an attack on the White House.
Organisations such as CBS, the BBC, The Guardian and football governing body FIFA have had their Twitter feeds hacked in recent weeks.
The AP incident caused the benchmark Standard and Poor’s 500 index to drop by about 1% in the three minutes before the news wire refuted the hacked report. The stock-market gauge recovered its original level within the next three minutes.
The Commodity Futures Trading Commission, which regulates derivatives markets, is launching a process to examine possible regulation of automated trading, chair Gary Gensler said in a public meeting on technology issues on Tuesday in Washington.
The commission has no oversight over stock markets but noted that last week’s S&P 500 plunge was blamed on so-called scrape-and-trade algorithms, which harvest data from information feeds to speed buy and sell decisions. Similar new techniques could be used in commodities trading.
“We’re not immune from the same operational issues,” Gensler said.
He noted that similar cyber threats to market integrity could come from hackers, terrorists, hostile governments and even would-be market manipulators. “It’s a bit of an arms race,” Gensler said.
Evelyn Fuhrer, managing director of risk management and regulatory compliance consultant Promontory Financial, said that the AP Twitter hack could have been far more damaging to markets if a determined cyber attacker had co-ordinated multiple hoax reports.
“I actually think we got lucky. It was one feed,” said Fuhrer, a member of the futures commission’s advisory committee.